it.younited-credit.com Open in urlscan Pro
2620:1ec:bdf::44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://echo7.bluehornet.com/ct/58894863:6CHVyg2vN:m:1:3293117526:A1266BCD2A60423769C7165B7D19C25E:r
Effective URL:
https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
Submission: On November 30 via api (November 30th 2021, 8:42:47 am UTC) from BE — Scanned from DE

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 58 IPs in 9 countries across 49 domains to perform 105 HTTP transactions. The main IP is 2620:1ec:bdf::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is it.younited-credit.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 22nd 2021. Valid for: a year.

This is the only time it.younited-credit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.241.231.49 44.241.231.49	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	18.66.112.56 18.66.112.56	16509 (AMAZON-02) (AMAZON-02)
1	188.165.150.177 188.165.150.177	16276 (OVH) (OVH)
2 6	109.232.194.94 109.232.194.94	50234 (EULERIAN-AS) (EULERIAN-AS)
10	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.22 13.32.121.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	78.46.61.107 78.46.61.107	24940 (HETZNER-AS) (HETZNER-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.252.190.62 34.252.190.62	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:1c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.206.77 52.222.206.77	16509 (AMAZON-02) (AMAZON-02)
1	18.192.185.171 18.192.185.171	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
3 4	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	99.81.7.40 99.81.7.40	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	3.124.83.68 3.124.83.68	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.157.150.79 18.157.150.79	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	35.157.241.218 35.157.241.218	16509 (AMAZON-02) (AMAZON-02)
1	35.186.243.160 35.186.243.160	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:6600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.86.197.188 54.86.197.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:b51a:2bef:14:5241	14618 (AMAZON-AES) (AMAZON-AES)
1	75.101.253.183 75.101.253.183	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
105	58

1 44.241.231.49 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-231-49.us-west-2.compute.amazonaws.com

echo7.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.56 (United States)

ASN16509 (AMAZON-02, US)

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 109.232.194.94 (France) 2 redirects

ASN50234 (EULERIAN-AS, FR)
PTR: et1.eulerian.net

yoc.younited-credit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

it.younited-credit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

yuc-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4832 (United States)

ASN13335 (CLOUDFLARENET, US)

hhlwcyg0ce.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-22.fra60.r.cloudfront.net

cdn.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.61.107 (Leipzig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu-log-parser05.kameleoon.net

eu-tlp05.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.190.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-190-62.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:1c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-77.fra56.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.185.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-185-171.eu-central-1.compute.amazonaws.com

collection.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.13 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.7.40 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-7-40.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.83.68 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-83-68.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.150.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (Paris, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.241.218 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-241-218.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.243.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.243.186.35.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.133.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.197.188 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-197-188.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:b51a:2bef:14:5241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.253.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-253-183.compute-1.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	younited-credit.com 2 redirects yoc.younited-credit.com it.younited-credit.com	439 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	6 KB
6	yahoo.com 1 redirects ads.yahoo.com ups.analytics.yahoo.com sp.analytics.yahoo.com	3 KB
6	google.de www.google.de	954 B
6	google.com 1 redirects www.google.com	1 KB
6	criteo.com 1 redirects gum.criteo.com mug.criteo.com sslwidget.criteo.com dis.criteo.com	14 KB
5	google-analytics.com www.google-analytics.com	21 KB
5	kameleoon.eu hhlwcyg0ce.kameleoon.eu eu-tlp05.kameleoon.eu	49 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	quantserve.com secure.quantserve.com pixel.quantserve.com	21 KB
4	googletagmanager.com www.googletagmanager.com	166 KB
4	tradedoubler.com 1 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	6 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	2 KB
3	azureedge.net yuc-cdn.azureedge.net	67 KB
2	mgid.com 1 redirects cm.mgid.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	717 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com cdn.stickyadstv.com	1 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	3lift.com 1 redirects eb2.3lift.com	734 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	360yield.com 1 redirects ad.360yield.com	854 B
2	bing.com c.bing.com	744 B
2	facebook.com www.facebook.com	619 B
2	quantcount.com rules.quantcount.com	1 KB
2	facebook.net connect.facebook.net	37 KB
2	decibelinsight.net cdn.decibelinsight.net collection.decibelinsight.net	71 KB
2	trustpilot.com widget.trustpilot.com	9 KB
1	yieldmo.com sync-criteo.ads.yieldmo.com	456 B
1	smaato.net s.ad.smaato.net	240 B
1	ivitrack.com matching.ivitrack.com	242 B
1	omnitagjs.com visitor.omnitagjs.com	235 B
1	sharethrough.com match.sharethrough.com	263 B
1	media.net contextual.media.net	785 B
1	teads.tv criteo-sync.teads.tv	172 B
1	adform.net cm.adform.net	162 B
1	taboola.com sync-t1.taboola.com	231 B
1	pubmatic.com simage2.pubmatic.com	341 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	outbrain.com sync.outbrain.com	476 B
1	cloudfront.net d6tizftlrpuof.cloudfront.net	8 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	usabilla.com w.usabilla.com	11 KB
1	criteo.net static.criteo.net	14 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	googleapis.com fonts.googleapis.com	1010 B
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	bluehornet.com 1 redirects echo7.bluehornet.com	677 B
105	49

	Domain	Requested by
10	it.younited-credit.com	it.younited-credit.com
6	www.google.de	it.younited-credit.com
6	www.google.com	1 redirects it.younited-credit.com
6	yoc.younited-credit.com	2 redirects it.younited-credit.com yoc.younited-credit.com
5	www.google-analytics.com	yoc.younited-credit.com www.google-analytics.com az416426.vo.msecnd.net it.younited-credit.com
4	secure.adnxs.com	3 redirects
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
4	www.googletagmanager.com	yoc.younited-credit.com www.googletagmanager.com
4	eu-tlp05.kameleoon.eu	hhlwcyg0ce.kameleoon.eu
3	ups.analytics.yahoo.com	1 redirects
3	yuc-cdn.azureedge.net	it.younited-credit.com yuc-cdn.azureedge.net
2	i.liadm.com	2 redirects
2	cm.mgid.com	1 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ad.360yield.com	1 redirects
2	ads.yahoo.com
2	c.bing.com
2	dis.criteo.com
2	pixel.quantserve.com	it.younited-credit.com
2	stats.g.doubleclick.net	az416426.vo.msecnd.net
2	www.facebook.com	it.younited-credit.com
2	gum.criteo.com	1 redirects static.criteo.net
2	rules.quantcount.com	secure.quantserve.com
2	secure.quantserve.com	yoc.younited-credit.com clk.tradedoubler.com
2	connect.facebook.net	yoc.younited-credit.com connect.facebook.net
2	widget.trustpilot.com	it.younited-credit.com widget.trustpilot.com
2	clk.tradedoubler.com	1 redirects
1	sp.analytics.yahoo.com
1	sync-criteo.ads.yieldmo.com
1	i6.liadm.com
1	s.ad.smaato.net
1	matching.ivitrack.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	visitor.omnitagjs.com
1	match.sharethrough.com
1	contextual.media.net
1	criteo-sync.teads.tv
1	cm.adform.net
1	sync-t1.taboola.com
1	simage2.pubmatic.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	cm.g.doubleclick.net	1 redirects
1	collection.decibelinsight.net	az416426.vo.msecnd.net
1	d6tizftlrpuof.cloudfront.net	it.younited-credit.com
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com	it.younited-credit.com
1	www.googleadservices.com	yoc.younited-credit.com
1	w.usabilla.com	it.younited-credit.com
1	static.criteo.net	yoc.younited-credit.com
1	fonts.gstatic.com	fonts.googleapis.com
1	az416426.vo.msecnd.net	it.younited-credit.com
1	cdn.decibelinsight.net	it.younited-credit.com
1	hhlwcyg0ce.kameleoon.eu	it.younited-credit.com
1	fonts.googleapis.com	yuc-cdn.azureedge.net
1	cdnjs.cloudflare.com	it.younited-credit.com
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	echo7.bluehornet.com	1 redirects
105	64

This site contains no links.

Subject Issuer	Validity	Valid
*.tradedoubler.com R3	`2021-09-18` - `2021-12-17`	3 months	crt.sh
it.younited-credit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-22` - `2022-06-16`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
yoc.younited-credit.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.trustpilot.com Amazon	`2021-04-03` - `2022-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.decibelinsight.net Amazon	`2021-03-15` - `2022-04-13`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
kameleoon.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-24` - `2022-04-23`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
w.usabilla.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
itm.ivitrack.com R3	`2021-10-17` - `2022-01-15`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh

This page contains 7 frames:

Primary Page: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
Frame ID: 7B08E54FAE29F4C2CA7B22A4641F9D33
Requests: 67 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/ld.js
Frame ID: F2DF2220C1CCA140A66A816BA5013243
Requests: 2 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: EF28269B0F6F1927454321134E31834F
Requests: 3 HTTP requests in this frame

Frame: https://w.usabilla.com/6a78217cc121.js?lv=1
Frame ID: C5DBB2AE23985CCEACF557F4375782E2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=it.younited-credit.com&origin=onetag
Frame ID: 6C696B94AA4D33C6960AB987FB4892C9
Requests: 2 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/younitedcredit-button-0951fccc0ca45c130aebb6b463f9cc63.png
Frame ID: 0EC4A01E061DD8F0175FE7B8726EC01F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: 1932EBA12DC0D49CAE33D69C93196FBC
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Younited Credit - Prestiti Personali Online

Page URL History Show full URLs

https://echo7.bluehornet.com/ct/58894863:6CHVyg2vN:m:1:3293117526:A1266BCD2A60423769C7165B7D19C25E:r HTTP 302
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click... Page URL
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click... HTTP 302
http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?e... HTTP 302
https://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?e... HTTP 302
https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1 Page URL

