{"report_id":"c0b05742-0d5c-4a26-9443-1e985db7dfe2","version":6,"status":"done","tags":[],"date":"2026-03-04T17:05:43Z","url":{"schema":"http","addr":"tracklead.it/r?offerta=iltuoprestito3008\u0026ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6Nzk0O31zOjU6ImVtYWlsIjtpOjc5NDtzOjQ6InN0YXQiO3M6MjI6IjY5YTg2NWRhYzExMjQwNDI0ODEzNTEiO3M6NDoibGVhZCI7czo3OiIyMDczNDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo3OTQ7fX0=","fqdn":"tracklead.it","domain":"tracklead.it","tld":"it"},"ip":{"addr":"95.110.231.219","port":0,"asn":31034,"as":"Aruba S.p.A.","country":"Italy","country_code":"IT"},"final":{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"title":"leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","dom":{"size":28793,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1625)","md5":"7135be9ffa80b3df047f67da87f7c01a","sha1":"7d6bbd424e00d2bc26b43aec205d32656df34e60","sha256":"08d54cd25c7a7727271cb2699ed966f55585e09dead62fa70dc5f0795532b8ce","sha512":"5bc78ad6e128c46475d26347e83a0fe0b28df736ccdc6ff513f8fbec909f9f0784736cf5ab2e0670323891aa75947ddf4cd2632d211b9288f2b1f1e73a9fa526","ssdeep":"384:wxgi0LHCDi2KsGHJMRuZznFqhpFpMoo2Oj/bYiFrByxu:wyKRAiro2oYEr3","tlshash":"43d2216278f2ccb201df49d965b6491dadf88307ea550188fe1c8bf61fb2d68d233954","dom_hash":"domhash49ddbb4139f12c52553c57d2944f65be","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tracklead.it/r?offerta=iltuoprestito3008\u0026ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6Nzk0O31zOjU6ImVtYWlsIjtpOjc5NDtzOjQ6InN0YXQiO3M6MjI6IjY5YTg2NWRhYzExMjQwNDI0ODEzNTEiO3M6NDoibGVhZCI7czo3OiIyMDczNDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo3OTQ7fX0=","fqdn":"tracklead.it","domain":"tracklead.it","tld":"it"},"ip":{"addr":"95.110.231.219","port":0,"asn":31034,"as":"Aruba S.p.A.","country":"Italy","country_code":"IT"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T17:05:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-01T22:18:12.522658Z","alert_count":0,"request_count":1,"received_data":8950,"sent_data":519,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"leadplaza.it","ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2014-01-24","domain_rank":1757004,"first_seen":"2015-01-27T17:40:27Z","last_seen":"2026-01-23T04:12:50.839123Z","alert_count":28,"request_count":14,"received_data":788257,"sent_data":9049,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.6.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:5.4.45","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-01T22:15:00.771016Z","alert_count":0,"request_count":3,"received_data":71626,"sent_data":1583,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aff.datapointcore.com","ip":{"addr":"54.228.66.211","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2025-09-26","domain_rank":0,"first_seen":"2026-03-01T12:44:49.708416Z","last_seen":"2026-03-01T12:44:49.708416Z","alert_count":0,"request_count":1,"received_data":30307,"sent_data":642,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tracklead.it","ip":{"addr":"95.110.231.219","port":443,"asn":31034,"as":"Aruba S.p.A.","country":"Italy","country_code":"IT"},"domain_registered":"2021-03-10","domain_rank":4363077,"first_seen":"2021-03-16T16:03:26Z","last_seen":"2023-03-14T17:46:15Z","alert_count":0,"request_count":2,"received_data":58226,"sent_data":1489,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-03-01T23:01:32.310587Z","alert_count":0,"request_count":1,"received_data":92542,"sent_data":441,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1a8cb16a060f6280a767187fd22e037","sha1":"7622c9ac2335be6dcd3ab8b47132e94089cef931","sha256":"d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f","sha512":"252476e9f94a6db579e14cdf1197555e856e6b80dbcd78c46b9345ce6605a1cd69da0dab2a4c475b51d2103404d2c61acd18490e005