Report - tracking.supreminor.com/mbsl/f6612a1d516725be822f3424f22fe64f/f24ba614-4a427dc5-02d4df0c-a40b-5e59/7e27544f-cb1434c3-305f429e-62cf-5d26

Report Overview

Submitted URL
tracking.supreminor.com/mbsl/f6612a1d516725be822f3424f22fe64f/f24ba614-4a427dc5-02d4df0c-a40b-5e59/7e27544f-cb1434c3-305f429e-62cf-5d26
IP
185.103.37.69
ASN
#29119 ServiHosting Networks S.L.
Submitted
2022-11-27 20:45:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
analytics.tiktok.com	1182	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	86 kB	23.36.79.32
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	699 B	757 B	142.250.74.164
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	349 B	31.13.72.36
p1.zemanta.com	13052	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	239 B	104.22.7.45
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
e-leads.g2afse.com	625107	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	531 B	432 B	34.91.234.242
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	86 kB	104.18.10.207
a.mgid.com	18073	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	5.6 kB	104.19.136.78
js-tag.zemanta.com	28518	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	486 B	104.22.7.45
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	29 kB	31.13.72.12
spsk.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.1 kB	164.90.162.187
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	1.8 kB	142.250.74.66
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	698 B	757 B	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.1 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
credito4u.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	21 kB	161.35.72.115
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.3
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	722 B	141.226.228.48
trc.taboola.com	602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	554 B	151.101.85.44
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	19 kB	151.101.85.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
tracking.supreminor.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	721 B	185.103.37.69
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.69.181.45
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	599 B	707 B	142.251.1.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-27	medium	credito4u.it/pre-landing/?ref=132-	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	analytics.tiktok.com/i18n/pixel/identify.js	117 kB	2023-03-09	2023-04-01
Pretty URL analytics.tiktok.com/i18n/pixel/identify.js IP 23.36.79.32 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:22:59 Last Seen2023-04-01 11:21:50 Times Seen2 Hash e263120a249f3fa3845e85eb53194c28 2e40a73119701509d5ecd9d38203cb630d621e44 83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52 Loading...

	cdn.taboola.com/libtrc/unip/1454286/tfa.js	58 kB	2023-03-11	2023-03-11
Pretty URL cdn.taboola.com/libtrc/unip/1454286/tfa.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 539a237355d12dbe21ec4f820d6c3ba1 14c2d6cece14ed1a0c6263113fcfde6af2d441d6 e990131ee3848172124beb240c24214d87c18bac104ef09314a98d03ab74582d Loading...

	credito4u.it/pre-landing/?ref=132-	482 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 4ca4d6ab81b5b14041917c4bb6be6ce4 3987e6ae9c92d216f1ec6424f897ab3b789acda6 b845053cdbcc736839184eb3a04078e4e1f570f01b9082fae346982ee88131ce Loading...

	credito4u.it/pre-landing/?ref=132-	617 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 12d2485d7f261ccc49f677d282822a90 6dff62500ce4fe356c637c5241fe4f09b631b20b 54b2e52d11ff1234a7a384aa1770bc6c816af62064abcd256abda83a03c0fe4c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/750383324/?random=1669581927290&cv=11&fst=1669581927290&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&auid=180735344.1669581927&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/750383324/?random=1669581927290&cv=11&fst=1669581927290&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&auid=180735344.1669581927&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash bd7aab6e15a44d1129fc937afed1a2b4 c19d76076e5114dcaabf829bd4ebadfd5a7411b5 c0e400b0b351dd714944cef28b34587444992333c59e168fc6cae50a7e9f8eef Loading...

	connect.facebook.net/signals/config/124547992575739?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/124547992575739?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 6f4d433b90cb48a32f86757fc35f8df3 d200903291ca2bdaa64afb4291e31a780a90f18d 8794e25d8b4f2dbade17787bf51fed12e0396cf21878b46cc7ee70249a47d207 Loading...

