urlscan.io logo urlscan.io
SecurityTrails logo

185.198.117.126 Open in urlscan Pro
185.198.117.126  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://185.198.117.126/
Effective URL: https://185.198.117.126/it
Submission: On February 10 via api from BY — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 43 HTTP transactions. The main IP is 185.198.117.126, located in Italy and belongs to NEXI-AS, IT. The main domain is 185.198.117.126.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 4th 2023. Valid for: a year.
This is the only time 185.198.117.126 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

23    185.198.117.126 (Italy)

ASN35051 (NEXI-AS, IT)
185.198.117.126
1    151.101.64.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:2251:3a00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.51.248.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-248-234.eu-west-1.compute.amazonaws.com
apps.mypurecloud.ie
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    54.86.11.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-11-143.compute-1.amazonaws.com
apps.mypurecloud.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
5 mypurecloud.com
apps.mypurecloud.com — Cisco Umbrella Rank: 9622
189 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
434 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4363
89 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
210 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114
455 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2173
254 B
1 mypurecloud.ie
apps.mypurecloud.ie — Cisco Umbrella Rank: 82096
7 KB
1 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3852
90 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 366
31 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3689
42 KB
43 11
Domain Requested by
5 apps.mypurecloud.com apps.mypurecloud.ie
4 www.gstatic.com www.google.com
www.gstatic.com
2 sdk.privacy-center.org 185.198.117.126
sdk.privacy-center.org
2 www.google.com 185.198.117.126
www.gstatic.com
2 www.googletagmanager.com 185.198.117.126
www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com www.google.com
1 apps.mypurecloud.ie 185.198.117.126
1 acsbapp.com 185.198.117.126
1 ajax.googleapis.com 185.198.117.126
1 cdn.evgnet.com 185.198.117.126
43 12

This site contains links to these domains. Also see Links.

Domain
ecommerce.nexi.it
www.nexi.it
it-it.facebook.com
www.youtube.com
twitter.com
it.linkedin.com
Subject Issuer Validity Valid
www.nexi.it
GlobalSign RSA OV SSL CA 2018		 2023-08-04 -
2024-08-21		 a year crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-06 -
2024-03-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
acsbapp.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
mypurecloud.ie
Amazon RSA 2048 M01		 2023-08-20 -
2024-09-16		 a year crt.sh
mypurecloud.com
Amazon RSA 2048 M03		 2023-08-19 -
2024-09-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://185.198.117.126/it
Frame ID: FF9443C01E6987CBE29F0DB95CF76CA0
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=f6eixvqhlhq2
Frame ID: F5BF63496AE15DAEB7E242F885F3BEFC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nexi, l’innovazione dei pagamenti digitali in Italia

Page URL History Show full URLs

  1. http://185.198.117.126/ HTTP 301
    https://185.198.117.126/ HTTP 302
    https://185.198.117.126/it Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • apps\.mypurecloud\.\w+/widgets/([\d.]+)
  • apps\.mypurecloud\.\w+
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

43
Requests

51 %
HTTPS

69 %
IPv6

11
Domains

12
Subdomains

14
IPs

4
Countries

2758 kB
Transfer

5330 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://185.198.117.126/ HTTP 301
    https://185.198.117.126/ HTTP 302
    https://185.198.117.126/it Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request it
185.198.117.126/
Redirect Chain
  • http://185.198.117.126/
  • https://185.198.117.126/
  • https://185.198.117.126/it
133 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
1d8e59eee7e5802676f18a54841c174f8c1ed5ae94d5d522c221e7364c065897
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET, HEAD
Connection
Keep-Alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Feb 2024 04:05:09 GMT
ETag
"21134-610f3e848038d"
Keep-Alive
timeout=5, max=37
Last-Modified
Fri, 09 Feb 2024 14:40:20 GMT
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 10 Feb 2024 04:05:09 GMT
Keep-Alive
timeout=5, max=80
Location
https://185.198.117.126/it
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
uniqueid
142ad0d5eea74b32301ecf9cef906eba
evergage.min.js
cdn.evgnet.com/beacon/nexipayments/engage/scripts/ 		144 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/nexipayments/engage/scripts/evergage.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
681834065104f982c30d1423fdf02c1a084fa738c48d1eba546b7f9f40630597