d625eca06afe4d75c8a6c","ssdeep":"1536:ErtkIFev1ONjOe7evh0HWJxRckSTcncz/z34yfbvTXYActjaO7fiSXHB27SaDqMS:C+1yPWTRXkT4i5K7hZp8+J","tlshash":"0e93d7d9b2d67163c3b731b854af510bb13698eab84c8850f068d8e4be74a48507bf7d","size":91556,"data":"","first_seen":"2023-03-07T01:07:14Z","last_seen":"2026-04-04T13:56:53.425587Z","times_seen":5745,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"363fed13317a8b9c762b65c8d9ad8ab9","sha1":"2da8042994be56c38f6f2321bc116de7777b5904","sha256":"50fc3ec4d20bdb7553ba57614bfb2571278daf70665a3718e325c26c885194e2","sha512":"ed9fb8f46f4034c58a17d9aafed78c4d87b7ec642ed6709bf7049a680d379f372ffa57497a56e331a081da5f1c9d3d69d82c3cd23169664c4c0b3e502f0c4a0d","ssdeep":"96:Rc4v4ihiLW/P/MebDzrfmG0Cj3i20ZsGHMrGsAZqof:ngihiW0e77mG0CDi20ZsGHMtVof","tlshash":"93c147eb76d708704fdb7abf26aa838c383081132e069945bd1c16b19f60e51b577b98","size":5848,"data":"","first_seen":"2026-03-04T17:05:46.290667Z","last_seen":"2026-03-04T17:05:46.290667Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"1fd3baaa6bb1334642aadd2893be3f82","sha1":"b5dfa2c6812ee25a56af5b750495271412bf4aa8","sha256":"f04325988224d347b95d22931377b8ed9a1e1f844d1d6f3a83697ad46c51efdc","sha512":"c83e3916b47b3a1d5b9ad5ae34911f77ce885e7c12f8400f3e49e8f5214eae77d226a8d84023028889b2aaaa8ac922a93e6a2b7642887f9f6e28e48bf2e62caa","ssdeep":"","tlshash":"91e0f1b528da443016fb20bd333ecf0e7b1711801080da27b8cd48015f24ae3ca74788","size":417,"data":"","first_seen":"2026-03-04T17:05:46.293237Z","last_seen":"2026-03-04T17:05:46.293237Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/testo.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/testo.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 72056\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-11978\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":72056,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 728 x 662, 8-bit/color RGBA, non-interlaced","md5":"8f41177630e775d95f0a2cf3a55261c4","sha1":"2ae57f58af966686005f499295eaa2c9ffca1407","sha256":"200335b39a92a53840939f5aa876ee0677b255f82c65f77529ab53f26721adad","sha512":"4a362db94f36c5d5217602bf6fcefad7624a8f62c149c7d85d7bcde63a19fc06b280da51737e5b677e47ef2de4d18ffed098f59ee037c58edccd2dc73cffbca2","ssdeep":"1536:HQOzp+9WC3IJlr9k3ZnXWg5HBCbxRjEo38BaIvM:HZzp+953IJlhKtt5HBCVBJ38MF","tlshash":"7d6302f90835e402ee2976f1209c5f839cb35d91a8e19393d7db42182b85fe2652c6bd","first_seen":"2026-03-04T17:05:46.238103Z","last_seen":"2026-03-04T17:05:46.238103Z","times_seen":1,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/2.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/2.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 67206\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-10686\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":67206,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 185 x 185, 8-bit/color RGBA, non-interlaced","md5":"a00d5da6b855fb38f5fb7d6117b3d024","sha1":"664b08c956fbcb267d4620d1bc10c4fab0182786","sha256":"e93d793f339f5d67c1d09fb61210e1520f98a37c926bd86d096139fdf308caee","sha512":"0d027d6405594e25dfc9e5335154bebc753fa1e93447e05175c7429933e86970bc205d9d520919b7ed5292e5c19500a2abeacc8bc211987b2f1fdefb4e7de3a2","ssdeep":"1536:nDBABvqwTTj0Vl/vDSpaZpOkY7tWzGQSFeJlpSDDyqAvXS1Hy0w:nFiqKTj0AVkY7toGQRgX+XS00w","tlshash":"a86302043acc3b90bfe19e6cb9ad09cb574955cdd0c17a3db2310b4d9a5a85b0a5fa0b","first_seen":"2026-03-04T17:05:46.243126Z","last_seen":"2026-03-04T17:05:46.243126Z","times_seen":1,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/images.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:22.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/images.