	credito4u.it/pre-landing/?ref=132-	601 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 4f92c54917f607eac2081406fc0b8217 666b58a48bf053e55ed34ca93e1264b1ac9bcbfb 8e1c27c50548b7c469836ea2662f9d9b4d083f46dbec776d9e81d4e74c55bd95 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N6F9F4L	168 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N6F9F4L IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash b041cdf83b5b5102d03cc61e14fe71f6 5aa4106911f9488ce489a729d30988277e45c9a7 4bd6562b6e2e3736ed30d82cff9de7ec13f62a6f6753283682ef67726c368b55 Loading...

	a.mgid.com/mgsensor.js?d=1669581927300	15 kB	2023-03-08	2023-06-12
Pretty URL a.mgid.com/mgsensor.js?d=1669581927300 IP 104.19.136.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:11 Last Seen2023-06-12 21:03:33 Times Seen506 Hash fa78aa9a64182ddfdccc72407a9e9df1 14000edd76a0f84e65f1b64f2253916fb0a2d010 dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25 Loading...

	analytics.tiktok.com/i18n/pixel/config.js?sdkid=CD74TSJC77U492FA83I0&hostname=credito4u.it	60 kB	2023-03-11	2023-03-11
Pretty URL analytics.tiktok.com/i18n/pixel/config.js?sdkid=CD74TSJC77U492FA83I0&hostname=credito4u.it IP 23.36.79.32 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash e77baacd05f2134fdea3a860522259a1 51e0583a4246098f6c20d00f0da7fe7cf0f02b4c 4f37ef2a1705de4b4d74d8cd7e413e8d6999fcc4fac5d434bf5f3d19b766f703 Loading...

	trc.taboola.com/1454286/trc/3/json?tim=1669581928195&data=%7B%22id%22%3A820%2C%22ii%22%3A%22%2Fpre-landing%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669581928190%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D132-%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3De-leads-financial-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669581928194%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.5 kB	2023-03-11	2023-03-11
Pretty URL trc.taboola.com/1454286/trc/3/json?tim=1669581928195&data=%7B%22id%22%3A820%2C%22ii%22%3A%22%2Fpre-landing%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669581928190%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D132-%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3De-leads-financial-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669581928194%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 87e5a7c85e433b2027b9c14428fd4b7f 32b8569ddad0fd848124db89b061401f348f7f89 dfeae1f8888c2795a47f531be6ce15c499333819fbcda83d15b64e571fcbde0f Loading...

	credito4u.it/pre-landing/?ref=132-	337 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash de9398db8d55246fc139ae1b7df9befa 2553617ef8f1c3b455c5751104ea9227693cfd65 c7b69bdb105f627b8acdc8500cad9af736e6430ddeb1ee43581297f855f395e8 Loading...

	credito4u.it/pre-landing/?ref=132-	887 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 1d1a75af2e861e24af82cabb5eea9e2d cb42ffaa7a93f4592f07683f0e1cd5001ac25d80 538158e24ae8f97aa30e3f2757f459135234a72e9434644ea4461c7342a26767 Loading...

	spsk.cc/client.js	1.1 kB	2023-03-11	2023-07-06
Pretty URL spsk.cc/client.js IP 164.90.162.187 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-07-06 04:18:31 Times Seen10 Hash da2ff49453c029a66f34e3fff42492e9 6d69920ca47162fa44793446ebef7c632b8b5125 18c1d67b135893b7225c17a1936683ba545544e4a41e495742405ddeb6f89c59 Loading...

	credito4u.it/pre-landing/?ref=132-	82 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash f36b8bb66f2a6577cae75c935577880c 15fedb03e8174b2841f9744a4c80efee23ea2ee0 00cdbeaa2b139b62de06abcb984da75d3040374d7fd86e850710ddda0a615aa3 Loading...

	js-tag.zemanta.com/zcpt.js	8.1 kB	2023-03-07	2024-01-23
Pretty URL js-tag.zemanta.com/zcpt.js IP 104.22.7.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:52:10 Last Seen2024-01-23 08:30:01 Times Seen59 Hash 6376a488d713d6cf8cf3d1ebfb5e6361 a05464892245481dbe9b965629193e5fbaab7d4c ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899 Loading...

	credito4u.it/pre-landing/?ref=132-	546 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 7c748864ecaba786ef22d9e4a1bd74b4 eaf87782da0e44b07719192e9e21d7ffd71256e6 46a2eb16ed8273947ed13037a030860ea81c4108aa2c48a7efcc05bb38805c49 Loading...

	credito4u.it/pre-landing/?ref=132-	379 B	2023-03-11	2023-03-11
Pretty URL credito4u.it/pre-landing/?ref=132- IP 161.35.72.115 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:33:32 Last Seen2023-03-11 21:33:32 Times Seen1 Hash 752387adf322f8a3d27fd97e62ce083b cba40dcca1ba8488100a2d38f0c35a155d795b38 1f880a4e3e935ab9f8d0fb99d0636277b39c82479f11b20d7ba50d3ef1b956c8 Loading...