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
tJJm_XaB23NBElAGTMYQUjP6lOqbmnhX
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sat, 10 Feb 2024 04:05:09 GMT
x-amz-request-id
ERGN76M8HC0T0KJC
age
74
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
42410
x-amz-id-2
IVV+G7sqgnHRkvqpPBRMWvk5hFNgxfdJONnM85MRfst+YPc8oWbvB4elwNOjHka+/28lmNB1KHxcXSCWklaru8ycPAZB5Nv93v822iepR0Y=
x-served-by
cache-iad-kcgs7200109-IAD, cache-mxp6942-MXP
x-amz-meta-evergage-sum
f796e3e856dc0615278df80269c66f4dd1fa1a16
last-modified
Mon, 22 Jan 2024 22:19:04 GMT
server
AmazonS3
x-timer
S1707537910.624100,VS0,VE1
etag
"ac3404833c9f1936add004a5adcc83f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
57356, 1
clientlib-site.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		286 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
fba15097c263db75abe48e8a19dd939fefca68d0f4c248e6d0bc9c1f420924ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 10:25:14 GMT
ETag
"4796c-610272d8a6a13"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
clientlib-chatbot.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		147 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot.css
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
ab87a73113c2e5c71a723edd0af7e1a42f8e05a888f7f333c248f5b587075233
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 10:25:17 GMT
ETag
"24abd-610272dbaf27f"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:13:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Feb 2025 10:13:05 GMT
nexi-logo-white.svg
185.198.117.126/content/dam/nexinew/icone/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/nexi-logo-white.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:01 GMT
ETag
"72c-6104eeee01408"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
nexi-logo-dark.svg
185.198.117.126/content/dam/nexinew/icone/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/nexi-logo-dark.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:01 GMT
ETag
"8fa-6104eeee6319d"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=79
gtm.js
www.googletagmanager.com/ 		412 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c961ee1957a985227f4b0d79e53ea20f39081a340c14d8f25d25f37619d7c87f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121774
x-xss-protection
0
last-modified
Sat, 10 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Feb 2024 04:05:09 GMT
hero-homepage-XPayEasy-new-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/hero-homepage-XPayEasy-new-d.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
82e7bfb3324083cdd6eb00e57daf5476a8df6e67f00769d4298232cdef598c9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:12 GMT
ETag
"1b69a-6104eef837893"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=36
hero-homepage-smartPOS-MP-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/hero-homepage-smartPOS-MP-d.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
b16d7014a313258b9097e2413e5e5ffc9cb8369b266d1861c35ff3c8a6d08a3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:26 GMT
ETag
"13210-6104ef0612a0f"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=77
hero-homepage-softPOS-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/hero-homepage-softPOS-d.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
549b311eefd2b2b223406c9dc24bb05bbef70069a9e37e2de12dfb0900bb7d8b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:08 GMT
ETag
"1ef1e-6104eef4eaad1"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
126750
ico-help.svg
185.198.117.126/content/dam/nexinew/icone/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/ico-help.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:02 GMT
ETag
"253a-6104eeeeaf45d"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
clientlib-site.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		839 KB
841 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
c52f0da6b43677aa6cfa23782d214af14e0d854972a321b610a5d783ad7804d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:16 GMT
ETag
"d1bea-610272db52f7d"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=77
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86c7f7cec2aad8e305dcf57def1edef4fb53829c04ec098562ec010b189994d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 04:05:09 GMT
1
185.198.117.126/g78f9/in/dce15b9dafd272dd100ebb35c1e1c6b8/2/ 		0
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/g78f9/in/dce15b9dafd272dd100ebb35c1e1c6b8/2/1?t=1707537895
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Sat, 10 Feb 2024 04:05:09 GMT
Cache-Control
no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Content-Length
0
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.js
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=185.198.117.126
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1d3cc8c6f4fe05539093356807b5b210b1c5fe33af5e2b14bb6c3eaaa8e505a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:09 GMT
x-didomi-configs-version
95
content-encoding
br
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
2c6c1a0a-a538-470e-b861-a98c2c66a575
etag
W/"15c6b9752475e54a26f3473c07a7ee2b"
vary
Accept-Encoding
x-amzn-trace-id
root=1-65c6f5f5-2e0c4cf0045d633571a90a14;parent=7dcbae67fb73aef4;sampled=0;lineage=eaae1266:0
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
max-age=60, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7DJYK1cxycx3Uzs_42mLNarN8Hh6q7bEY3JoCKk0iyB-ecEAZ0miKA==
app.js
acsbapp.com/apps/app/dist/js/ 		297 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4bd1bfb0e844f06b8dd49f472969dc4d52987a747493f44055170ecd4218aa