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 2645\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-a55\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit colormap, non-interlaced","md5":"18d970d6b00f4c7d1fc086464045c0d1","sha1":"bc2c865004d0c581df7f44a63b3e82799a090345","sha256":"2e3b794bd81cf2cb92dcb5039a6913c49cc61e8d0d459adafd52ea900e1ff4b3","sha512":"73391ce2cac31e5888f11a7f3a67f43ddf92df7d730835adeb97ac474455258f55659241aa70309c3119772241869a424fc5a84895b5019ce4c6eace943a1a3b","ssdeep":"","tlshash":"35514c9bab834c4f2a2a60194055d97b7a38239f62d3e463c5460b3c1a477149e18fe9","first_seen":"2026-03-04T17:05:46.249317Z","last_seen":"2026-03-04T17:05:46.249317Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/style.css","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/style.css HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: W/\"68c146a7-2aa5\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10917,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"447d51ed108205b6a6718dc82216c18a","sha1":"0cd0fb5652daa242ec774445249737b50d7196b4","sha256":"12c818641ffaf0e19183c033c9117fd92c1dae0237821f4f39aa75fabf22c26b","sha512":"6ac0963adae46023f2d3dbef2ed1ca0261a824c03ea9601cfb547beafc5fe32c7f99297a00ce81fd5e329a92f0de23cc7a1533a5533d2a47a720c027f98cffc2","ssdeep":"192:8uTXcJ3FBoyNU0BMCKwUC5MeTGuT5sLBdbAcvJVFP6FBqzFgeKq2ZBn:lclFBoyVTckyIFeFuBn","tlshash":"81329c4a9ee31409f40788786bfa476532a98847a24fce357f8cb390df85195d173b8c","first_seen":"2026-03-04T17:05:46.252651Z","last_seen":"2026-03-04T17:05:46.252651Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/assicurazioni.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/assicurazioni.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 5978\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-175a\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5978,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 165 x 165, 8-bit/color RGBA, non-interlaced","md5":"4675bfa63bf353844c84ffc0a4d8899b","sha1":"8b9b56198d89fff0d56a6e38dda0d0936c5fd724","sha256":"702d5e07de50905e95fc8ba8967540167647ae8b9100862fffedfa2f1a7ce91e","sha512":"351980e2d00ecc3cf7414328577885dcd94a08c8f4fec62f238afc1de9003c2b9d35b847b2f0712aeb2b112aedac8f7e24af8e7815bad25eff1f8377307dac70","ssdeep":"96:LIh42JOboYbtV9mQIiWpa8bFEFHL4sFUAE0TePUz21MTJJNXNpNUjXRG7dQ:khvUbrtHlMEmsFdTtzasJrNYjhGZQ","tlshash":"51c19fabe2e9f8185df3772216673a240426654618b48a99f3878621f91cc43bcf91e7","first_seen":"2026-03-04T17:05:46.255549Z","last_seen":"2026-03-04T17:05:46.255549Z","times_seen":1,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/garanzie.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/garanzie.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 4292\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-10c4\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4292,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 165 x 165, 8-bit/color RGBA, non-interlaced","md5":"b006236a649c543311d34a8c99241c94","sha1":"0d6effe929cedd4e91c495a9d0d3eedd9fa2bdc5","sha256":"22d40e16c1bfa5a17f7f081b968c4b032d0f20222b0ec973c645e27dd9e37586","sha512":"ea9acbd0b67723efc269077f462ca0624f2a1a7cf9049670ffb7454337803e564107b7470f29e54499b736489b4ed0a0a1f4d109e04bc70d201467712473403c","ssdeep":"96:L05qtz0kvOY5NHqSNcR0q67e7YYadR2sNKdV36pZVfzY7LASfL:d0aOKq2c7Me7YYyR22KdV3kJzY7jfL","tlshash":"10916c82ed0de9214f1424ae7149e9e7daf6d180daa49758213cf450bd3694074ebde3","first_seen":"2026-03-04T17:05:46.258484Z","last_seen":"2026-03-04T17:05:46.258484Z","times_seen":1,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh50XSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:22.