HTTP Transactions (59)

URL IP Response Size

tracking.supreminor.com/mbsl/f6612a1d516725be822f3424f22fe64f/f24ba614-4a427dc5-02d4df0c-a40b-5e59/7e27544f-cb1434c3-305f429e-62cf-5d26

185.103.37.69

303 See Other

270 B

URL HTTP/1.1
tracking.supreminor.com/mbsl/f6612a1d516725be822f3424f22fe64f/f24ba614-4a427dc5-02d4df0c-a40b-5e59/7e27544f-cb1434c3-305f429e-62cf-5d26
IP
185.103.37.69:0
ASN
#29119 ServiHosting Networks S.L.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
270 B (270 bytes)
Hash
abe5b2bcb9b0ef989c06cf99af306d80
0538eb367f4dba30fcd5721b39b47289c7e61c1f
6659e93d2951c06127008b63fadac31b6133dc72208a214e1b5548fabbe0233c

HTTP Headers

GET /mbsl/f6612a1d516725be822f3424f22fe64f/f24ba614-4a427dc5-02d4df0c-a40b-5e59/7e27544f-cb1434c3-305f429e-62cf-5d26 HTTP/1.1
Host: tracking.supreminor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Date: Sun, 27 Nov 2022 20:45:26 GMT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-cache, private
Location: https://e-leads.g2afse.com/click?pid=132&offer_id=72&ref_id=M2022112720-8f7a37bcbb157192250081780104b321&sub1=
Content-Encoding: gzip
Age: 0
Vary: , Accept-Encoding
TP-Cache: MISS
Content-Length: 270
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Sun, 27 Nov 2022 21:56:47 GMT
Date: Sun, 27 Nov 2022 20:45:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4013
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:26 GMT
Last-Modified: Sun, 27 Nov 2022 19:38:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3289
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 20:45:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 20:19:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1562
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Whdch/U9kS6ZpjsgMOOZ1j3DcxpMnXO9FFZYG5+jl8Hdfd0tDMwXF9JcK5kwr4r0EqOmKOlzttY=
x-amz-request-id: PDJ2530FH1N8ZGJA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 20:41:47 GMT
age: 219
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
d7648bbf1553af8b50b5502d71cc9c5c
6c2446891570ada39124dac9b45155ec1349d15d
f7c508d740c679d15df967c17f1d4a5ddaedb1697805f213c5611efa9b28faa6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5614
Cache-Control: max-age=103051
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:26 GMT
Etag: "6382a603-13a"
Expires: Tue, 29 Nov 2022 01:22:57 GMT
Last-Modified: Sat, 26 Nov 2022 23:49:23 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 20:45:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e-leads.g2afse.com/click?pid=132&offer_id=72&ref_id=M2022112720-8f7a37bcbb157192250081780104b321&sub1=

34.91.234.242

302 Found

0 B

URL HTTP/2
e-leads.g2afse.com/click?pid=132&offer_id=72&ref_id=M2022112720-8f7a37bcbb157192250081780104b321&sub1=
IP
34.91.234.242:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=132&offer_id=72&ref_id=M2022112720-8f7a37bcbb157192250081780104b321&sub1= HTTP/1.1
Host: e-leads.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Sun, 27 Nov 2022 20:45:26 GMT
content-length: 0
location: https://credito4u.it/pre-landing/?ref=132-
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6383cc669bed930001b0de9a; expires=Mon, 27 Nov 2023 20:45:26 GMT; secure; SameSite=None
afoffers={"72":1669581926}; expires=Mon, 27 Nov 2023 20:45:26 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 20:11:12 GMT
cache-control: public,max-age=3600
age: 2055
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ffa8c3c22f63cc240f1333540de37408
09f006a6b534d3828cbd980cde316f87c0bee80a
49afe874fdae804898741d2b4e86092087ebb71756fd209141a239fcffda4d67