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPo12YaAHEpZxZTohaMLaXmHeEHMyU-rxv-Lv3m7sP41rJ5DopUW2seCa79D2bIkDA21X71oozlnKg
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 06 Feb 2024 14:25:20 GMT
server
cloudflare
etag
W/"224f3ab97519091eef3a64ef7dbb22db"
vary
Accept-Encoding
x-goog-hash
crc32c=IFrfhA==, md5=Ik86uXUZCR7vOmTvfbsi2w==
x-goog-generation
1707229520007073
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
304003
cf-ray
853178dfdeafbae2-MXP
expires
Sun, 09 Feb 2025 04:05:09 GMT
KarbonAppMedium.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppMedium.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:19 GMT
ETag
"9a74-610272ddaa7af"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
nexinew.ttf
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/nexinew.ttf
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:20 GMT
ETag
"5360-610272debcfe9"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/font-sfnt
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=76
KarbonApp.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonApp.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:15 GMT
ETag
"9e2c-610272da5eb67"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=35
KarbonAppSemibold.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppSemibold.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:09 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:14 GMT
ETag
"9b3c-610272d8b7f6b"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
39740
recaptcha__it.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 		491 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00c92827f3c8ea120c3458bf77302e3163d3d2b2592af2de8e646594a1d2d14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://185.198.117.126/
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 19:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 19:39:51 GMT
sdk.e3e7ce89cf2fb797c42d1d1f851022dda69413d8.js
sdk.privacy-center.org/sdk/e3e7ce89cf2fb797c42d1d1f851022dda69413d8/modern/ 		342 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/e3e7ce89cf2fb797c42d1d1f851022dda69413d8/modern/sdk.e3e7ce89cf2fb797c42d1d1f851022dda69413d8.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=185.198.117.126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a279c1dd76488b2d880ddf93ee71bf430afc1b737faf66bd092e7dbc57e2e03c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 09:14:21 GMT
content-encoding
br
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Fri, 09 Feb 2024 09:13:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
67849
etag
W/"4bd714250e6d0c88c5dcf7b6161ff39c-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
cEc7aV6rjpolj_a8-rz7LenJkaEIyAFrwYfZFu51_707GvOqDGkODA==
js
www.googletagmanager.com/gtag/ 		270 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2EQBRC1CMY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea147e60bf34df7de032a09ea45e161df087ea3c265931880a3cb7d3025f2f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 10 Feb 2024 04:05:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame F5BF 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=f6eixvqhlhq2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bf703935cea0dfddb6566e1928d29b5bbcb4a396f47147e65b5d536535e10d36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C_sD0a5hWVZwEEkb4hlulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://185.198.117.126/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-C_sD0a5hWVZwEEkb4hlulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Feb 2024 04:05:10 GMT
expires
Sat, 10 Feb 2024 04:05:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame F5BF 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=f6eixvqhlhq2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 19:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Feb 2025 19:46:41 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame F5BF 		491 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=f6eixvqhlhq2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00c92827f3c8ea120c3458bf77302e3163d3d2b2592af2de8e646594a1d2d14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 19:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 19:39:51 GMT
cxbus.min.js
apps.mypurecloud.ie/widgets/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.ie/widgets/cxbus.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.248.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-248-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:10 GMT
content-encoding
gzip
x-amz-version-id
1kAEZv3DDIl6UzBFjZH9psDU6j6aHD5B
last-modified
Wed, 15 Nov 2023 08:57:08 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
K46CEM3CATSPJ2YR
etag
"15e290c6392b7f9f12f9d72ed3a6506a"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
6977
x-amz-id-2
LRZSU/pS/gYKZ4x2YHwFu1uOVdoxWqvsa7GpI89htHDQjL12MJ/mhIHcQnJgUccVG1Xb/gGbWUo=
it.help.json
185.198.117.126/content/nexinew/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/content/nexinew/it.help.json
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
98366494099531830eeb14c92bc8ac1c439dd4fcdeb4d29d037c3711a52e7b65
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:10 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Fri, 09 Feb 2024 14:40:21 GMT
ETag
"9d7-610f3e8589f08"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
box-homepage-smartPOS-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box-homepage-smartPOS-t.jpg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
ee7ec12edfe6e8890809d003fa214bbbf2b1d2ef7f6b6126936d0dbb0b56cd8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:10 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:09 GMT
ETag
"9699-6104eef5afb29"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
38553
box_hp_glossy.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box_hp_glossy.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
96f9d4c21570a8d3a0653888fa5672bc7bda8765cb91297cce3655637ac7abdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:10 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:06 GMT
ETag
"270a-6104eef32f34c"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=34
box-micropagamenti-homepage-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		115 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box-micropagamenti-homepage-t.jpg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
a82b5532e47a5ee41f5300a9870e0c058c76bdd98a7c343d3c307a5afb60a47d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:10 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:47 GMT
ETag
"1cc6b-6104ef1a4b9c9"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F5BF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 23:56:50 GMT