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leadplaza.it\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22504\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Mar 2026 00:19:03 GMT\r\nexpires: Thu, 04 Mar 2027 00:19:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 60379\r\nlast-modified: Mon, 15 Sep 2025 17:09:19 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22504,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22504, version 1.0","md5":"1c6c65523675abc6fcd78e804325bd77","sha1":"898d9808304dc157f5dcb18ca169ec6e2b96b3d7","sha256":"08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92","sha512":"1505e8496c9bee214c5f8815f8d88a31ffe2baeb6fba81a8228bd52220b9b2bb10464c1e1dba11d6881583dfa478cdfb30a79cfa6f069c362fb65443feb06918","ssdeep":"384:ZbL6k1TUlBxUp5VLlLJGv2VulERzgWuXlY9zehEsapJznPEUAAnUgf0n6iXatBbF:pLfTuYfVVJGv2VuIzgWAlYteh6nPEzAF","tlshash":"8aa2f18a13d7a414878983f12c5ed63d7fac7cc7994282d2a606bc494e3dcb6b430bc4","first_seen":"2023-04-17T13:30:58Z","last_seen":"2026-04-04T13:46:00.030005Z","times_seen":28408,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":85,"dns":1,"connect":31,"send":0,"wait":37,"receive":10,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/recensioni.jpg","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/recensioni.jpg HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 179041\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-2bb61\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":179041,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 975x1156, components 3","md5":"5fdf9950964df77053d4fe24d845cedc","sha1":"e3778bad8fd4d19e548441eb8fdd4ef169f9db0d","sha256":"07da5980c7a81b51a4cea92a8380b8d69927326092b56f954028d5219bcf5c96","sha512":"ec526301583dcf28f29f398db0600f5ccdfacf30502909879a76ca5060febb38ad2565d65b1d1a5de22a9c5721b31d55fbcda74e1bb3c05f3fa992159bf85a7e","ssdeep":"3072:P2QdKGl4wnt/5jzuOrcC9RjehEmERg97kzPvLZ/Vi0i7oX832UChBd/:P2Qdh4wnPPdrcIEboAk3Zti3UX832x3/","tlshash":"ce04029ede340c23c6c247359760f469f752bad9fadfb1ac289809ba83013905d866d9","first_seen":"2026-03-04T17:05:46.263387Z","last_seen":"2026-03-04T17:05:46.263387Z","times_seen":1,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aff.datapointcore.com/aff_c?offer_id=1813\u0026aff_id=17\u0026file_id=17209\u0026aff_sub=dsit\u0026aff_sub5={{id_camp}}\u0026dest=iltuo_prestito2022/\u0026nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}","fqdn":"aff.datapointcore.com","domain":"datapointcore.com","tld":"com"},"ip":{"addr":"54.228.66.211","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T17:05:20.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aff.datapointcore.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 01 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"88:C8:47:0F:86:21:BA:8C:28:64:E1:6D:EA:60:1E:F0:FC:70:63:72","sha256":"52:DC:3C:7A:68:D1:C9:4F:BB:61:CA:11:9B:45:5E:B4:91:CF:53:D7:B2:9A:AE:AF:8F:10:45:04:CD:AB:AC:C4"}}},"request":{"raw":"GET /aff_c?offer_id=1813\u0026aff_id=17\u0026file_id=17209\u0026aff_sub=dsit\u0026aff_sub5={{id_camp}}\u0026dest=iltuo_prestito2022/\u0026nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}} HTTP/1.1\r\nHost: aff.datapointcore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 17:05:21 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 389\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, must-revalidate\r\nExpires: Sat, 26 Jul 1997 05:00:00 GMT\r\nLocation: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nP3p: CP=\"NOI CUR OUR NOR INT\"\r\nPragma: no-cache\r\nSet-Cookie: enc_aff_session_1813=ENC03eed6b9a866a87310e778b69e97574e53932b1348038dab96a4e2ae8c80e80252cee89af8d7184f1a4ff9878c61d702f67ff964a9c233e8d3564b118abf891b62e66a376f2200e633b4ef568c3062e4ec358f15518f434c4ba26b978ee618f0a06d612cc887367a8ec31c9022f822990b42c0c434640ec634b6415e9cf1d3e3271037ee50; expires=Sat, 04 Apr 2026 17:05:21 GMT; path=/; SameSite=None; Secure\nho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzQuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 27 Jan 2029 03:45:21 GMT; path=/; SameSite=None; Secure\r\nTracking_id: 102d5abf29d0700eb6bed073fd5682\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Tune-SDK-Version\r\nAccept-Ch: Sec-Ch-Dpr, Dpr, Sec-Ch-Ua-Model\r\nX-Request-Id: 3eacdc84683e89f1207200772e0a41d9\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28683,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":1097,"timings":{"blocked":529,"dns":216,"connect":34,"send":0,"wait":37,"receive":1,"ssl":279},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T17:05:21.