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49AFE874FDAE804898741D2B4E86092087EBB71756FD209141A239FCFFDA4D67"
Last-Modified: Sun, 27 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12038
Expires: Mon, 28 Nov 2022 00:06:05 GMT
Date: Sun, 27 Nov 2022 20:45:27 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4773
Cache-Control: max-age=135658
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:26:25 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2620cb440711056d80ec6ee6a4101116
0de0450475dd899906c36956881f9db5ecad90fd
9a84a21b1cb5e13c925b144beef55b87669a02836087e1a9cf74fa4964ef43f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5257
Cache-Control: max-age=128615
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Etag: "63830b45-117"
Expires: Tue, 29 Nov 2022 08:29:02 GMT
Last-Modified: Sun, 27 Nov 2022 07:01:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

credito4u.it/pre-landing/img/logo1.png

161.35.72.115

200 OK

19 kB

URL HTTP/2
credito4u.it/pre-landing/img/logo1.png
IP
161.35.72.115:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 1594 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18743 bytes)
Hash
16f1cefd3debe5139bad8370de6b0e5e
a6991b836c40e4947933aa66429f583c764fde57
66ad0968164e3309a515ab1e9de5dc9313e46a1df464fe8b035a0e9c978bad40

HTTP Headers

GET /pre-landing/img/logo1.png HTTP/1.1
Host: credito4u.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/pre-landing/?ref=132-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 20:45:27 GMT
content-type: image/png
content-length: 18743
last-modified: Tue, 18 Jan 2022 11:47:08 GMT
etag: "61e6a8bc-4937"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

credito4u.it/pre-landing/?ref=132-

161.35.72.115

200 OK

1.7 kB

URL HTTP/2
credito4u.it/pre-landing/?ref=132-
IP
161.35.72.115:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.7 kB (1732 bytes)
Hash
a419c52ede3a28218d30228eea552216
2f5b85150c522b2e60bd0bd2b399639928ca1102
97f110c6af6c3297fb768322ec1f10fc381166c80398c33594500e46dcb0fb3d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pre-landing/?ref=132- HTTP/1.1
Host: credito4u.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 20:45:27 GMT
content-type: text/html
last-modified: Tue, 18 Jan 2022 11:47:09 GMT
etag: W/"61e6a8bd-1008"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2620cb440711056d80ec6ee6a4101116
0de0450475dd899906c36956881f9db5ecad90fd
9a84a21b1cb5e13c925b144beef55b87669a02836087e1a9cf74fa4964ef43f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5257
Cache-Control: max-age=128615
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Etag: "63830b45-117"
Expires: Tue, 29 Nov 2022 08:29:02 GMT
Last-Modified: Sun, 27 Nov 2022 07:01:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.69.181.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.181.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zKPQoRKtapMxAReqqj2qww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EaYLFsfSCyMEnS7bkBvcLhvw5GI=

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.10.207

200 OK

85 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65325)
Size
85 kB (84829 bytes)
Hash
711fb3a64fdb404adeea16452e620e5e
2d7d3277e5c050208a8ab79772da962d5bed3be1
1ea1f17f38da686c0186f50cc86777ef7c201ca590ceb9c0ff11c42ca172293a

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://credito4u.it
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:45:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 1cef55d752d69f0d0592db3d63902e4a
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 770db525e82e0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1def611ed1604b222e2c1b4e5b4dbbb3
efab3f910adb2498ed4aa794df938959e861b0f1
e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2923
Cache-Control: max-age=97098
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 23:43:45 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: oWWz24D8bHspjCWz2/fYVUqNcTvuDkWCqSYTG8qV+4tD2wb+TtCk2fFIz7YlEcG/gp4H/EJ8lbqSJFsx7jYJGQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Sun, 27 Nov 2022 20:45:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1def611ed1604b222e2c1b4e5b4dbbb3
efab3f910adb2498ed4aa794df938959e861b0f1
e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2923
Cache-Control: max-age=97098
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 23:43:45 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
092abbce301f988f8d54d343658c8373
2bb68673250c48763e86bf547d4bc26c4ae7ee87
d76db1d142bf8afa955a2e83d8f9b26769c59d0493a7061144bd31e39837aaae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5626
Cache-Control: max-age=92578
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:27 GMT
Etag: "63827d0f-116"
Expires: Mon, 28 Nov 2022 22:28:25 GMT
Last-Modified: Sat, 26 Nov 2022 20:54:39 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