Page Statistics

105
Requests

87 %
HTTPS

39 %
IPv6

49
Domains

64
Subdomains

58
IPs

9
Countries

1041 kB
Transfer

2478 kB
Size

68
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://echo7.bluehornet.com/ct/58894863:6CHVyg2vN:m:1:3293117526:A1266BCD2A60423769C7165B7D19C25E:r HTTP 302
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail= Page URL
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail= HTTP 302
http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail= HTTP 302
https://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail= HTTP 302
https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://echo7.bluehornet.com/ct/58894863:6CHVyg2vN:m:1:3293117526:A1266BCD2A60423769C7165B7D19C25E:r HTTP 302
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=

Request Chain 56

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638261762749&cv=9&fst=1638261762749&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&is_vtc=1&random=893629317&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&is_vtc=1&random=893629317&resp=GooglemKTybQhCsO&ipr=y

Request Chain 61

https://gum.criteo.com/sid/json?origin=onetag&domain=younited-credit.com&sn=ChromeSyncframe&so=0&topUrl=it.younited-credit.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Q6Gd8XxENzVqTEN3TFo0M250RkNiYVpNcGRYMy81Y3VpZURwNXAzbGkyVm96SnVSL2Fkd2hEbnE1bUdJWUI5dHhJeTJtdDg4c1B6SkNRMHNzQjQzcXBtdzV5VUx3NVlFVmF0TnlodURyOTh1Uy9JUzhHM2I5TUhKNDVOUXdzTktBbVJraXVTY2FpbUZNS2pqT1hoYy8vVWkxVmFQRWN6M2xJY096L1hIUU1yL2ZvcHhINkxjeENoRU1HQVdLelRwWWVzN2xLemlTbGV1SDlSQjgrdHNUSXA1aHpucVNLaHNubGYwdDNyRHZhVTBIaXk0UjFUY3AyRVFKTWorYXFDNGd1eVQ3cktYQTJHYWgwR2xpK3NicHZrTDF6dz09fA&cppv=2

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1xQzJKR3l2TklzSDJxLXUydkF0M2pIV21Ddm15WlN4eEhmdExJQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 79

https://secure.adnxs.com/setuid?entity=52&code=k-WmtFBCvNIsH2q-u2vAt3jHWmCvmPcvnGBnJcMw&seg=130915 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-WmtFBCvNIsH2q-u2vAt3jHWmCvmPcvnGBnJcMw%26seg%3D130915

Request Chain 82

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PTvz9CvNIsH2q-u2vAt3jHWmCvmV29cDhbTZYg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PTvz9CvNIsH2q-u2vAt3jHWmCvmV29cDhbTZYg&verify=true

Request Chain 83

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0T-GnSvNIsH2q-u2vAt3jHWmCvkCWxy-YXsnDg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0T-GnSvNIsH2q-u2vAt3jHWmCvkCWxy-YXsnDg

Request Chain 85

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1zeQ0yvNIsH2q-u2vAt3jHWmCvk5dhn2qwUBSQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1zeQ0yvNIsH2q-u2vAt3jHWmCvk5dhn2qwUBSQ&C=1

Request Chain 89

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1nC02yvNIsH2q-u2vAt3jHWmCvngiJ0c5h1tAg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1nC02yvNIsH2q-u2vAt3jHWmCvngiJ0c5h1tAg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 90

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-EIZB0SvNIsH2q-u2vAt3jHWmCvnenbdMKjYM0Q&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EIZB0SvNIsH2q-u2vAt3jHWmCvnenbdMKjYM0Q&expires=30

Request Chain 94

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-EqVfKSvNIsH2q-u2vAt3jHWmCvknAeV9-oPJtQ&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 95

https://pixel.advertising.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1&apid=UP7be6693c-51b9-11ec-a359-06db969b4c24

Request Chain 98

https://cm.mgid.com/m?cdsp=617660&c=k-zqeuwSvNIsH2q-u2vAt3jHWmCvnrglaouxBiUw HTTP 307
https://cm.mgid.com/m?c=k-zqeuwSvNIsH2q-u2vAt3jHWmCvnrglaouxBiUw&cdsp=617660&sct=1

Request Chain 99

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw&_li_chk=true&previous_uuid=79fdadd741064e7fa0c5eb95aaaa974b HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw

Request Chain 103

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2215398891111602457

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

https://echo7.bluehornet.com/ct/58894863:6CHVyg2vN:m:1:3293117526:A1266BCD2A60423769C7165B7D19C25E:r
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=

1 KB
1 KB

37ms
11ms

Document
text/html

35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: f75599e9b0766e2c9f8f7812411a7bc0bc69613b1c7f33ea5735df60f36b13c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Tue, 30 Nov 2021 08:42:41 GMT
content-length: 1170
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Tue, 30 Nov 2021 08:42:41 GMT
content-type: text/html; charset=utf-8
content-length: 287
location: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=
server: Apache
vary: X-Forwarded-Proto,Accept-Encoding
amfplus-ver: 1.4.0.0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
4 KB 33ms
6ms Script
application/javascript 18.66.112.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 09:17:39 GMT
Content-Encoding: gzip
Age: 343502
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
ETag: W/"2509-57841106334e6"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 fb49d852ca52c03c834ce98098b51517.cloudfront.net (CloudFront)
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: r6Gq2fyAJEE4ZP5nadSX36vsvWY6BJ6M2NQ9HYaL_e-15hxZPHrjwA==
Expires: Fri, 03 Dec 2021 09:17:39 GMT

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 90ms
19ms Ping
text/html 188.165.150.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS: lb01.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clk.tradedoubler.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 08:42:41 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
it.younited-credit.com/lp/landing-page_taeg001/
Redirect Chain

https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=
http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=
https://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=
https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

58 KB
14 KB

338ms
216ms

Document
text/html

2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a12bc21199e9b4cf291e2203f906b59c3b4ce04759b1c6cd7950bba84b7bdeb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://clk.tradedoubler.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.tradedoubler.com/

Response headers

cache-control: private
content-length: 13917
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-cache: PRIVATE_NOSTORE
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; preload
x-xss-protection: 1; mode=block
x-azure-ref-originshield: 0AeSlYQAAAAAYTRYWpiC+S4Yr8nMOLZVPQU1TMDRFREdFMTkxNwAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
x-azure-ref: 0AeSlYQAAAADWZ5AcIddTQ4SnpBqbAGywRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
date: Tue, 30 Nov 2021 08:42:42 GMT

Redirect headers

Date: Tue, 30 Nov 2021 08:42:41 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

GET
H2 200 design-pattern-build.css
yuc-cdn.azureedge.net/cdn-public/design-pattern/css/ 459 KB
51 KB 178ms
40ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CCB) /
Resource Hash: 5a1ff7b6d0d393da16cdf1618110d47f5966581810db2471616a5a46f0f14f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
content-md5: BU46NM48c93mjVSFtOogww==
age: 343
x-cache: HIT
content-length: 51794
x-ms-lease-status: unlocked
last-modified: Thu, 25 Nov 2021 13:28:40 GMT
server: ECAcc (mil/6CCB)
etag: 0x8D9B0177EC7F941
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ef014dc3-001e-0067-10c5-e55f29000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=1200
x-ms-version: 2009-09-19
expires: Tue, 30 Nov 2021 09:02:42 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 155ms
32ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1859172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEOQEk%2BCvpi%2F%2FeN14IwO32x%2Bmd%2FuBNMzBIyVpJUoTq0DNi1lQizst5o09cCanJkJLBqdHHtNzck27CnavJGlB54TVMAMaZkRSPQ16dkMGu6vzWkzssWH2AfGoiT2SAgOVS7l4B00eDBmQ%2Bj67GfCfA6L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b62c8adfdc30f7a-MXP
expires: Sun, 20 Nov 2022 08:42:42 GMT

GET
H2 200 jquery.min.js Show response
it.younited-credit.com/Contents/js/ 84 KB
30 KB 19ms
18ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://it.younited-credit.com/Contents/js/jquery.min.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62bbf148389344b6f69d013ba66a870f4abcea2e08f8a4b0d5bc94756fca999c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 05c2lYQAAAACTfDC3ETBlS6wZ5Zh+w3ZZQU1TMDRFREdFMTkxOQAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 30103
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
last-modified: Wed, 10 Nov 2021 17:48:20 GMT
date: Tue, 30 Nov 2021 08:42:42 GMT
x-azure-ref: 0AuSlYQAAAACJNiS938vPRZ5hhd945UGeRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
etag: "0a15265bd6d71:0"
accept-ranges: bytes

GET
H/1.1 200
OK / Show response
yoc.younited-credit.com/info/pret-dunion/ 662 B
677 B 71ms
20ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/info/pret-dunion/?eul_media={media}&eul_publisher={publisher}&eul_ope={ope}&eul_slkeyword={slkeyword}&eul_location={location}&eul_creative={creative}&eul_date={date}&eul_via={via}&eul_keyword={keyword}&eul_searchengine={searchengine}&eul_slpublisher={slpublisher}&eul_publisherurl={publisherurl}&eul_email={email}&eul_refererdomain={refererdomain}

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

1cecce11ca35430ed81c6e3bf16a37ea8b4b9923ec1754ba3c1445472748e477

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Tue, 30 Nov 2021 08:42:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
Content-Type: application/javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Vary: User-Agent
Content-Length: 218
X-XSS-Protection: 0
Keep-Alive: timeout=4

GET
H2 200 logo-white.svg
it.younited-credit.com/Contents/img/brand/ 18 KB
4 KB 17ms
17ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/Contents/img/brand/logo-white.svg