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682 HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: text/html\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nset-cookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0; path=/\r\nx-powered-by: PHP/5.4.45, PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.6.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:5.4.45","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28683,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1625)","md5":"53c229ff8f0369328ec758e08dd680a7","sha1":"eb66b93deedfcb887705904fc24eecd4046be27f","sha256":"b4331b76aef88de322b90201d5d720da6726c64cdd68086c5ce83dbcf4c79df2","sha512":"e8760ab8629be548d9dcb40c3ab703a15023ea955265b98b2a502dc420ef204bcaa75d4cc228fb4675c9a38d375c0fa07f09fa366c172b23838fb75617746579","ssdeep":"384:igi0LHCDi2KsGHJQRuZzF8NGpFpMoo2Oj/bYiFrByzTM:rORAPro2oYErv","tlshash":"51d2316278f2ccb201ef49d965b6491dadf88307aa550188fe1c8bf61fb2d6cd233954","first_seen":"2026-03-04T17:05:46.266599Z","last_seen":"2026-03-04T17:05:46.266599Z","times_seen":1,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":179,"dns":119,"connect":26,"send":0,"wait":41,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/js/popup.js","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/js/popup.js HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 10 Sep 2025 09:31:43 GMT\r\netag: W/\"3fe-63e6f16b074d6\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1022,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7a637a1291fefcdfe1332e923bbf9df0","sha1":"4f7a7441081d01fa2856427b110e00d9ddeb3366","sha256":"c12e362c31d63f7002993170abb1da65693148606548b8379e6ac0f9deeaa070","sha512":"0af31bd661f038a16c879118b3a7a06a0576d1532dba59f3bfb56e7c4623ade62410f856fa6e71a8616ffdd0ebfab216727754ad2ddb3de5bd640ec6b2eb8bec","ssdeep":"","tlshash":"54110e2baec60bea4103252bb80572599e29473ac4b6b1bad4cc802c7f1d75cc9b03c5","first_seen":"2026-03-04T17:05:46.268942Z","last_seen":"2026-03-18T04:50:53.464817Z","times_seen":2,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/js/popup.js","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:22.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/js/popup.js HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:22 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 10 Sep 2025 09:31:43 GMT\r\netag: W/\"3fe-63e6f16b074d6\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1022,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7a637a1291fefcdfe1332e923bbf9df0","sha1":"4f7a7441081d01fa2856427b110e00d9ddeb3366","sha256":"c12e362c31d63f7002993170abb1da65693148606548b8379e6ac0f9deeaa070","sha512":"0af31bd661f038a16c879118b3a7a06a0576d1532dba59f3bfb56e7c4623ade62410f856fa6e71a8616ffdd0ebfab216727754ad2ddb3de5bd640ec6b2eb8bec","ssdeep":"","tlshash":"54110e2baec60bea4103252bb80572599e29473ac4b6b1bad4cc802c7f1d75cc9b03c5","first_seen":"2026-03-04T17:05:46.268942Z","last_seen":"2026-03-18T04:50:53.464817Z","times_seen":2,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tracklead.it/r?offerta=iltuoprestito3008\u0026ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6Nzk0O31zOjU6ImVtYWlsIjtpOjc5NDtzOjQ6InN0YXQiO3M6MjI6IjY5YTg2NWRhYzExMjQwNDI0ODEzNTEiO3M6NDoibGVhZCI7czo3OiIyMDczNDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo3OTQ7fX0=","fqdn":"tracklead.it","domain":"tracklead.it","tld":"it"},"ip":{"addr":"95.110.231.219","port":443,"asn":31034,"as":"Aruba S.p.A.","country":"Italy","country_code":"IT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T17:05:20.