a.mgid.com/mgsensor.js?d=1669581927300

104.19.136.78

200 OK

5.0 kB

URL HTTP/2
a.mgid.com/mgsensor.js?d=1669581927300
IP
104.19.136.78:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15105), with no line terminators
Size
5.0 kB (5001 bytes)
Hash
30925aa49bae168b925c277ff21f9019
314a6a77c0564df7fc2c86c3bb0dc5eb356e4887
8bae330a1a197c1aa337c492c0e475adad0d695ad21226ce03f3ee18aef2a579

HTTP Headers

GET /mgsensor.js?d=1669581927300 HTTP/1.1
Host: a.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
x-mg-request-uuid: 8d7b9611-19f5-4d98-b2b3-92ab03a7ccb3
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=uzpP5LOdr8.WEaRliqJ0GUwJ9PWpbr_uLe6JlEm94jg-1669581927-0-AQYGLOmh9swpx0e4nt6sZqwKBmgRdn5Q+Vdz2C8WOx3GeYVeqw+HZeYoJN+NRYIh5lJP6nKIKWjdujb0mXEdCMg=; path=/; expires=Sun, 27-Nov-22 21:15:27 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 770db5287b1ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c6d446b94a817bb0bf88cfa6d978530
cecdea564791e0d8224063580a312a2785778ead
5a0b703b461d1eeb1878b5ca03b1f72485480ee35695ce490063a4890b8cf572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A0B703B461D1EEB1878B5CA03B1F72485480EE35695CE490063A4890B8CF572"
Last-Modified: Sat, 26 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4570
Expires: Sun, 27 Nov 2022 22:01:37 GMT
Date: Sun, 27 Nov 2022 20:45:27 GMT
Connection: keep-alive

spsk.cc/client.js

164.90.162.187

200 OK

1.1 kB

URL HTTP/1.1
spsk.cc/client.js
IP
164.90.162.187:0
ASN
#14061 DIGITALOCEAN-ASN

File type
C++ source, ASCII text
Size
1.1 kB (1078 bytes)
Hash
da2ff49453c029a66f34e3fff42492e9
6d69920ca47162fa44793446ebef7c632b8b5125
18c1d67b135893b7225c17a1936683ba545544e4a41e495742405ddeb6f89c59

HTTP Headers

GET /client.js HTTP/1.1
Host: spsk.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 20:45:28 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1078
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 02 Feb 2021 10:20:37 GMT
ETag: W/"436-17762422118"

analytics.tiktok.com/i18n/pixel/events.js?sdkid=CD74TSJC77U492FA83I0&lib=ttq

23.36.79.32

200 OK

43 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CD74TSJC77U492FA83I0&lib=ttq
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
43 kB (42681 bytes)
Hash
296ef2888e35f0ae4920c5aa9e5083f8
543a60000fdba2333761b6ce0e20a80d64357b83
7435c1d43611b81b33200ce37c112e112208e36c1d0eede43674b027746d930f

HTTP Headers

GET /i18n/pixel/events.js?sdkid=CD74TSJC77U492FA83I0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221127204527219F6B6497AE2402A632
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb29a903d51f2fcf63164750b3b6180ca46c3b211c60da74b414e4b27a0878d7d643d2ac9d596587c2afa584b662ed9106170649ae2d07d83753f632f138d323a7
content-encoding: gzip
x-origin-response-time: 11,23.218.220.137
x-akamai-request-id: fbbac9a.6a9c33ea
expires: Sun, 27 Nov 2022 20:45:27 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 27 Nov 2022 20:45:27 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=11, inner; dur=3
x-parent-response-time: 111,23.36.79.28
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
cadb74aeda6c93624b72907d4123cbc8
1dad6e728067627b58c4c8acdb6385966fda9428
ab919c393d6b5588c13e28a17b79b0e6bf6e9bc920a2e8d0d1ef35a96aaf633e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4329
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:28 GMT
Last-Modified: Sun, 27 Nov 2022 19:33:20 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.tiktok.com/i18n/pixel/config.js?sdkid=CD74TSJC77U492FA83I0&hostname=credito4u.it