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 0PsKlYQAAAADgPw/wAypDQLW82OU0tmN4QU1TMDRFREdFMTgwOAAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 3389
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
last-modified: Wed, 10 Nov 2021 17:47:18 GMT
date: Tue, 30 Nov 2021 08:42:42 GMT
x-azure-ref: 0AuSlYQAAAACUWcXziDJLS7B3Ph5nRP1/RlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
etag: "0972015bd6d71:0"
accept-ranges: bytes

GET
H2 200 logo.svg
it.younited-credit.com/media/1242/ 10 KB
10 KB 14ms
13ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/1242/logo.svg

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b7be7a5e1f0db7846d6086dbc9cd793697b3758bc683ee840c04d6a4daedf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 16:34:38 GMT
x-azure-ref-originshield: 0DdulYQAAAAA0kBsWr7SlTIzRhmUIYkDXQU1TMDRFREdFMTgxOQAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "0a3429a72ffd41:0"
x-azure-ref: 0AuSlYQAAAABSRMZ6x1t7To56v8A3YDqNRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 08:42:42 GMT
accept-ranges: bytes
content-length: 9748
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 macaron-25.png
it.younited-credit.com/media/200200/ 16 KB
16 KB 17ms
17ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/200200/macaron-25.png

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3754d6d9f76d35b69b3aeeb3656e2e82628379be032c1dc824c610253fa40db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Mon, 29 Nov 2021 08:27:56 GMT
x-azure-ref-originshield: 0kOOlYQAAAADLb5HZIx06TYbQp/vKv4vCQU1TMDRFREdFMTkyMAAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "2b63c92fbe4d71:0"
x-azure-ref: 0AuSlYQAAAAAFEFVxNQQRRo3edEtdAj1RRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 08:42:42 GMT
accept-ranges: bytes
content-length: 16620
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 logo-white.svg
it.younited-credit.com/media/1225/ 18 KB
18 KB 13ms
13ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/1225/logo-white.svg

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 16:34:54 GMT
x-azure-ref-originshield: 0kOOlYQAAAACiX9ALgtRkSYgDR3g4exV2QU1TMDRFREdFMTkxOAAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "0bcca372ffd41:0"
x-azure-ref: 0AuSlYQAAAACFdmRBlimoSaSe+IN8UHcyRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 08:42:42 GMT
accept-ranges: bytes
content-length: 18229
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 app-80ec458b95.js Show response
it.younited-credit.com/Contents/js/ 33 KB
12 KB 13ms
13ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://it.younited-credit.com/Contents/js/app-80ec458b95.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

81592355fbcd77f55c410975e614c28aed5c374de385ea98eba8c8ac654b5fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 0DbClYQAAAADQPmlZVI8FTp/apx5AAkHIQU1TMDRFREdFMTgxMAAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 11922
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
last-modified: Wed, 10 Nov 2021 17:48:20 GMT
date: Tue, 30 Nov 2021 08:42:42 GMT
x-azure-ref: 0AuSlYQAAAACFc7VaQvqHRbvN5k9zWFTNRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
etag: "0a15265bd6d71:0"
accept-ranges: bytes

GET
H2 200 tp.widget.sync.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 1 KB
1 KB 22ms
7ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2ae052d5fd6e01daee9b546c30e182308a083261ee6a1920c30625a2d81c5a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 10394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 30 Nov 2021 05:49:29 GMT
content-length: 725
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 12:14:13 GMT
server: AmazonS3
etag: "a8b627afb958156461c3c99288acacf5"
content-type: application/x-javascript
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 3yjmkWvj5Oj1K0jNFYcORS4cNqAPfkH7K47oygctHjk3fZ8Bh0s3Tw==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1010 B 40ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,&display=swap

Requested by

Host: yuc-cdn.azureedge.net
URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4da10e43a814d869169a6105d1ded3f864d6e502372a50bf1453c6e2e5141d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yuc-cdn.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 08:42:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 08:42:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H2 200 kameleoon.js Show response
hhlwcyg0ce.kameleoon.eu/ 194 KB
48 KB 57ms
26ms Script
application/javascript 2606:4700:20::ac43:4832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba719b6366028770cae8f983921755cbcf0a383a4ae8ffa0c0896ba7e767e142

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 15:29:38 GMT
server: cloudflare
age: 596
etag: W/"60bf8ce2-30836"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeJI4SrmzIyaTiVbji17pNGWSqr1SSzzGle6n%2BOGM4uHBuOsOVfCFXdybLFgCC7S6vozD00ta5fES5LgNyHNb%2FXeE2dig2QHHm2qbtjyJPI90xKAz%2FWYkKLDRncClcpDfnnhoGcjzwAb2uiuHk6ohLmnQETG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b62c8af083ac281-FRA
expires: Tue, 30 Nov 2021 10:02:46 GMT

GET
H2 200 di.js Show response
cdn.decibelinsight.net/i/13934/308885/ 174 KB
68 KB 38ms
11ms Script
text/javascript 13.32.121.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.decibelinsight.net/i/13934/308885/di.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-22.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

82279adb1e8eedf4b67db88608f6ec98c7e57603d95bdc9bc1716486a8e7c53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/000076220-17D6C14BFA2
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: private, max-age=5400
access-control-allow-credentials: true
x-cache: Hit from cloudfront
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id: 6x0vZ6hUg-CzGbVbqY6rsNkAw_xIrUo6yqn4fzNfyvw3iGxFDgJ-Dg==

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 179ms
40ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 283
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (mil/6C34)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8a6de178-601e-0053-63c5-e5cb41000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 30 Nov 2021 09:12:42 GMT

GET
H2 200 wave-bottom-grey.svg
yuc-cdn.azureedge.net/cdn-public/design-pattern/img/ 809 B
642 B 43ms
42ms Image
image/svg+xml 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/img/wave-bottom-grey.svg
Requested by: Host: yuc-cdn.azureedge.net
URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C3A) /
Resource Hash: 3b2668e035d74099f90fe3e6aa91166e561dcbf36ba4859048f8959fa2371ff8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
content-md5: ZSLvaSYthhg/sZ8aVjBSGQ==
age: 439
x-cache: HIT
content-length: 467
x-ms-lease-status: unlocked
last-modified: Thu, 25 Nov 2021 13:28:40 GMT
server: ECAcc (mil/6C3A)
etag: 0x8D9B0177EC6E7EC
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e2b1f283-b01e-004d-3cc5-e58039000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Wed, 30 Nov 2022 08:42:42 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ 47 KB
48 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.younited-credit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:36:22 GMT
x-content-type-options: nosniff
age: 529580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 05:36:22 GMT

GET
H2 200 icomoon.ttf
yuc-cdn.azureedge.net/cdn-public/design-pattern/fonts/ 15 KB
15 KB 163ms
43ms Font
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/fonts/icomoon.ttf?baw927
Requested by: Host: yuc-cdn.azureedge.net
URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C11) /
Resource Hash: 19755018177b924e15d7e49f6d6684957f2a00cbf6b60f879a641bd3aedc4e2d

Request headers

Referer: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Origin: https://it.younited-credit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 08:42:42 GMT
content-md5: Vq6RRhztCBLhyGT4NGnS/Q==
age: 283
x-cache: HIT
content-length: 15040
x-ms-lease-status: unlocked
last-modified: Thu, 25 Nov 2021 13:28:40 GMT
server: ECAcc (mil/6C11)
etag: 0x8D9B0177EC51351
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 11a2939e-c01e-0068-66c5-e52945000000
access-control-expose-headers: *
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 30 Nov 2022 08:42:42 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 22 KB
8 KB 8ms
8ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a9ddd05afc7b255840510e1d40fda6304d6dc5695fa2ef4c40424d1507d2cfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 18027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 30 Nov 2021 03:42:16 GMT
content-length: 7358
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 12:14:12 GMT
server: AmazonS3
etag: "158ca99a1f63568e56a39abb980c9aa7"
content-type: application/x-javascript
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 6UxvwkbpYjeoh8WKarPaqSFrwA4_Mjgfw6u3Q72Q1AStb-Ygyb9-RA==

GET
H2 200 trustpilot-eccezionale-v4.png
it.younited-credit.com/media/197707/ 29 KB
29 KB 18ms
17ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/197707/trustpilot-eccezionale-v4.png

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad3f80b08c66a47028346bd3b29d415d9db2a1872c77caa76026b417940d1e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Fri, 04 Sep 2020 11:44:36 GMT
x-azure-ref-originshield: 0ZpelYQAAAAD/OUOFBMUFSJ/Wyda6zkwiQU1TMDRFREdFMTgxMgAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "0ea82c3b082d61:0"
x-azure-ref: 0AuSlYQAAAADmJ6ydOeNsRL7CiMhWKcoeRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 08:42:42 GMT
accept-ranges: bytes
content-length: 29280
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 image.png
it.younited-credit.com/media/197692/ 277 KB
277 KB 20ms
18ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/197692/image.png

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5af481e00104cb300af0320bd7caef469f46f7ec7dc460ae441221bfc12994ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 16:32:12 GMT
x-azure-ref-originshield: 0keOlYQAAAADnv7dHT+vLRa92buCgVKT2QU1TMDRFREdFMTkxNQAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "0ce79c6f82d61:0"
x-azure-ref: 0AuSlYQAAAACDvdwA0ABwQp0ljIzBdUGURlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 08:42:42 GMT
accept-ranges: bytes
content-length: 283195
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 online-2.png
it.younited-credit.com/media/196450/ 4 KB
4 KB 16ms
15ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/196450/online-2.png