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tracklead.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 15:39:42 GMT","end":"Tue, 07 Apr 2026 15:39:41 GMT"},"fingerprint":{"sha1":"8B:DA:11:79:FB:95:56:8C:95:D0:DB:CD:B4:6F:1B:99:B1:40:19:3C","sha256":"D6:E4:73:EB:50:63:EE:99:C0:C5:B0:4F:5D:BE:3C:60:38:62:A3:7B:F0:21:25:D1:55:13:3E:93:41:B1:96:57"}}},"request":{"raw":"GET /r?offerta=iltuoprestito3008\u0026ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6Nzk0O31zOjU6ImVtYWlsIjtpOjc5NDtzOjQ6InN0YXQiO3M6MjI6IjY5YTg2NWRhYzExMjQwNDI0ODEzNTEiO3M6NDoibGVhZCI7czo3OiIyMDczNDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo3OTQ7fX0= HTTP/1.1\r\nHost: tracklead.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:20 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 600\r\nlocation: https://tracklead.it/r/?offerta=iltuoprestito3008\u0026ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6Nzk0O31zOjU6ImVtYWlsIjtpOjc5NDtzOjQ6InN0YXQiO3M6MjI6IjY5YTg2NWRhYzExMjQwNDI0ODEzNTEiO3M6NDoibGVhZCI7czo3OiIyMDczNDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo3OTQ7fX0=\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":28683,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":428,"timings":{"blocked":193,"dns":117,"connect":36,"send":0,"wait":40,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32245\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 02 Mar 2026 21:13:13 GMT\r\nexpires: Tue, 02 Mar 2027 21:13:13 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 157929\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":91556,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32764)","md5":"a1a8cb16a060f6280a767187fd22e037","sha1":"7622c9ac2335be6dcd3ab8b47132e94089cef931","sha256":"d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f","sha512":"252476e9f94a6db579e14cdf1197555e856e6b80dbcd78c46b9345ce6605a1cd69da0dab2a4c475b51d2103404d2c61acd18490e005d625eca06afe4d75c8a6c","ssdeep":"1536:ErtkIFev1ONjOe7evh0HWJxRckSTcncz/z34yfbvTXYActjaO7fiSXHB27SaDqMS:C+1yPWTRXkT4i5K7hZp8+J","tlshash":"0e93d7d9b2d67163c3b731b854af510bb13698eab84c8850f068d8e4be74a48507bf7d","first_seen":"2023-03-07T01:07:14Z","last_seen":"2026-04-04T13:56:53.425587Z","times_seen":5745,"resource_available":true,"data":null}},"time_used":402,"timings":{"blocked":175,"dns":1,"connect":20,"send":0,"wait":22,"receive":22,"ssl":160},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:22.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leadplaza.it\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Mar 2026 00:05:49 GMT\r\nexpires: Thu, 04 Mar 2027 00:05:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 61173\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23040,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T13:49:26.306156Z","times_seen":135130,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":84,"dns":1,"connect":30,"send":0,"wait":28,"receive":11,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/1.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/1.