23.36.79.32

200 OK

40 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=CD74TSJC77U492FA83I0&hostname=credito4u.it
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type
C source, Unicode text, UTF-8 text, with very long lines (58149)
Size
40 kB (39668 bytes)
Hash
48f0d8a2468fe43f4cb97d60500f232f
bcfb6e9b1cc8ed19f72efd05d6cc95320487b996
e572c0231a4edddb2e42d6b47422e90a5da6e88d0ca527156f16f85953f5164c

HTTP Headers

GET /i18n/pixel/config.js?sdkid=CD74TSJC77U492FA83I0&hostname=credito4u.it HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221127204528BFF2CABB4355B81E6451
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb02a2696852f394bae07797eb6959ba5364df16ec28d4b6d9d1d8b99a758db70347308d965985f74c252b6a41d2196e00b9fcf6b1d5016a5ec42a9072400c2375
content-encoding: gzip
x-origin-response-time: 17,23.218.220.145
x-akamai-request-id: a0413a1c.6a9c3633
expires: Sun, 27 Nov 2022 20:45:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 27 Nov 2022 20:45:28 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2I97QRyW4UTkwcQn4xE72p7mzTd; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=17, inner; dur=14
x-parent-response-time: 118,23.36.79.28
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/750383324/?random=1669581927290&cv=11&fst=1669581927290&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&auid=180735344.1669581927&rfmt=3&fmt=4

142.250.74.66

200 OK

910 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/750383324/?random=1669581927290&cv=11&fst=1669581927290&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&auid=180735344.1669581927&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1943), with no line terminators
Size
910 B (910 bytes)
Hash
6998833e3f48be79b51467ef7791cfeb
a84f24d08581ba2a93eee8f54a27a946ec97f40d
c905d05c2d9786eb24a536161fcb4c0fae4bc7d1aa4895e6f6272bf48fe09b58

HTTP Headers

GET /pagead/viewthroughconversion/750383324/?random=1669581927290&cv=11&fst=1669581927290&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&auid=180735344.1669581927&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 20:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 910
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 27-Nov-2022 21:00:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.tiktok.com/api/v2/pixel

23.36.79.32

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 778
Origin: https://credito4u.it
Connection: keep-alive
Referer: https://credito4u.it/
Cookie: _ttp=2I97QRyW4UTkwcQn4xE72p7mzTd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221127204528F1A359F38D1BB8FFC019
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bbead019ffc3eb784253c5e33477eb98b55d6eb84517781b0eaefaa6bc8127118f591b9190459cf459da318045565d619
expires: Sun, 27 Nov 2022 20:45:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 27 Nov 2022 20:45:28 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=4, origin; dur=117
x-origin-response-time: 118,23.36.79.28
x-akamai-request-id: 6a9c37e0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-124159496-2&cid=1265517241.1669581928&jid=88709814&gjid=849192954&_gid=1320682524.1669581928&_u=YGBAgEABAAAAAEAAI~&z=1380912249