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

836f1c9fd0c0631f0d60eed8dfff6e1e4ec7d6409d347067e691de5da7c9ebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Wed, 18 Mar 2020 09:41:40 GMT
x-azure-ref-originshield: 0ZpelYQAAAADJWQlnTiJURagzbjExx1ugQU1TMDRFREdFMTkxOQAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "022d96c9fdd51:0"
x-azure-ref: 0AuSlYQAAAAAEXSbybwnYSY8peaJSfS9vRlJBRURHRTEwMTIAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 08:42:42 GMT
accept-ranges: bytes
content-length: 4244
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp05.kameleoon.eu/ 0
142 B 58ms
11ms XHR
text/plain 78.46.61.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp05.kameleoon.eu/visit.gif?lp=3&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT0xNmxmZGdsamU3Ymt3NDczJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9M0VEREE2N0FBOEVCMUNBNCZldmVudFR5cGU9cGFnZSZ0aW1lPTE2MzgyNjE3NjI0NTcmaHJlZj1odHRwcyUzQSUyRiUyRml0LnlvdW5pdGVkLWNyZWRpdC5jb20lMkZscCUyRmxhbmRpbmctcGFnZV90YWVnMDAxJnRpdGxlPVlvdW5pdGVkJTIwQ3JlZGl0JTIwLSUyMFByZXN0aXRpJTIwUGVyc29uYWxpJTIwT25saW5lJmtleVBhZ2VzPSU1Qm51bGwlNUQmcmVmZXJyZXJzPSU1Qm51bGwlNUQ%3D
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.61.107 Leipzig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser05.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 08:42:42 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp05.kameleoon.eu/ 0
142 B 57ms
11ms XHR
text/plain 78.46.61.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp05.kameleoon.eu/visit.gif?lp=3&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT0xNmxmZGdsamU3Ymt3NDczJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9MkNFNjA3NENBRjU0MUMxNCZldmVudFR5cGU9c3RhdGljRGF0YSZ0aW1lPTE2MzgyNjE3NjI0NTkmdGltZVNpbmNlUHJldmlvdXNWaXNpdD0wJmxhbmRpbmdQYWdlSHJlZj1odHRwcyUzQSUyRiUyRml0LnlvdW5pdGVkLWNyZWRpdC5jb20lMkZscCUyRmxhbmRpbmctcGFnZV90YWVnMDAxJTJGJTNGQnVzaW5lc3NQcm92aWRlckNvZGUlM0RZVUMtQUZGSUwlMjZlY3RyYW5zJTNEMSZsYW5kaW5nUGFnZVRpdGxlPVlvdW5pdGVkJTIwQ3JlZGl0JTIwLSUyMFByZXN0aXRpJTIwUGVyc29uYWxpJTIwT25saW5lJmxhbmRpbmdQYWdlcz0lNUJudWxsJTVEJmZpcnN0UmVmZXJyZXJIcmVmPWh0dHBzJTNBJTJGJTJGY2xrLnRyYWRlZG91Ymxlci5jb20lMkYmZmlyc3RSZWZlcnJlcnM9JTVCbnVsbCU1RCZsYW5ndWFnZT1udWxsJmJyb3dzZXI9MCZicm93c2VyVmVyc2lvbj05NiZtb2JpbGVCcm93c2VyPWZhbHNlJm9zPTAmd2luZG93V2lkdGg9MTYwMCZ3aW5kb3dIZWlnaHQ9MTIwMCZzY3JlZW5XaWR0aD0xNjAwJnNjcmVlbkhlaWdodD0xMjAwJmphdmFFbmFibGVkPWZhbHNlJnRpbWVab25lSWQ9RXRjJTJGVW5rbm93biZsb2NhbGVMYW5ndWFnZVRhZz1lbi1VUyZkZXZpY2VUeXBlPURFU0tUT1AmYnJvd3Nlck5hbWU9Q2hyb21lJm9zTmFtZT1XaW5kb3dzJnRpbWVab25lR3JvdXBzPSU1Qm51bGwlNUQmdmlzaXROdW1iZXI9MA%3D%3D
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.61.107 Leipzig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser05.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 08:42:42 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp05.kameleoon.eu/ 0
142 B 56ms
11ms XHR
text/plain 78.46.61.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp05.kameleoon.eu/visit.gif?lp=3&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT0xNmxmZGdsamU3Ymt3NDczJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9MEQ1Q0Q5RUM3QTIzRjJBQiZldmVudFR5cGU9YWN0aXZpdHkmdGltZT0xNjM4MjYxNzYyNDYwJmFjdGl2ZT10cnVlJm51bWJlckNsaWNrcz0wJnRhYkNvdW50PTA%3D
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.61.107 Leipzig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser05.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 08:42:42 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp05.kameleoon.eu/ 0
142 B 54ms
11ms XHR
text/plain 78.46.61.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp05.kameleoon.eu/visit.gif?lp=3&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT0xNmxmZGdsamU3Ymt3NDczJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9MDg5NDE4QzIwNEQ2NDIwNiZldmVudFR5cGU9Y29udGFpbmVycyZ0aW1lPTE2MzgyNjE3NjI0NjMmaWQwPTEzMzA3NiZtZW50YWxpc3REZWNpc2lvbjA9ZmFsc2UmdHJhaW4wPXRydWUmdHlwZTA9RVhQRVJJTUVOVCZ2YXJpYXRpb25JZDA9MCZudW1iZXI9MQ%3D%3D
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.61.107 Leipzig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser05.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 08:42:42 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 200
OK yoc8312.js Show response
yoc.younited-credit.com/ 35 KB
13 KB 19ms
18ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/yoc8312.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

77fd3d8f24f22d189394898b078cabbbd0eccf555ef1361d29ab5d650495c45d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 08:42:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 12458
X-XSS-Protection: 0
Expires: Tue, 30 Nov 2021 09:42:42 GMT

GET
H/1.1 200
OK 1958346168 Show response
yoc.younited-credit.com/col980a/-/ 20 KB
6 KB 72ms
72ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/col980a/-/1958346168?ss=1600x1200&urlp=desktop%2F%2F%2F%2FNew_Landing_Page-TAEG001&rf=https%3A%2F%2Fclk.tradedoubler.com%2F&abTest=t&fra=0&sd=24&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

8fa3458f1bf8041eb5765ec25e8b859aa63432d7efa4edc31f070f88a66d3f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Tue, 30 Nov 2021 08:42:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
Content-Type: application/javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Vary: User-Agent
Content-Length: 6063
X-XSS-Protection: 0
Keep-Alive: timeout=4

GET
H/1.1 200
OK w.js Show response
yoc.younited-credit.com/ 9 KB
4 KB 18ms
18ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/w.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

56f4201510afb724858564187afde49d779f0d0e52534e463e6661f563de20af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 08:42:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 3340
X-XSS-Protection: 0
Expires: Tue, 30 Nov 2021 09:42:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: ZATX2jO7fkVDsmsfEaqZ4wvAI0kz3dKMXkko0kwyiueR7HWYl3qZjCc5I5bxsuQx6buwYrH7xFVbD0UqVJoDUA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 30 Nov 2021 08:42:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 58ms
35ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963354740

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b34e618906806ea910ec6502ef0c441860a02de1322421fcea3c2f59d610fa03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50830
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
31 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M254Q6Q&l=gtmDataLayer

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/col980a/-/1958346168?ss=1600x1200&urlp=desktop%2F%2F%2F%2FNew_Landing_Page-TAEG001&rf=https%3A%2F%2Fclk.tradedoubler.com%2F&abTest=t&fra=0&sd=24&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e73a2966e0843c535618a0d6f89d28d1e648afe4368157b9208d8feef789f760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31313
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 31ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128244744-2

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07ab40aebe652878471e606a1dff19d1c45d7e9ecbab4d9944202f6961285c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36140
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6095
date: Tue, 30 Nov 2021 07:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 09:01:07 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 55ms
12ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/col980a/-/1958346168?ss=1600x1200&urlp=desktop%2F%2F%2F%2FNew_Landing_Page-TAEG001&rf=https%3A%2F%2Fclk.tradedoubler.com%2F&abTest=t&fra=0&sd=24&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 07 Dec 2021 08:42:42 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame F2DF 41 KB
14 KB 60ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 08:29:00 GMT
server: nginx
etag: W/"615c0ccc-a373"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 01 Dec 2021 08:42:42 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame EF28 24 KB
10 KB 36ms
8ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNa1wo2ShpIFVTH6X55umAEOM8eozfw--/?eemail=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 07 Dec 2021 08:42:42 GMT

GET
H2 200 6a78217cc121.js Show response
w.usabilla.com/ Frame C5DB 35 KB
11 KB 109ms
32ms Script
text/javascript 34.252.190.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/6a78217cc121.js?lv=1
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.190.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-190-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 167b0bc44cfe5f8f12bab04d9a7c1875d4a55bae50de918c23f669e936da8c5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "543f38339eebf411ad46d2361734b65f"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 10964

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 68ms
43ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/yoc8312.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H3 200 1289765604402216 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 47ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1289765604402216?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

970ab41ea61ecc43401a41a75248fce304c95ecbb8b24a2652dbc488ebc099e7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: myrPWVly93rB9uY2lPvPCx5u39L2Hx/ckQyspXWYZFhnVvgbA+NL1lpTPjgEzgUvA5REYSSk83oA0SREsoPnnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Nov 2021 08:42:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 22ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 08:48:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 34ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963354740&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128244744-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6226ae349ca889003708c420615f780301df628cae0de3717e4086c36ccedeac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50836
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H2 200 rules-p-gsJG0w14zfeQ6.js Show response
rules.quantcount.com/ Frame EF28 209 B
672 B 51ms
8ms Script
application/javascript 2600:9000:223c:1c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gsJG0w14zfeQ6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f3c77a6e5c32429b02f2aee787967f77badd448b3d61159b4f2f2c9198181cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:32:49 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 1305
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Wed, 22 Apr 2020 08:21:36 GMT
server: AmazonS3
etag: "d97b9b4c24d2d301892e64003b1640fb"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: DoJXnD5aDHzGTxwf0s3PLFp0Ah-V1RThK21hIm1NSMfkd6KRUk6TtA==

GET
H2 200 rules-p-gsJG0w14zfeQ6.js Show response
rules.quantcount.com/ 209 B
672 B 43ms
7ms Script
application/javascript 2600:9000:223c:1c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gsJG0w14zfeQ6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f3c77a6e5c32429b02f2aee787967f77badd448b3d61159b4f2f2c9198181cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:32:49 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 1305
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Wed, 22 Apr 2020 08:21:36 GMT
server: AmazonS3
etag: "d97b9b4c24d2d301892e64003b1640fb"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: 6XYxjZki5kOGLo1G7b57kMvtNaxLvpg-uent3yoJ57PW2aJjqPTknQ==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6C69 11 KB
5 KB 50ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=it.younited-credit.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2245
date: Tue, 30 Nov 2021 08:42:42 GMT
content-length: 4685

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1455891700&t=pageview&_s=1&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dp=desktop%2F%2F%2F%2FNew_Landing_Page-TAEG001&ul=en-us&de=UTF-8&dt=Younited%20Credit%20-%20Prestiti%20Personali%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aKBAAAIREAAAAC~&jid=31445270&gjid=263587067&cid=5534108440256657629&tid=UA-137580775-2&_gid=1477788359.1638261763&_r=1&_slc=1&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=&cm1=NaN&cm2=NaN&cm3=NaN&z=1413429185

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1455891700&t=event&ni=1&_s=1&dr=&dp=desktop%2F%2F%2F%2FNew_Landing_Page-TAEG001&ul=en-us&de=UTF-8&dt=Younited%20Credit%20-%20Prestiti%20Personali%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=none&cs=none&cm=none&ec=none&ea=hit_event&el=none&_u=aKDAAUIREAAAAC~&jid=1346981408&gjid=703520465&cid=5534108440256657629&tid=UA-128244744-2&_gid=1477788359.1638261763&_r=1&gtm=2ouba1&z=1715871511

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1455891700&t=pageview&_s=2&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dp=desktop%2F%2F%2F%2FNew_Landing_Page-TAEG001&ul=en-us&de=UTF-8&dt=Younited%20Credit%20-%20Prestiti%20Personali%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aKBAAAIREAAAAC~&jid=&gjid=&cid=5534108440256657629&tid=UA-137580775-2&_gid=1477788359.1638261763&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=&cm1=NaN&cm2=NaN&cm3=NaN&z=1508602906

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 20:41:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43284
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 26ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1289765604402216&ev=PageView&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&rl=https%3A%2F%2Fclk.tradedoubler.com%2F&if=false&ts=1638261762740&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=28&fbp=fb.1.1638261762740.126407249&it=1638261762649&coo=false&rqm=GET

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 26ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1289765604402216&ev=ViewContent&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&rl=https%3A%2F%2Fclk.tradedoubler.com%2F&if=false&ts=1638261762742&cd[currency]=EUR&cd[value]=0&cd[content_type]=product&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=28&fbp=fb.1.1638261762740.126407249&it=1638261762649&coo=false&rqm=GET

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 08:42:42 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 2 KB
2 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638261762743&cv=9&fst=1638261762743&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed15f8ab7de4eacd5a3de40fc33632ca711d127566e590ea72ce2bdc8f397a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1110
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 3 KB
1 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638261762748&cv=9&fst=1638261762748&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbda0b9171f99e1e74c42667b444c1159a58c96b16a9bd02a7e846e0ea8cb5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 2 KB
1 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638261762749&cv=9&fst=1638261762749&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

134d8da173ef124f4fb9cbb8f845a94aa83f7b4e6f1b92749e5750ee9db2f052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/963354740/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638261762749&cv=9&fst=1638261762749&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

36ms
22ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&is_vtc=1&random=893629317&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&is_vtc=1&random=893629317&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 65ms
18ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137580775-2&cid=5534108440256657629&jid=31445270&gjid=263587067&_gid=1477788359.1638261763&_u=aKBAAAIQEAAAAC~&z=1085231517

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 08:42:42 GMT
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 63ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128244744-2&cid=5534108440256657629&jid=1346981408&gjid=703520465&_gid=1477788359.1638261763&_u=aKDAAUIREAAAAC~&z=574211767

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 08:42:42 GMT
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=521664086;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1;ref=https%...
pixel.quantserve.com/ 35 B
475 B 23ms
14ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=521664086;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1;ref=https%3A%2F%2Fclk.tradedoubler.com%2F;uht=2;fpan=1;fpa=P0-397961842-1638261762792;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;d=younited-credit.com;je=0;sr=1600x1200x24;dst=0;et=1638261762792;tzo=0;ogl=type.website%2Ctitle.Younited%20Credit%20-%20Prestiti%20Personali%20Online%2Curl.https%3A%2F%2Fit%252Eyounited-credit%252Ecom%2Flp%2Flanding-page_taeg001%2Cimage.https%3A%2F%2Fit%252Eyounited-credit%252Ecom%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC%2Clocale.it-IT%2Csite_name.Younited%20Credit%20-%20Prestiti%20Personali%20Online

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=2088802295;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1;uht=2;fpa...
pixel.quantserve.com/ Frame EF28 35 B
475 B 20ms
12ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2088802295;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1;uht=2;fpan=1;fpa=P0-2114677741-1638261762793;pbc=;ns=1;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=younited-credit.com;je=0;sr=1600x1200x24;dst=0;et=1638261762793;tzo=0;ogl=

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6C69
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=younited-credit.com&sn=ChromeSyncframe&so=0&topUrl=it.younited-credit.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Q6Gd8XxENzVqTEN3TFo0M250RkNiYVpNcGRYMy81Y3VpZURwNXAzbGkyVm96SnVSL2Fkd2hEbnE1bUdJWUI5dHhJeTJtdDg4c1B6SkNRMHNzQjQzcXBtdzV5VUx3NVlFVmF0TnlodURyOTh1Uy9JUzhHM2I5TUhKNDVOUX...

447 B
634 B

57ms
20ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Q6Gd8XxENzVqTEN3TFo0M250RkNiYVpNcGRYMy81Y3VpZURwNXAzbGkyVm96SnVSL2Fkd2hEbnE1bUdJWUI5dHhJeTJtdDg4c1B6SkNRMHNzQjQzcXBtdzV5VUx3NVlFVmF0TnlodURyOTh1Uy9JUzhHM2I5TUhKNDVOUXdzTktBbVJraXVTY2FpbUZNS2pqT1hoYy8vVWkxVmFQRWN6M2xJY096L1hIUU1yL2ZvcHhINkxjeENoRU1HQVdLelRwWWVzN2xLemlTbGV1SDlSQjgrdHNUSXA1aHpucVNLaHNubGYwdDNyRHZhVTBIaXk0UjFUY3AyRVFKTWorYXFDNGd1eVQ3cktYQTJHYWgwR2xpK3NicHZrTDF6dz09fA&cppv=2

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6403cd1e33c209c27e64f867fea2133d7ec9bd4e812d25c5d4207cb999bb2c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 30 Nov 2021 08:42:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3784
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Nov 2021 08:42:41 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Q6Gd8XxENzVqTEN3TFo0M250RkNiYVpNcGRYMy81Y3VpZURwNXAzbGkyVm96SnVSL2Fkd2hEbnE1bUdJWUI5dHhJeTJtdDg4c1B6SkNRMHNzQjQzcXBtdzV5VUx3NVlFVmF0TnlodURyOTh1Uy9JUzhHM2I5TUhKNDVOUXdzTktBbVJraXVTY2FpbUZNS2pqT1hoYy8vVWkxVmFQRWN6M2xJY096L1hIUU1yL2ZvcHhINkxjeENoRU1HQVdLelRwWWVzN2xLemlTbGV1SDlSQjgrdHNUSXA1aHpucVNLaHNubGYwdDNyRHZhVTBIaXk0UjFUY3AyRVFKTWorYXFDNGd1eVQ3cktYQTJHYWgwR2xpK3NicHZrTDF6dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2393
content-length: 541
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/963354740/ 42 B
108 B 44ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963354740/?random=1638261762743&cv=9&fst=1638259200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=3099760487&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963354740/ 42 B
108 B 46ms
21ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638261762743&cv=9&fst=1638259200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=3099760487&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963354740/ 42 B
548 B 43ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963354740/?random=1638261762748&cv=9&fst=1638259200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=4123328527&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963354740/ 42 B
108 B 48ms
22ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638261762748&cv=9&fst=1638259200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=4123328527&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963354740/ 42 B
108 B 47ms
23ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=896657429&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963354740/ 42 B
548 B 45ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638261762749&cv=9&fst=1638259200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_taeg001%2F%3FBusinessProviderCode%3DYUC-AFFIL%26ectrans%3D1&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=896657429&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137580775-2&cid=5534108440256657629&jid=31445270&_u=aKBAAAIQEAAAAC~&z=1361478972

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
32ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137580775-2&cid=5534108440256657629&jid=31445270&_u=aKBAAAIQEAAAAC~&z=1361478972

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
33ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128244744-2&cid=5534108440256657629&jid=1346981408&_u=aKDAAUIREAAAAC~&z=1676573392

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
34ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128244744-2&cid=5534108440256657629&jid=1346981408&_u=aKDAAUIREAAAAC~&z=1676573392

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ Frame F2DF 7 KB
7 KB 69ms
30ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=72428&v=5.8.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=AluFe19Jdk1TUFdoNGxNSDd2dXNJeDZPbHNZb0YlMkJ1aFF6a2gya1Ixa3RVVTM5a3dHMlVETnN5WUJxSHNDbWNaWXgzTUxjV1ZvRVZLTW1BNFQ3RDhydzAyZ0x0TXJWTmNrVnBuMnZhWXREQmxQSjZYbmhaNFBNcnNhOFY3Nm4xa3Rsc0hFUXFURERXTWdvSVFJWmkybmM1ODN2YTBUaHJzUEtyT3BrNVVxcG14c0R3byUzRA&tld=younited-credit.com&dtycbr=30481
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: a525362624af8f7ff0add8bbf0ab41a7e8a4c8e9bcc374c89341fceb29e8d48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
content-type: application/x-javascript
server: Kestrel
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14189805
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK younitedcredit-button-0951fccc0ca45c130aebb6b463f9cc63.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 0EC4 7 KB
8 KB 37ms
10ms Image
image/png 52.222.206.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/younitedcredit-button-0951fccc0ca45c130aebb6b463f9cc63.png
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_taeg001/?BusinessProviderCode=YUC-AFFIL&ectrans=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87395fad36f313213d546112a618dc37dfa856289c5e28b3eb2ec59f2aec380c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 14:51:21 GMT
Via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 01 Jun 2021 07:19:36 GMT
Server: AmazonS3
Age: 6889882
ETag: "0951fccc0ca45c130aebb6b463f9cc63"
X-Cache: Hit from cloudfront
x-amz-version-id: bXvzrgJcCJ04yfBGApnVGdjmaeS8Yb7I
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 7458
X-Amz-Cf-Id: IZFa3uVvPkv68SmYHJg3u3Tl3AdzQIPu-luxucKt9QhMncKY3jjXPw==

GET
H/1.1 200
OK c.json Show response
collection.decibelinsight.net/i/13934/308885/ 5 KB
3 KB 40ms
10ms XHR
application/json 18.192.185.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.decibelinsight.net/i/13934/308885/c.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.192.185.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-185-171.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

86c342af9ce7ee7617ff3a0ad3855b3e5adad226fc48adee1fe94e20ee1c2d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 08:42:42 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
ETag: W/000061123-17D7002AB8E
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://it.younited-credit.com
Cache-Control: private, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1932
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1xQzJKR3l2TklzSDJxLXUydkF0M2pIV21Ddm15WlN4eEhmdExJQQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
341 B

14ms
13ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 207759
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 1932 0
476 B 366ms
90ms Image
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-1BBoyivNIsH2q-u2vAt3jHWmCvk20iRRnayshQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 08:42:43 GMT
Cache-Control: no-cache
X-TraceId: 8674caa2b90079b071c1a7c75aca6f74
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1932 0
239 B 34ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-PR8vkyvNIsH2q-u2vAt3jHWmCvmGumyVpBJGRQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1932 43 B
163 B 93ms
24ms Image
image/gif 185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-90z4HSvNIsH2q-u2vAt3jHWmCvn672es9l0GLw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 1932
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-WmtFBCvNIsH2q-u2vAt3jHWmCvmPcvnGBnJcMw&seg=130915
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-WmtFBCvNIsH2q-u2vAt3jHWmCvmPcvnGBnJcMw%26seg%3D130915

43 B
1 KB

14ms
13ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-WmtFBCvNIsH2q-u2vAt3jHWmCvmPcvnGBnJcMw%26seg%3D130915

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 08:42:43 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ed89d342-9271-4c23-92d5-b0eda9a50ce7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 08:42:43 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 30560c97-2d8a-4d83-bcf1-3545d8b35628
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-WmtFBCvNIsH2q-u2vAt3jHWmCvmPcvnGBnJcMw%26seg%3D130915
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 c.gif
c.bing.com/ Frame 1932 42 B
593 B 62ms
36ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-WmtFBCvNIsH2q-u2vAt3jHWmCvmPcvnGBnJcMw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B81127185CFF49B492BE692DCDBF29C1 Ref B: FRAEDGE1213 Ref C: 2021-11-30T08:42:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 1932 0
447 B 81ms
25ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 1932
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PTvz9CvNIsH2q-u2vAt3jHWmCvmV29cDhbTZYg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PTvz9CvNIsH2q-u2vAt3jHWmCvmV29cDhbTZYg&verify=true

0
395 B

13ms
13ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PTvz9CvNIsH2q-u2vAt3jHWmCvmV29cDhbTZYg&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PTvz9CvNIsH2q-u2vAt3jHWmCvmV29cDhbTZYg&verify=true
date: Tue, 30 Nov 2021 08:42:42 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 1932
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0T-GnSvNIsH2q-u2vAt3jHWmCvkCWxy-YXsnDg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0T-GnSvNIsH2q-u2vAt3jHWmCvkCWxy-YXsnDg

43 B
447 B

31ms
31ms

Image
image/gif

99.81.7.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0T-GnSvNIsH2q-u2vAt3jHWmCvkCWxy-YXsnDg
Protocol: H2
Server: 99.81.7.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-7-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Nov 2021 08:42:43 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0T-GnSvNIsH2q-u2vAt3jHWmCvkCWxy-YXsnDg
date: Tue, 30 Nov 2021 08:42:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1932 42 B
341 B 59ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NTMmdGw9NDMyMDA=&piggybackCookie=uid:k-YrlBDivNIsH2q-u2vAt3jHWmCvnY_QzS-RamlQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:41 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:425
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 1932
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1zeQ0yvNIsH2q-u2vAt3jHWmCvk5dhn2qwUBSQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1zeQ0yvNIsH2q-u2vAt3jHWmCvk5dhn2qwUBSQ&C=1

43 B
1 KB

29ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1zeQ0yvNIsH2q-u2vAt3jHWmCvk5dhn2qwUBSQ&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 08:42:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 08:42:43 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 08:42:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1zeQ0yvNIsH2q-u2vAt3jHWmCvk5dhn2qwUBSQ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Tue, 30 Nov 2021 08:42:43 GMT

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1932 0
231 B 73ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-7eQ-NSvNIsH2q-u2vAt3jHWmCvlhM4s3kwEg7g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8096

GET
H2 200 pixel
cm.adform.net/ Frame 1932 43 B
162 B 82ms
19ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-3t8nxyvNIsH2q-u2vAt3jHWmCvmNVshCcFRCIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
last-modified: Wed, 10 Apr 2019 11:14:34 GMT
server: nginx
accept-ranges: bytes
etag: "5cadd01a-2b"
content-length: 43
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 1932 23 B
172 B 117ms
44ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-OiB6HCvNIsH2q-u2vAt3jHWmCvkDTEafNT7DzQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 30 Nov 2021 08:42:43 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 1932
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1nC02yvNIsH2q-u2vAt3jHWmCvngiJ0c5h1tAg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1nC02yvNIsH2q-u2vAt3jHWmCvngiJ0c5h1tAg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1nC02yvNIsH2q-u2vAt3jHWmCvngiJ0c5h1tAg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-1nC02yvNIsH2q-u2vAt3jHWmCvngiJ0c5h1tAg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 30 Nov 2021 08:42:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 1932
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-EIZB0SvNIsH2q-u2vAt3jHWmCvnenbdMKjYM0Q&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EIZB0SvNIsH2q-u2vAt3jHWmCvnenbdMKjYM0Q&expires=30

43 B
495 B

20ms
20ms

Image
image/gif

3.124.83.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EIZB0SvNIsH2q-u2vAt3jHWmCvnenbdMKjYM0Q&expires=30
Protocol: HTTP/1.1
Server: 3.124.83.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-83-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 08:42:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EIZB0SvNIsH2q-u2vAt3jHWmCvnenbdMKjYM0Q&expires=30
Date: Tue, 30 Nov 2021 08:42:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame 1932 45 B
785 B 100ms
53ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-aE8mqSvNIsH2q-u2vAt3jHWmCvkCuCgya9EyZQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 30 Nov 2021 08:42:43 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 30 Nov 2021 08:42:43 GMT

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 1932 68 B
263 B 24ms
7ms Image
image/png 18.157.150.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Wy5_EyvNIsH2q-u2vAt3jHWmCvl1-QBZETIXeQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.150.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
content-length: 68
content-type: image/png

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 1932 49 B
235 B 57ms
19ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-OrVPLCvNIsH2q-u2vAt3jHWmCvnycZDItr3iWw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 1932
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-EqVfKSvNIsH2q-u2vAt3jHWmCvknAeV9-oPJtQ&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

117ms
19ms

Image
image/gif

2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 08:42:43 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1638261763.dop014.ml1.t,1638261763.cds025.ml1.shn,1638261763.cds025.ml1.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 08:42:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1638261763358086-415
Expires: Tue, 30 Nov 2021 08:42:43 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 1932
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1&apid=UP7be6693c-51b9-11ec-a359-06db969b4c24

0
593 B

13ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1&apid=UP7be6693c-51b9-11ec-a359-06db969b4c24

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-XGBS9yvNIsH2q-u2vAt3jHWmCvnppNEBxXeYfg&_origin=1&apid=UP7be6693c-51b9-11ec-a359-06db969b4c24
date: Tue, 30 Nov 2021 08:42:43 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
matching.ivitrack.com/ Frame 1932 42 B
242 B 39ms
16ms Image
image/gif 35.186.243.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-wbQniivNIsH2q-u2vAt3jHWmCvnQb1tLhj-GLg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.243.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.243.186.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:42 GMT
via: 1.1 google
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 42

GET
H2 204 /
s.ad.smaato.net/c/ Frame 1932 0
240 B 22ms
7ms Image
text/plain 2600:9000:223f:6600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ziNO5yvNIsH2q-u2vAt3jHWmCvnxImv59NJIgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 0LA6QowhmRJUCt1KuLFtow0-049dOyYGYhyz6lPUEoXY6COmm5MM9g==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H3

200

m
cm.mgid.com/ Frame 1932
Redirect Chain

https://cm.mgid.com/m?cdsp=617660&c=k-zqeuwSvNIsH2q-u2vAt3jHWmCvnrglaouxBiUw
https://cm.mgid.com/m?c=k-zqeuwSvNIsH2q-u2vAt3jHWmCvnrglaouxBiUw&cdsp=617660&sct=1

43 B
501 B

82ms
69ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=k-zqeuwSvNIsH2q-u2vAt3jHWmCvnrglaouxBiUw&cdsp=617660&sct=1
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b62c8b42bad4401-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: http://cm.mgid.com/m?c=k-zqeuwSvNIsH2q-u2vAt3jHWmCvnrglaouxBiUw&cdsp=617660&sct=1
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b62c8b3ad8468ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 1932
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw&_li_chk=true&previous_uuid=79fdadd741064e7fa0c5eb95aaaa974b
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw

43 B
447 B

302ms
99ms

Image
image/gif

2600:1f18:444a:4602:b51a:2bef:14:5241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 08:42:43 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 355b9e9283f190bb
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZX76BivNIsH2q-u2vAt3jHWmCvnM0sn8jVFMnw
Date: Tue, 30 Nov 2021 08:42:43 GMT
Connection: keep-alive
trace-id: 1e891a726341ffcb
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 1932 43 B
456 B 326ms
102ms Image
image/gif 75.101.253.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-pt2g-CvNIsH2q-u2vAt3jHWmCvkFExUfsxhbFQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.253.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-253-183.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Nov 2021 08:42:43 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 1932 43 B
717 B 101ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:43 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Tue, 30 Nov 2021 08:42:43 GMT

GET
H2 200 c.gif
c.bing.com/ Frame 1932 42 B
151 B 31ms
30ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-_IseAyvNIsH2q-u2vAt3jHWmCvmQrbmrQJ4TiQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07D9E794590D4850A98E4761F423EE28 Ref B: FRAEDGE1213 Ref C: 2021-11-30T08:42:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1932
Redirect Chain

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2215398891111602457

43 B
342 B

17ms
17ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2215398891111602457
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 08:42:42 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2098308
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 08:42:43 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d6d5c4ef-80f1-4208-a266-a84d563ba463
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2215398891111602457
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 1932 0
19 B 22ms
22ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:42:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/13934/	1970-01-20 07:49:57	Name: da_lid Value: -A9FC6AE29A72EA0B2186BB990B2430B209\|0\|0\|0
.decibelinsight.net/i/13934/	1970-01-19 23:04:23	Name: da_sid Value: 9ACF59D18E32AE90B4D7AA1349267AB9BA\|3\|0\|3
i.liadm.com/s	1970-01-19 23:47:33	Name: _li_ss Value: MgkI_____wcQ_xA
echo7.bluehornet.com/	1970-01-19 23:14:26	Name: AWSALB Value: /ReYx+D0Poj8A+Bn+udjMpmuLGQpKgWUWdEORtqyB0yEBrxzpn2zBjZAj6AqFPAyxsgG0aD+tmKOkCY3rpvsjWnAMKzPa58rzGFRPpYvjKUUz/biCRAQrWlUCbXK
echo7.bluehornet.com/	1970-01-19 23:14:26	Name: AWSALBCORS Value: /ReYx+D0Poj8A+Bn+udjMpmuLGQpKgWUWdEORtqyB0yEBrxzpn2zBjZAj6AqFPAyxsgG0aD+tmKOkCY3rpvsjWnAMKzPa58rzGFRPpYvjKUUz/biCRAQrWlUCbXK
.tradedoubler.com/	1970-01-20 07:49:57	Name: EH_0 Value: 1z11z1zrMz7pwemz1NvuyZGn5BX9yDn3nv5puHAD5Yie5j.sEhpbiCOrdHId8apqdKPY3R9w2o3nhWFtAanKK
.tradedoubler.com/	1970-01-20 07:49:57	Name: GUID Value: 1z11zzrMz287fQ8z0a350b662c1a70607ce4905a5d2397a1
.tradedoubler.com/	1970-01-20 07:49:57	Name: TradeDoublerGUID Value: 0a350b662c1a70607ce4905a5d2397a1
.younited-credit.com/	1970-01-20 08:30:16	Name: etuix Value: NL0x9RdECq_IsR4_.8No9gUd0ksKqJgUIVeN.cfZsEuocyP_2Snwjg--
.it.younited-credit.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: fe8ba5874f2eb34b38e674a372298fa8aafeb0e0a9073716d64c76f083ee3801
.it.younited-credit.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: fe8ba5874f2eb34b38e674a372298fa8aafeb0e0a9073716d64c76f083ee3801
.younited-credit.com/	1970-01-20 08:11:33	Name: kameleoonVisitorCode Value: _js_16lfdglje7bkw473
.it.younited-credit.com/	1970-01-20 16:35:33	Name: _ga Value: GA1.3.5534108440256657629
.it.younited-credit.com/	1970-01-19 23:05:48	Name: _gid Value: GA1.3.1477788359.1638261763
.younited-credit.com/	1970-01-20 01:13:57	Name: _gcl_au Value: 1.1.1945955523.1638261763
.it.younited-credit.com/	1970-01-19 23:04:21	Name: _gat Value: 1
.younited-credit.com/	1970-01-20 16:35:33	Name: _ga Value: GA1.2.5534108440256657629
.younited-credit.com/	1970-01-19 23:05:48	Name: _gid Value: GA1.2.1477788359.1638261763
.younited-credit.com/	1970-01-19 23:04:21	Name: _gat_gtag_UA_128244744_2 Value: 1
.younited-credit.com/	1970-01-20 01:13:57	Name: _fbp Value: fb.1.1638261762740.126407249
.facebook.com/	1970-01-20 01:13:57	Name: fr Value: 01O7pQVotEuHQVdVo..BhpeQC...1.0.BhpeQC.
.criteo.com/	1970-01-20 08:25:57	Name: uid Value: d3707c0b-8922-4c3e-a50c-2f5f1ffb17a0
.quantserve.com/	1970-01-20 01:13:57	Name: d Value: EFwBBgHsJAIYlcHtBKrDgg0YwpSN
.quantserve.com/	1970-01-20 08:34:36	Name: mc Value: 61a5e402-c5b79-44c8f-fbe4f
.younited-credit.com/	1970-01-20 08:28:50	Name: __qca Value: P0-2114677741-1638261762793
.younited-credit.com/	1970-01-20 08:33:45	Name: cto_bundle Value: AluFe19Jdk1TUFdoNGxNSDd2dXNJeDZPbHNZb0YlMkJ1aFF6a2gya1Ixa3RVVTM5a3dHMlVETnN5WUJxSHNDbWNaWXgzTUxjV1ZvRVZLTW1BNFQ3RDhydzAyZ0x0TXJWTmNrVnBuMnZhWXREQmxQSjZYbmhaNFBNcnNhOFY3Nm4xa3Rsc0hFUXFURERXTWdvSVFJWmkybmM1ODN2YTBUaHJzUEtyT3BrNVVxcG14c0R3byUzRA
.younited-credit.com/	1970-01-19 23:04:23	Name: da_sid Value: 9ACF59D18E32AE90B4D7AA1349267AB9BA\|3\|0\|3
.younited-credit.com/	1970-01-20 07:49:57	Name: da_lid Value: A9FC6AE29A72EA0B2186BB990B2430B209\|0\|0\|0
.younited-credit.com/	1970-01-19 23:04:23	Name: da_intState Value:
.adnxs.com/	1970-01-20 01:13:57	Name: uuid2 Value: 2215398891111602457
.doubleclick.net/	1970-01-20 08:25:57	Name: IDE Value: AHWqTUnt-0hkKgYlqRIf-yOk_Kn-dLKaFcLMqbKHaXYgvLO2tuIMyyXLYGLCm3j_LKA
.pubmatic.com/	1970-01-20 01:13:57	Name: PUBMDCID Value: 3
.bing.com/	1970-01-20 08:25:57	Name: MUID Value: 047704E433AF66CB18D0141B327D67D7
.yahoo.com/	1970-01-20 07:50:19	Name: A3 Value: d=AQABBAPkpWECEII-kUtS7DRTnHJQ735n0C8FEgEBAQE1p2GvYQAAAAAA_eMAAA&S=AQAAAmtoDPZEMEjHRLI662DEjiU
.3lift.com/	1970-01-20 01:13:57	Name: tluid Value: 5845950837075463394
.bidswitch.net/	1970-01-20 07:49:57	Name: tuuid Value: e64765c5-6cb2-4c01-98ee-80b912fed783
.bidswitch.net/	1970-01-20 07:49:57	Name: c Value: 1638261763
.bidswitch.net/	1970-01-20 07:49:57	Name: tuuid_lu Value: 1638261763
.360yield.com/	1970-01-20 01:13:57	Name: tuuid Value: 61f9bf83-a5bd-4629-b5e6-08e1ee7a5953
.360yield.com/	1970-01-20 01:13:57	Name: tuuid_lu Value: 1638261763
.sharethrough.com/	1970-01-20 07:49:57	Name: stx_user_id Value: 83fa6d39-3000-483d-8c0b-0063059b0a20
.casalemedia.com/	1970-01-20 07:49:57	Name: CMID Value: YaXkAxWVe.3N9d2FPVyOKwAA
.casalemedia.com/	1970-01-20 01:13:57	Name: CMPS Value: 5203
.taboola.com/	1970-01-20 07:49:57	Name: t_gid Value: f684c7c1-545d-4f24-bbfc-87c541f8a8de-tuct89f6983
.360yield.com/	1970-01-20 01:13:57	Name: um Value: !38,Cc2SsmsU-9rI7QALUG8qQq8hXzHQJLfpdjaD7HXCqb9a602zGyo.WJdssBhPIqzLj5Og8hX9,1646037763
.360yield.com/	1970-01-20 01:13:57	Name: umeh Value: !38,0,1700469763,-1
.casalemedia.com/	1970-01-20 01:13:57	Name: CMPRO Value: 1212
.casalemedia.com/	1970-01-20 07:49:57	Name: CMRUM3 Value: 1461a5e4032760k-1zeQ0yvNIsH2q-u2vAt3jHWmCvk5dhn2qwUBSQ
.casalemedia.com/	1970-01-19 23:05:48	Name: CMST Value: YaXkA2Gl5AMA
.advertising.com/	1970-01-20 07:51:24	Name: APID Value: UP7be6693c-51b9-11ec-a359-06db969b4c24
.analytics.yahoo.com/	1970-01-20 07:51:24	Name: IDSYNC Value: "18zh~21tk:1761~21tk"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP7be6693c-51b9-11ec-a359-06db969b4c24
.yahoo.com/	1970-01-19 23:05:48	Name: APIDTS Value: 1638261763
.media.net/	1970-01-20 07:49:57	Name: visitor-id Value: 2812633639538175000V10
.media.net/	1970-01-19 23:47:33	Name: data-c-ts Value: 1638261763
.media.net/	1970-01-19 23:47:33	Name: data-c Value: k-aE8mqSvNIsH2q-u2vAt3jHWmCvkCuCgya9EyZQ~~3
.adnxs.com/	1970-01-20 01:13:57	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2H`hDNvdz!EKw)0I^OS4<OqA4uZ<EJ'g?^WFPlrQer#.JaDd>-*z9x7Qq34gErbNgS]K_t#>09g9AB4=chTZCoP1wCrtOdCnY6'<O:S/
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lauH8267AUG0
.mgid.com/	1970-01-19 23:04:23	Name: __cf_bm Value: bQft4OTSEEitcq.Gvg4s4CRdTApisI_guaEChtlScdU-1638261763-0-AWngJQs1DGxNakf8wis+DQf9ghYnI/SUqVptIQow9yv0ikBz05z8GJ2263x0uapYlsW/y0n/mshYcJlOqZ1XzN8=
ads.stickyadstv.com/	1970-01-19 23:47:33	Name: UID Value: 3162688ca9d464b016c94e2d26ceca
ads.stickyadstv.com/	1970-01-19 23:47:33	Name: uid-bp-11554 Value: k-EqVfKSvNIsH2q-u2vAt3jHWmCvknAeV9-oPJtQ
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 681a3efcc3bf27b487c166bb0461652
cm.mgid.com/	1970-01-19 23:47:33	Name: mg_sync Value: {"617660":1638261763}
.outbrain.com/	1970-01-20 01:13:57	Name: obuid Value: 37a9820c-a7e1-4378-a0f2-89c6d12d074e
.outbrain.com/	1970-01-19 23:47:33	Name: criteo Value: k-1BBoyivNIsH2q-u2vAt3jHWmCvk20iRRnayshQ
.yieldmo.com/	1970-01-20 07:49:57	Name: yieldmo_id Value: g2dd1430f60cf77ab323%7C1638261763403%7C0%7C
.ads.yieldmo.com/	1970-01-20 07:49:57	Name: ptrcriteo Value: k-pt2g-CvNIsH2q-u2vAt3jHWmCvkFExUfsxhbFQ
.liadm.com/	1970-01-20 16:35:33	Name: lidid Value: 79fdadd7-4106-4e7f-a0c5-eb95aaaa974b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
analytics.tradedoubler.com
az416426.vo.msecnd.net
c.bing.com
cdn.decibelinsight.net
cdn.stickyadstv.com
cdnjs.cloudflare.com
clk.tradedoubler.com
cm.adform.net
cm.g.doubleclick.net
cm.mgid.com
collection.decibelinsight.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
d6tizftlrpuof.cloudfront.net
dis.criteo.com
eb2.3lift.com
echo7.bluehornet.com
eu-tlp05.kameleoon.eu
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hhlwcyg0ce.kameleoon.eu
i.liadm.com
i6.liadm.com
it.younited-credit.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
vht.tradedoubler.com
visitor.omnitagjs.com
w.usabilla.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
yoc.younited-credit.com
yuc-cdn.azureedge.net
104.111.242.245
104.19.133.78
109.232.194.94
13.248.245.213
13.32.121.22
141.226.228.48
142.250.186.98
172.217.18.98
178.250.2.146
178.250.2.151
18.156.0.31
18.157.150.79
18.192.185.171
18.66.112.56
185.255.84.153
185.33.221.13
185.64.189.110
185.86.138.144
188.165.150.177
2.18.234.21
2.18.234.233
2.18.235.93
2001:4de0:ac19::1:b:3a
212.82.100.181
2600:1f18:444a:4602:b51a:2bef:14:5241
2600:9000:223c:1c00:6:44e3:f8c0:93a1
2600:9000:223f:6600:1b:5138:8a40:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::ac43:4832
2606:4700::6810:135e
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9d
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.83.68
34.252.190.62
35.157.241.218
35.186.231.97
35.186.243.160
37.157.4.29
44.241.231.49
52.222.206.77
52.222.236.107
54.86.197.188
69.173.144.165
70.42.32.191
75.101.253.183
78.46.61.107
99.81.7.40
07ab40aebe652878471e606a1dff19d1c45d7e9ecbab4d9944202f6961285c82
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134d8da173ef124f4fb9cbb8f845a94aa83f7b4e6f1b92749e5750ee9db2f052
167b0bc44cfe5f8f12bab04d9a7c1875d4a55bae50de918c23f669e936da8c5c
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
19755018177b924e15d7e49f6d6684957f2a00cbf6b60f879a641bd3aedc4e2d
1cecce11ca35430ed81c6e3bf16a37ea8b4b9923ec1754ba3c1445472748e477
2ae052d5fd6e01daee9b546c30e182308a083261ee6a1920c30625a2d81c5a49
2b7be7a5e1f0db7846d6086dbc9cd793697b3758bc683ee840c04d6a4daedf1e
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3754d6d9f76d35b69b3aeeb3656e2e82628379be032c1dc824c610253fa40db4
3b2668e035d74099f90fe3e6aa91166e561dcbf36ba4859048f8959fa2371ff8
3f3c77a6e5c32429b02f2aee787967f77badd448b3d61159b4f2f2c9198181cb
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da10e43a814d869169a6105d1ded3f864d6e502372a50bf1453c6e2e5141d6a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f4201510afb724858564187afde49d779f0d0e52534e463e6661f563de20af
5a1ff7b6d0d393da16cdf1618110d47f5966581810db2471616a5a46f0f14f54
5af481e00104cb300af0320bd7caef469f46f7ec7dc460ae441221bfc12994ff
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6226ae349ca889003708c420615f780301df628cae0de3717e4086c36ccedeac
62bbf148389344b6f69d013ba66a870f4abcea2e08f8a4b0d5bc94756fca999c
6403cd1e33c209c27e64f867fea2133d7ec9bd4e812d25c5d4207cb999bb2c13
6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412
77fd3d8f24f22d189394898b078cabbbd0eccf555ef1361d29ab5d650495c45d
81592355fbcd77f55c410975e614c28aed5c374de385ea98eba8c8ac654b5fed
82279adb1e8eedf4b67db88608f6ec98c7e57603d95bdc9bc1716486a8e7c53c
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836f1c9fd0c0631f0d60eed8dfff6e1e4ec7d6409d347067e691de5da7c9ebc3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c342af9ce7ee7617ff3a0ad3855b3e5adad226fc48adee1fe94e20ee1c2d76
87395fad36f313213d546112a618dc37dfa856289c5e28b3eb2ec59f2aec380c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fa3458f1bf8041eb5765ec25e8b859aa63432d7efa4edc31f070f88a66d3f0c
970ab41ea61ecc43401a41a75248fce304c95ecbb8b24a2652dbc488ebc099e7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12bc21199e9b4cf291e2203f906b59c3b4ce04759b1c6cd7950bba84b7bdeb8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6
a525362624af8f7ff0add8bbf0ab41a7e8a4c8e9bcc374c89341fceb29e8d48f
a9ddd05afc7b255840510e1d40fda6304d6dc5695fa2ef4c40424d1507d2cfe3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad3f80b08c66a47028346bd3b29d415d9db2a1872c77caa76026b417940d1e9a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b34e618906806ea910ec6502ef0c441860a02de1322421fcea3c2f59d610fa03
ba719b6366028770cae8f983921755cbcf0a383a4ae8ffa0c0896ba7e767e142
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbda0b9171f99e1e74c42667b444c1159a58c96b16a9bd02a7e846e0ea8cb5b1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73a2966e0843c535618a0d6f89d28d1e648afe4368157b9208d8feef789f760
ed15f8ab7de4eacd5a3de40fc33632ca711d127566e590ea72ce2bdc8f397a05
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75599e9b0766e2c9f8f7812411a7bc0bc69613b1c7f33ea5735df60f36b13c3

it.younited-credit.com Open in urlscan Pro 2620:1ec:bdf::44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

105 Requests

87 %HTTPS

39 %IPv6

49 Domains

64 Subdomains

58 IPs

9 Countries

1041 kBTransfer

2478 kBSize

68 Cookies

0 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

it.younited-credit.com Open in urlscan Pro
2620:1ec:bdf::44 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

87 %
HTTPS

39 %
IPv6

49
Domains

64
Subdomains

58
IPs

9
Countries

1041 kB
Transfer

2478 kB
Size

68
Cookies

105 HTTP transactions
1 data transactions