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 62390\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-f3b6\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62390,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 185 x 185, 8-bit/color RGBA, non-interlaced","md5":"aec55d7e2917af2a9d45c6e90d885948","sha1":"34847ae56519a93b8f439d19d876d37c77325152","sha256":"cecdbd861f3dd34c202170ae32113bdaa748ccbaa07d36fad6e8431e94da3ba3","sha512":"2a024bbda311e83a7f07e3f67d9688b6ab77d377c89ce8c5cecd32d65ed4c82fc535dadd92861fb3c3f83b73b558fc6c020b283fda6be50a9ff426def8d3d3ab","ssdeep":"768:yGQgX5cOp61I/FxzYEfv+Ubh7/dpz1R57+2pEwQJV/uWOfo2BKnoO0zmoWeUGwmK:v5FUYFFtv+ey2jS3oOeUGV2N4ZY6i","tlshash":"36530222f755707627c09c235e8b1e40d68dfbc3fac78778f97ae449e80ce099819295","first_seen":"2026-03-04T17:05:46.277845Z","last_seen":"2026-03-04T17:05:46.277845Z","times_seen":1,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"6B:DB:3B:B8:9F:A1:8E:49:35:74:D9:D8:24:91:F2:5E:42:56:2F:58","sha256":"37:ED:DF:C4:FB:A3:96:16:9E:47:69:CE:86:A5:35:8E:B5:3A:0B:0B:6A:A1:08:A2:DF:DE:6C:7C:31:BE:94:B1"}}},"request":{"raw":"GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 04 Mar 2026 17:05:22 GMT\r\ndate: Wed, 04 Mar 2026 17:05:22 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8264,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3e60d92d1a3ec9b0ecddb3b2f3818ffd","sha1":"517b66169afb17d5d0538ae8d559371698077511","sha256":"9aa57887b113c39cf22bae9d6289ec0c6624a0b274c2124555e81235df512597","sha512":"791f3208a2b56caa224bd13ccb1f89f5660be92fa92e8d0163a5c0a081f0738e2de67c9258a67f2616e968cfce980018d1c18aec1741b2f05540357d77d68895","ssdeep":"192:43pv33pUn/J3n/lOw3Oir/i3r/Ux/o3x/TpwOp7RIu71D5Mp76D:4353m/R/lFx7u7Up8pTHF","tlshash":"0802c092086ba508db930dc222da7e36ff0fa25064559935efff14c8bc97c6a5361b0c","first_seen":"2025-09-17T05:16:48.274798Z","last_seen":"2026-04-04T12:29:38.714533Z","times_seen":5223,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":156,"dns":0,"connect":29,"send":0,"wait":47,"receive":0,"ssl":132},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:22.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leadplaza.it\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Mar 2026 00:03:06 GMT\r\nexpires: Thu, 04 Mar 2027 00:03:06 GMT\r\ncache-control: public, max-age=31536000\r\nage: 61336\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T13:49:26.305397Z","times_seen":184009,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":108,"dns":1,"connect":27,"send":0,"wait":28,"receive":26,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracklead.it/r/?offerta=iltuoprestito3008\u0026ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6Nzk0O31zOjU6ImVtYWlsIjtpOjc5NDtzOjQ6InN0YXQiO3M6MjI6IjY5YTg2NWRhYzExMjQwNDI0ODEzNTEiO3M6NDoibGVhZCI7czo3OiIyMDczNDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo3OTQ7fX0=","fqdn":"tracklead.it","domain":"tracklead.it","tld":"it"},"ip":{"addr":"95.110.231.219","port":443,"asn":31034,"as":"Aruba S.p.A.","country":"Italy","country_code":"IT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T17:05:20.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tracklead.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 15:39:42 GMT","end":"Tue, 07 Apr 2026 15:39:41 GMT"},"fingerprint":{"sha1":"8B:DA:11:79:FB:95:56:8C:95:D0:DB:CD:B4:6F:1B:99:B1:40:19:3C","sha256":"D6:E4:73:EB:50:63:EE:99:C0:C5:B0:4F:5D:BE:3C:60:38:62:A3:7B:F0:21:25:D1:55:13:3E:93:41:B1:96:57"}}},"request":{"raw":"GET /r/?offerta=iltuoprestito3008\u0026ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6Nzk0O31zOjU6ImVtYWlsIjtpOjc5NDtzOjQ6InN0YXQiO3M6MjI6IjY5YTg2NWRhYzExMjQwNDI0ODEzNTEiO3M6NDoibGVhZCI7czo3OiIyMDczNDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo3OTQ7fX0= HTTP/1.1\r\nHost: tracklead.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 3\r\nlocation: https://aff.datapointcore.com/aff_c?offer_id=1813\u0026aff_id=17\u0026file_id=17209\u0026aff_sub=dsit\u0026aff_sub5={{id_camp}}\u0026dest=iltuo_prestito2022/\u0026nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":28683,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/rate.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/rate.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 5155\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-1423\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5155,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 165 x 165, 8-bit/color RGBA, non-interlaced","md5":"b65dc7ce1c84006da09e37c5cf507a58","sha1":"11e375ba1987c95cee6034a857bab3a368ad0a83","sha256":"2747571741b6a873be6a405d67af325ec7719ce55a028c757cda96cb2c3deeb8","sha512":"28d2be6be9e335ecce72e6226647c0d46c4ecf0e010ae1456ecdeaa1bc94b3a31258e5d978c4cffd3704bd5460e3c59d6cde1b5395e35e05a17c28ba77076dd5","ssdeep":"96:LdJAcyQoYiCR6KkZaeh6cp2NCdTOjbOn7ed5E6O:xJ3YYiCRJw4+TOOn766n","tlshash":"8ab1c02f3b28d7b1c039967cf62ab1ef80529a738fe3257851c0557923a112d43cdd19","first_seen":"2026-03-04T17:05:46.280276Z","last_seen":"2026-03-04T17:05:46.280276Z","times_seen":1,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/3.png","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/3.png HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 75693\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-127ad\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75693,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 185 x 185, 8-bit/color RGBA, non-interlaced","md5":"d69e44b10b5a7b0614e01381a96b96eb","sha1":"299492be490426bd43662d0d70e71ddd8d431a95","sha256":"9a3d6523ec9c13b6f40716c1390b2c19dc501ca3ee619f6edcff1b63133b8a6f","sha512":"df252b32a8d01ce4be79b275f0ea10db33fe9f1146529e1dc6984c7f529a9e22031a379116e499d3eab390e850fd90e190fb9d0a797a1e73375cb01e6c908aa8","ssdeep":"1536:DMzIBlXfonzGQF9gE2GbbTRJYGItAaIQX2GvmtgD3jNTvL:QGlPonz/6E2QGGIqvQXMY3jpvL","tlshash":"56730202ce920545c7a211f0b380dbd05df64c94e76979bf6b509a7a48acfb68ef43d1","first_seen":"2026-03-04T17:05:46.283288Z","last_seen":"2026-03-04T17:05:46.283288Z","times_seen":1,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leadplaza.it/iltuo_prestito2022/apertura.jpg","fqdn":"leadplaza.it","domain":"leadplaza.it","tld":"it"},"ip":{"addr":"135.125.9.57","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682","date":"2026-03-04T17:05:21.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leadplaza.it","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 07:02:46 GMT","end":"Sat, 11 Apr 2026 07:02:45 GMT"},"fingerprint":{"sha1":"40:E9:27:02:3E:8A:A8:83:44:DA:76:E1:F2:D8:61:7B:B5:2F:52:32","sha256":"4F:AE:12:01:12:51:DE:E7:30:30:8F:17:9F:9E:77:F0:08:46:80:E6:DD:35:D7:19:EE:48:FF:C5:02:73:90:62"}}},"request":{"raw":"GET /iltuo_prestito2022/apertura.jpg HTTP/1.1\r\nHost: leadplaza.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leadplaza.it/iltuo_prestito2022/?nome={{nome}}\u0026cognome={{cognome}}\u0026email={{email}}\u0026aff_sub=dsit\u0026aff_id=17\u0026importo={importo}\u0026lp=n\u0026advice_id=102d5abf29d0700eb6bed073fd5682\r\nCookie: PHPSESSID=ep3fru4m0tbo5v4b4jmcrrtvl0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 17:05:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 268600\r\nlast-modified: Wed, 10 Sep 2025 09:36:39 GMT\r\netag: \"68c146a7-41938\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":268600,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x844, components 3","md5":"2c35ef7487431e93c9938048082172bd","sha1":"227542cbfbbb06dc2aafbc6a08854a8fc9ee1cd0","sha256":"85e48e71429c5e6c25d8b442ac435662bbd44a206c5c79c37f39ac4aec76dca4","sha512":"092589b541e44355edf28d3fd36359f8e1ecf6421d69fba09403ab722d9e5bde7ea484c4c2e74647819e7cd03cc256f2ecc6a8ab2305dd6da62012b6404e01a2","ssdeep":"3072:TQCbSEh7S/4CFiGmqsFOGNSLSuQPfZ8W6ko+yZzlQVNUhNlFE/FqHoPIN6ND52u1:TFQsGsKSuWfOW6ko55uNYe/FqIdv2u1","tlshash":"41442232444f6c59e62c7438bdb88f2b8b931f5c93032965bda05d295ac8791b04ff7a","first_seen":"2026-03-04T17:05:46.286699Z","last_seen":"2026-03-04T17:05:46.286699Z","times_seen":1,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"leadplaza.it","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}