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-124159496-2&cid=1265517241.1669581928&jid=88709814&gjid=849192954&_gid=1320682524.1669581928&_u=YGBAgEABAAAAAEAAI~&z=1380912249
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-124159496-2&cid=1265517241.1669581928&jid=88709814&gjid=849192954&_gid=1320682524.1669581928&_u=YGBAgEABAAAAAEAAI~&z=1380912249 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://credito4u.it
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://credito4u.it
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 20:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/750383324/?random=1669581927290&cv=11&fst=1669579200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&fmt=3&is_vtc=1&random=4082185197&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/750383324/?random=1669581927290&cv=11&fst=1669579200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&fmt=3&is_vtc=1&random=4082185197&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/750383324/?random=1669581927290&cv=11&fst=1669579200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&fmt=3&is_vtc=1&random=4082185197&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 20:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/750383324/?random=1669581927290&cv=11&fst=1669579200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&fmt=3&is_vtc=1&random=4082185197&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/750383324/?random=1669581927290&cv=11&fst=1669579200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&fmt=3&is_vtc=1&random=4082185197&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/750383324/?random=1669581927290&cv=11&fst=1669579200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&tiba=Credito4u.it%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&fmt=3&is_vtc=1&random=4082185197&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 20:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=124547992575739&ev=PageView&dl=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&rl=&if=false&ts=1669581927969&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669581927968.1189874340&it=1669581927309&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=124547992575739&ev=PageView&dl=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&rl=&if=false&ts=1669581927969&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669581927968.1189874340&it=1669581927309&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=124547992575739&ev=PageView&dl=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-&rl=&if=false&ts=1669581927969&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669581927968.1189874340&it=1669581927309&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Nov 2022 20:45:28 GMT
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/unip/1454286/tfa.js

151.101.85.44

200 OK

18 kB

URL HTTP/2
cdn.taboola.com/libtrc/unip/1454286/tfa.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (58482)
Size
18 kB (17939 bytes)
Hash
b8041a2897adc00d661d30f962b7de29
3f518b36be5c9cfccd71120172dca26411f574ea
4d31745940166d1d2446870f3af043efc360f17560736d0cc260e7916a72eca6

HTTP Headers

GET /libtrc/unip/1454286/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 2jNir+1ibiAWb5b2L6x8N374rX1e9rBh8nTAfGB3L5DSxAYSdPqsYYhqfVDnAo55VDD/e4L+oos=
x-amz-request-id: G823VGDMKS1VM8DN
x-amz-replication-status: COMPLETED
last-modified: Sun, 27 Nov 2022 11:20:12 GMT
etag: "539a237355d12dbe21ec4f820d6c3ba1"
x-amz-version-id: YaplHvSGWuNVXybLg0RMthA2_V_OOvsh
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 27 Nov 2022 20:45:28 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1666-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669581928.144338,VS0,VE400
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 2
content-length: 17939
X-Firefox-Spdy: h2

p1.zemanta.com/v2/p/js/41835/PAGE_VIEW/?bust=011646124291092663&optOut=false

104.22.7.45

200 OK

26 B

URL HTTP/2
p1.zemanta.com/v2/p/js/41835/PAGE_VIEW/?bust=011646124291092663&optOut=false
IP
104.22.7.45:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
26 B (26 bytes)
Hash
6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

HTTP Headers

GET /v2/p/js/41835/PAGE_VIEW/?bust=011646124291092663&optOut=false HTTP/1.1
Host: p1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:45:28 GMT
content-type: image/gif
content-length: 26
x-robots-tag: none
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 770db52b5c2fb4f9-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Sun, 27 Nov 2022 22:01:57 GMT
Date: Sun, 27 Nov 2022 20:45:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:54:16 GMT
age: 53472
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8817 bytes)
Hash
741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 10:16:35 GMT
age: 37733
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7380 bytes)
Hash
76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
age: 82994
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10199 bytes)
Hash
2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
age: 82994
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8387 bytes)
Hash
4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: fc238ea9-0169-47fc-b92e-f12b3ee27c72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b433YGtOoAMFexg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d362-2f97c67a2e5f05b6746cf858;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:12:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: oMrdB0NUGe5CqTY7eFd3u8xaSy9TyDdOrf1awBikFJzm3jWreD2irQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 12:30:20 GMT
age: 29708
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5099 bytes)
Hash
433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 82994
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

spsk.cc/api/event

164.90.162.187

204 No Content

0 B

URL HTTP/1.1
spsk.cc/api/event
IP
164.90.162.187:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/event HTTP/1.1
Host: spsk.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://credito4u.it/
Origin: https://credito4u.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 20:45:28 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type

spsk.cc/api/event

164.90.162.187

200 OK

16 B

URL HTTP/1.1
spsk.cc/api/event
IP
164.90.162.187:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