x-content-type-options
nosniff
age
187700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 14 Feb 2024 23:56:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5BF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=f6eixvqhlhq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 21:00:18 GMT
x-content-type-options
nosniff
age
25492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 21:00:18 GMT
chat.conf.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/chat.conf.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
150fd1546211f131573249933ccba2a53c936ef81e73aabffbc01e7d92ff38b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:10 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:30 GMT
ETag
"1931-610272e8b4c08"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
widgets-core.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		374 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.11.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-11-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:10 GMT
content-encoding
gzip
x-amz-version-id
sNSaqInlZw24bK6kxbMy6zRCGNOYx6Jg
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
GK4D68563Q4PRN3M
etag
"c628f4a51576c80a45e13461dd41bb65"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
115520
x-amz-id-2
u4VVQPMRWqN444ZzLpnYrkRWlPGunrmual8Pg7hilkwlGqEJ9PKBD69mvzVCRSZ2CBL+kFT+TBE=
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2EQBRC1CMY&gtm=45je4270v876108219z8841327514za200&_p=1707537909579&gcs=G101&gcd=13q3t3p3p5&npa=1&dma_cps=-&dma=1&tcfd=1000h&tt=external&ir=0&cid=1438434264.1707537910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&dt=%2Fit&sid=1707537909&sct=1&seg=0&dl=https%3A%2F%2F185.198.117.126%2Fit&en=page_view&_fv=1&_nsi=1&_ss=1&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.navigation_type=navigate&ep.new_tab=new&epn.redirect_count=0&epn.tab_count=1&ep.tab_id=23e81735-4570-44c1-ba20-275ba8514a83&ep.container_id=GTM-MVCHKSD&epn.is_nb_customer=0&ep.connection_speed=4g&epn.cookies_bytes=185&epn.from_virtual_agent=0&epn.cookie_didomi_ready=0&ep.container_version=224&tfd=1079
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EQBRC1CMY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Feb 2024 04:05:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://185.198.117.126
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13q3t3p3p5&rnd=221545408.1707537910&url=https%3A%2F%2F185.198.117.126%2Fit&dma_cps=-&dma=1&npa=1&tcfd=1000h&gtm=45He4270n81MVCHKSDv841327514za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Feb 2024 04:05:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widgets-it.i18n.json
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ 		21 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/widgets-it.i18n.json
Requested by
Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
3144b710d0730bdf9ab50eefcf6b10e1f01e508c64fc7fcf00dc5ab10cd12bc2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://185.198.117.126/it
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sat, 10 Feb 2024 04:05:11 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:16 GMT
ETag
"52df-610272da84ea9"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
webchat.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		120 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchat.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.11.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-11-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:11 GMT
content-encoding
gzip
x-amz-version-id
I8r9IWjlAwme6kGXcvwZtThDXcvWYQhV
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
27BC9BJ5JJKNA579
etag
"48cbcd6f99f8f2301f9835cd67756e27"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
32958
x-amz-id-2
KzuahDwIFBP/IKQ1MXUR1pCPxpQUfg8PeRQ6ZRp+vPYKHy8k43DrJd+JoNrX5vRGLR3eObcp1N4=
richmediabridge.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/richmediabridge.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.11.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-11-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:11 GMT
content-encoding
gzip
x-amz-version-id
IMIicDamFGxbMPKPpl8uycurEy7omy_h
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
BGT8FR2YXY14YRPR
etag
"9b37619d557157ff17bf07ccbbdd37ee"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
22301
x-amz-id-2
Bf28nodtlRSobp3yVcC7+YgVKjRBHK8xA2AhnT6IPvUrMTglfk6QUjoXYfaF9zHXwKSxrNT1fTg=
webchatservice.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		649 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservice.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.11.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-11-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:11 GMT
x-amz-version-id
jJfv2IEwbzrhl82XxQczlICOAZExJG96
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
BGT3GJBFHSV0YJ2F
etag
"4877fdb51b5ae81b286e1b6e2fde69ff"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
649
x-amz-id-2
9HdW6y4Eykw6uRlEjZnCMUU1yVQoaYn5RqBsUoYgb8cyMYb5kdKHzdnXkx7YJt0Ewm9DvVSPPjM=
webchatservicelegacy.mod.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservicelegacy.mod.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.11.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-11-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 04:05:11 GMT
content-encoding
gzip
x-amz-version-id
Bb4kSLxGmNMKUSTFexpQJZT8immlY.DW
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
BGT9M6ZPSYFVKNX0
etag
"0984a5d27e9f5a159c17e72ccbe996a0"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
19515
x-amz-id-2
Wf7FnmZqhdKMw6pifgC8R6SerFbUKGRNKuMo2ogG5brH/0Ume/5hz51kf+iNWnrePDUoua3ZxoQ=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer object| nexinew object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render function| $ function| jQuery boolean| gdprAppliesGlobally object| chatUtilities object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| didomiEventListeners object| didomiOnReady object| nodeList function| onYouTubeIframeAPIReady object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget object| webpackChunkDidomi object| Didomi function| __tcfapi object| DidomiSanitizing object| didomiState object| recaptcha object| closure_lm_141378 object| regeneratorRuntime object| picturefillCFG function| picturefill function| clearImmediate function| setImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| thePicker object| deviceBreakpoints function| webpackHotUpdate object| CXBus object| _genesys object| _gt object| gaGlobal function| widgetsJsonpFunction function| pure_addEventListener function| pure_removeEventListener

5 Cookies

Domain/Path Name / Value
185.198.117.126/ Name: TS0168694d
Value: 01d37309fc48ef694881b4ea52a1326cd54ba564c869e6faf25b259e1daf78d23500b92b35e9d899abb1f5f3f0d477649b3771b7ef
185.198.117.126/ Name: _sfid_f19e
Value: {%22anonymousId%22:%2297d4a6552c8e22f8%22}
185.198.117.126/ Name: _evga_bdf8
Value: {%22uuid%22:%2297d4a6552c8e22f8%22}
185.198.117.126/ Name: _ga
Value: GA1.1.1438434264.1707537910
185.198.117.126/ Name: _ga_2EQBRC1CMY
Value: GS1.1.1707537909.1.0.1707537911.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ajax.googleapis.com
apps.mypurecloud.com
apps.mypurecloud.ie
cdn.evgnet.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.64.114
185.198.117.126
2001:4860:4802:32::36
2600:9000:2251:3a00:5:b7cc:d3c0:93a1
2606:4700:10::ac43:b9b
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
52.51.248.234
54.86.11.143
00c92827f3c8ea120c3458bf77302e3163d3d2b2592af2de8e646594a1d2d14a
150fd1546211f131573249933ccba2a53c936ef81e73aabffbc01e7d92ff38b1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d8e59eee7e5802676f18a54841c174f8c1ed5ae94d5d522c221e7364c065897
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
3144b710d0730bdf9ab50eefcf6b10e1f01e508c64fc7fcf00dc5ab10cd12bc2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
549b311eefd2b2b223406c9dc24bb05bbef70069a9e37e2de12dfb0900bb7d8b
681834065104f982c30d1423fdf02c1a084fa738c48d1eba546b7f9f40630597
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
7e4bd1bfb0e844f06b8dd49f472969dc4d52987a747493f44055170ecd4218aa
82e7bfb3324083cdd6eb00e57daf5476a8df6e67f00769d4298232cdef598c9e
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
86c7f7cec2aad8e305dcf57def1edef4fb53829c04ec098562ec010b189994d6
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
96f9d4c21570a8d3a0653888fa5672bc7bda8765cb91297cce3655637ac7abdd
98366494099531830eeb14c92bc8ac1c439dd4fcdeb4d29d037c3711a52e7b65
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
a279c1dd76488b2d880ddf93ee71bf430afc1b737faf66bd092e7dbc57e2e03c
a82b5532e47a5ee41f5300a9870e0c058c76bdd98a7c343d3c307a5afb60a47d
ab87a73113c2e5c71a723edd0af7e1a42f8e05a888f7f333c248f5b587075233
b16d7014a313258b9097e2413e5e5ffc9cb8369b266d1861c35ff3c8a6d08a3c
b1d3cc8c6f4fe05539093356807b5b210b1c5fe33af5e2b14bb6c3eaaa8e505a
bf703935cea0dfddb6566e1928d29b5bbcb4a396f47147e65b5d536535e10d36
c52f0da6b43677aa6cfa23782d214af14e0d854972a321b610a5d783ad7804d1
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
c961ee1957a985227f4b0d79e53ea20f39081a340c14d8f25d25f37619d7c87f
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea147e60bf34df7de032a09ea45e161df087ea3c265931880a3cb7d3025f2f03
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
ee7ec12edfe6e8890809d003fa214bbbf2b1d2ef7f6b6126936d0dbb0b56cd8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fba15097c263db75abe48e8a19dd939fefca68d0f4c248e6d0bc9c1f420924ce