POST /api/event HTTP/1.1
Host: spsk.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://credito4u.it/
content-type: application/json
Origin: https://credito4u.it
Content-Length: 111
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 20:45:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"

trc-events.taboola.com/1454286/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=100&ssd=1&est=1669581928191&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669581929753&vi=1669581928190&ri=bbfbd56b66278d9c7c1d9e012a8ed906&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1454286/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=100&ssd=1&est=1669581928191&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669581929753&vi=1669581928190&ri=bbfbd56b66278d9c7c1d9e012a8ed906&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1454286/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=100&ssd=1&est=1669581928191&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669581929753&vi=1669581928190&ri=bbfbd56b66278d9c7c1d9e012a8ed906&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132- HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://credito4u.it
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sun, 27 Nov 2022 20:45:30 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://credito4u.it
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

trc-events.taboola.com/1454286/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=100&ssd=1&est=1669581928191&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669581932755&vi=1669581928190&ri=bbfbd56b66278d9c7c1d9e012a8ed906&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1454286/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=100&ssd=1&est=1669581928191&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669581932755&vi=1669581928190&ri=bbfbd56b66278d9c7c1d9e012a8ed906&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1454286/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=100&ssd=1&est=1669581928191&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669581932755&vi=1669581928190&ri=bbfbd56b66278d9c7c1d9e012a8ed906&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132- HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://credito4u.it
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sun, 27 Nov 2022 20:45:33 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://credito4u.it
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

js-tag.zemanta.com/zcpt.js

104.22.7.45

200 OK

0 B

URL HTTP/2
js-tag.zemanta.com/zcpt.js
IP
104.22.7.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /zcpt.js HTTP/1.1
Host: js-tag.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:45:28 GMT
content-type: application/javascript
x-amz-id-2: /aaBaQKaygIqSEaGz63ohFGe+Ardx83cGJlnRvT1wVyx6urCiyClsVTuiVMHeIltOTQ9OsvDxwg=
x-amz-request-id: HGTTK1W16QQM60WZ
last-modified: Tue, 13 Sep 2022 07:47:59 GMT
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
vary: Accept-Encoding
server: cloudflare
cf-ray: 770db52adb3eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

trc.taboola.com/1454286/trc/3/json?tim=1669581928195&data=%7B%22id%22%3A820%2C%22ii%22%3A%22%2Fpre-landing%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669581928190%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D132-%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3De-leads-financial-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669581928194%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i

151.101.85.44

200 OK

0 B

URL HTTP/2
trc.taboola.com/1454286/trc/3/json?tim=1669581928195&data=%7B%22id%22%3A820%2C%22ii%22%3A%22%2Fpre-landing%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669581928190%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D132-%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3De-leads-financial-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669581928194%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1454286/trc/3/json?tim=1669581928195&data=%7B%22id%22%3A820%2C%22ii%22%3A%22%2Fpre-landing%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669581928190%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D132-%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3De-leads-financial-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669581928194%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcredito4u.it%2Fpre-landing%2F%3Fref%3D132-%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 27 Nov 2022 20:45:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1666-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669581929.626921,VS0,VE105
vary: Accept-Encoding
x-vcl-time-ms: 105
X-Firefox-Spdy: h2

credito4u.it/favicon.ico

161.35.72.115

404 Not Found

0 B

URL HTTP/2
credito4u.it/favicon.ico
IP
161.35.72.115:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: credito4u.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/pre-landing/?ref=132-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 27 Nov 2022 20:45:27 GMT
content-type: text/html
last-modified: Tue, 18 Jan 2022 09:07:14 GMT
etag: W/"328-5d5d7985fea9f"
content-encoding: br
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/identify.js

23.36.79.32

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/i18n/pixel/identify.js
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://credito4u.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211272045275317D337503EFFFEBA60
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb410876a1f960c1093ec15d696f5d075c4d7504bca012d03c04a74b95522c0d4b1e4188389803442ac75b905d0cd46457c0111e8b172cbba3adc17a776e307062
content-encoding: gzip
x-origin-response-time: 9,23.218.220.152
x-akamai-request-id: 44afbed9.6a9c35f5
expires: Sun, 27 Nov 2022 20:45:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 27 Nov 2022 20:45:28 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-152.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=9, inner; dur=4
x-parent-response-time: 107,23.36.79.28
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations