Submitted URL: http://finanswebde.com/
Effective URL: https://finanswebde.com/
Submission Tags: falconsandbox
Submission: On September 26 via api from US — Scanned from DE

Summary

This website contacted 42 IPs in 8 countries across 33 domains to perform 156 HTTP transactions. The main IP is 195.201.122.228, located in Germany and belongs to HETZNER-AS, DE. The main domain is finanswebde.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 30th 2020. Valid for: 2 years.
This is the only time finanswebde.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 195.201.122.228 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 151.139.245.20 33438 (HIGHWINDS2)
12 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
15 185.7.176.223 42910 (PREMIERDC...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 142.250.186.162 15169 (GOOGLE)
3 52.222.210.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
2 35.227.248.159 15169 (GOOGLE)
2 3 76.223.111.131 16509 (AMAZON-02)
14 94.130.181.38 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42::775 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a04:4e42:200... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
3 178.33.196.208 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
1 145.239.237.56 16276 (OVH)
5 2607:f8b0:400... 15169 (GOOGLE)
1 74.125.140.156 15169 (GOOGLE)
2 108.128.224.84 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 7 142.250.186.98 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 1 159.253.128.183 36351 (SOFTLAYER)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.7.176.4 42910 (PREMIERDC...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 108.128.116.76 ()
1 34.241.251.11 ()
1 142.250.185.98 ()
1 2 52.17.185.148 ()
156 42
Apex Domain
Subdomains
Transfer
24 finanswebde.com
finanswebde.com
blog.finanswebde.com
4 MB
21 googlesyndication.com
pagead2.googlesyndication.com
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
143 KB
18 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
185 KB
14 apipara.com
finans.apipara.com
224 KB
11 gstatic.com
fonts.gstatic.com
csi.gstatic.com
149 KB
11 virgul.com
static.virgul.com
ng.virgul.com
logger.virgul.com
175 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
435 KB
5 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-4g5e6nzz.c.2mdn.net
2 MB
5 google.com
www.google.com
fundingchoicesmessages.google.com
adservice.google.com
12 KB
4 adsafeprotected.com
unified.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
5 KB
4 gemius.pl
gatr.hit.gemius.pl
ls.hit.gemius.pl
20 KB
4 fontawesome.com
use.fontawesome.com
88 KB
4 stackpathdns.com
finanscepte-xuoe622gjknvdey.stackpathdns.com
75 KB
3 imgiz.com
c1.imgiz.com
151 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 amazon-adsystem.com
c.amazon-adsystem.com
39 KB
2 demdex.net
intelcorp.demdex.net
2 KB
2 izlesene.com
panel.izlesene.com
istr.izlesene.com
4 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 ghost.io
cuneytekinci.ghost.io
2 KB
2 tapad.com
pandg.tapad.com
pixel.tapad.com
1 KB
2 google.de
www.google.de
676 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com
77 KB
1 adition.com
dsp.adfarm1.adition.com
583 B
1 simpli.fi
um.simpli.fi
711 B
1 mathtag.com
sync.mathtag.com
829 B
1 quantserve.com
cms.quantserve.com
463 B
1 googletagservices.com
www.googletagservices.com
28 KB
1 google.com.ua
adservice.google.com.ua
853 B
1 pghub.io
pghub.io
2 KB
1 googleadservices.com
www.googleadservices.com
14 KB
0 nktcdn.com Failed
istr-n21.nktcdn.com Failed
156 33
Domain Requested by
19 finanswebde.com 1 redirects finanswebde.com
14 finans.apipara.com finanswebde.com
11 pagead2.googlesyndication.com finanswebde.com
securepubads.g.doubleclick.net
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 tpc.googlesyndication.com 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
6 fonts.gstatic.com fonts.googleapis.com
6 static.virgul.com finanswebde.com
static.virgul.com
5 cm.g.doubleclick.net 1 redirects 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
5 csi.gstatic.com imasdk.googleapis.com
5 blog.finanswebde.com
5 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googleadservices.com
4 imasdk.googleapis.com c1.imgiz.com
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
imasdk.googleapis.com
4 use.fontawesome.com finanswebde.com
use.fontawesome.com
4 finanscepte-xuoe622gjknvdey.stackpathdns.com finanswebde.com
finanscepte-xuoe622gjknvdey.stackpathdns.com
3 gatr.hit.gemius.pl c1.imgiz.com
gatr.hit.gemius.pl
3 c1.imgiz.com finanswebde.com
c1.imgiz.com
3 match.adsrvr.org 2 redirects 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
3 ng.virgul.com static.virgul.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 www.google.com finanswebde.com
tpc.googlesyndication.com
2 intelcorp.demdex.net 1 redirects
2 ade.googlesyndication.com
2 logger.virgul.com c1.imgiz.com
2 r3---sn-4g5e6nzz.c.2mdn.net
2 s0.2mdn.net imasdk.googleapis.com
2 unified.adsafeprotected.com imasdk.googleapis.com
2 cuneytekinci.ghost.io finanswebde.com
2 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fonts.googleapis.com finanswebde.com
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
2 www.google.de finanswebde.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com finanswebde.com
www.googletagmanager.com
1 googleads4.g.doubleclick.net
1 static.adsafeprotected.com
1 pixel.adsafeprotected.com 1 redirects
1 istr.izlesene.com c1.imgiz.com
1 gcdn.2mdn.net 1 redirects
1 panel.izlesene.com c1.imgiz.com
1 dsp.adfarm1.adition.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
1 r.turn.com
1 ad.turn.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 ls.hit.gemius.pl gatr.hit.gemius.pl
1 www.googletagservices.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.com.ua securepubads.g.doubleclick.net
1 pixel.tapad.com pandg.tapad.com
1 pandg.tapad.com pghub.io
1 pghub.io static.virgul.com
1 fundingchoicesmessages.google.com static.virgul.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
0 istr-n21.nktcdn.com Failed c1.imgiz.com
156 56

This site contains no links.

Subject Issuer Validity Valid
finanswebde.com
Go Daddy Secure Certificate Authority - G2
2020-03-30 -
2022-03-30
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.stackpathdns.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-06
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-15 -
2021-10-16
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
www.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
www.google.de
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
*.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1
2021-02-09 -
2022-02-16
a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.apipara.com
Go Daddy Secure Certificate Authority - G2
2020-07-05 -
2022-07-10
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-08 -
2022-10-09
a year crt.sh
*.google.com.ua
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
ghost.io
R3
2021-08-30 -
2021-11-28
3 months crt.sh
blog.finanswebde.com
R3
2021-09-07 -
2021-12-06
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2021-09-08 -
2022-09-25
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
wrapper-vast.adsafeprotected.com
Amazon
2020-12-18 -
2022-01-16
a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-31 -
2022-03-31
a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.izlesene.com
Sectigo RSA Domain Validation Secure Server CA
2020-07-11 -
2022-10-13
2 years crt.sh
*.c.docs.google.com
GTS CA 1C3
2021-09-14 -
2021-11-23
2 months crt.sh
static.adsafeprotected.com
Amazon
2021-01-06 -
2022-02-04
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh

This page contains 11 frames:

Primary Page: https://finanswebde.com/
Frame ID: DB0891C2121C07AF58F644FB265DA078
Requests: 102 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 1B62B4114A6D40D7A3ADE39EA207082E
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2F&owner=P%26G&bp_id=noktacommedya&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 2EE596CC44A9DF6CCFD20030A0957573
Requests: 2 HTTP requests in this frame

Frame: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 505D584868DF1000F677E087C408238F
Requests: 1 HTTP requests in this frame

Frame: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1E8C6BCF8A4E7EE3C6333FFFA36C2E9F
Requests: 33 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 20627B0CB943FB33FC8DAD8F37566B64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F20A15752DE319249DB46F7876E834AA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C693291046B07BA404870E17A87AB535
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A86CFE490F6DCAF0F4EF8F316D0C7D56
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.481.0_tr.html
Frame ID: DD8F9F0F7E69BA90E6DA2D3616A849E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FB2C4827AB976CAF84718C4D76E79232
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://finanswebde.com/ HTTP 301
    https://finanswebde.com/ Page URL

Page Statistics

156
Requests

98 %
HTTPS

50 %
IPv6

33
Domains

56
Subdomains

42
IPs

8
Countries

7927 kB
Transfer

12214 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://finanswebde.com/ HTTP 301
    https://finanswebde.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6cbea0f-cb8a-471d-8c15-d99a5cc498a9&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25
Request Chain 118
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHLtJp5W6ADfpE7y5ZSoC0E&google_cver=1&google_push=AYg5qPJKnxaktJZ5uDE-qKDtfx6s2Z9uHhSZJhr73_nHxm9vxtp3lZ_kebKAfhFP_N2XVYCAXv6SV6xG5kUu-6GrH_8QYJMNPwAR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2ODYyMDgxMzY5MjcyNTk0NQ== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHLtJp5W6ADfpE7y5ZSoC0E&google_cver=1
Request Chain 120
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL6na32WK6Azmt1g0vUx2ic&google_cver=1&google_push=AYg5qPJT2rvCx_2pdDTGpV3VSjyDkwAcsWbxRXD3AI-azWhrbTmdENN2wCWrQ23_IgqfSAiHfdfYzlMNmbgx5F7MeJom10Y8xXA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJT2rvCx_2pdDTGpV3VSjyDkwAcsWbxRXD3AI-azWhrbTmdENN2wCWrQ23_IgqfSAiHfdfYzlMNmbgx5F7MeJom10Y8xXA
Request Chain 121
  • https://um.simpli.fi/gp_match?google_gid=CAESEMjaSuIJ0SemfTgDlsbDaHk&google_cver=1&google_push=AYg5qPL961I6enT5JCsO010fWQ8XWDQsbCB5-cBKtwxwY2tPNCfkxwf51f_kmAsaIUFvmS2tXllKEDSSJ-50p5xRdgHCT2DAw7YW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0E526A1C6D649E88D91119913544B49&google_push=AYg5qPL961I6enT5JCsO010fWQ8XWDQsbCB5-cBKtwxwY2tPNCfkxwf51f_kmAsaIUFvmS2tXllKEDSSJ-50p5xRdgHCT2DAw7YW
Request Chain 123
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJB2mvrJ8fSDPHaFSnqYmGo&google_cver=1&google_push=AYg5qPIOPClSG5yJdzYabqWpVTqgb8U6czv0GB5AmSYSYJrT5ZFn67wbQs9iH4q0W3rl-O8ylIsZSBd4YBPEuzPF6OhVm3zGNgI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjEwNDcwMTQyNjUzMDQ1Mw%3D%3D&google_push=AYg5qPIOPClSG5yJdzYabqWpVTqgb8U6czv0GB5AmSYSYJrT5ZFn67wbQs9iH4q0W3rl-O8ylIsZSBd4YBPEuzPF6OhVm3zGNgI
Request Chain 124
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i
Request Chain 131
  • https://gcdn.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8D248A6643A8AFA295546D684F85DEE4D3A65728.54A1A9F56F212539A353514CD20CCF6698BDA335/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81348E60371809A0E68E86207816743296686BD5.35F1152AF7093049B9BE70D87335E046BFEB147C/key/cms1/cms_redirect/yes/mh/vW/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1632632429/mv/m/mvi/3/pl/51/file/file.mp4
Request Chain 151
  • https://pixel.adsafeprotected.com/rfw/st/775613/56071564/skeleton.gif?xmtp=v&xmapp=0&xsId=0528e396-ca7e-4065-b68a-4d912a61327c&mon=56071564 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=0528e396-ca7e-4065-b68a-4d912a61327c&mon=56071564
Request Chain 153
  • https://intelcorp.demdex.net/event?event=imp&d_campaign=26146846&d_site=5134578&d_placement=308937582&d_ad=501788673&d_creative=154742664 HTTP 302
  • https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=26146846&d_site=5134578&d_placement=308937582&d_ad=501788673&d_creative=154742664

156 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
finanswebde.com/
Redirect Chain
  • http://finanswebde.com/
  • https://finanswebde.com/
118 KB
28 KB
Document
General
Full URL
https://finanswebde.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
be3dd0be46030dfe4b0b816402a0a2740a9b10e6c47eb900952e83436bfd68ad

Request headers

Host
finanswebde.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
Express
x-cache
HIT
ETag
W/"1d7b6-0pqGyWO73FH0qdcSaJZvS/9YAmk"
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:27 GMT
Content-Type
text/html
Content-Length
194
Connection
keep-alive
Location
https://finanswebde.com/
index.js
finanswebde.com/_next/static/94dbf05ae698a1f7bd7ac3182a5a758b73152cd0/pages/
131 KB
29 KB
Script
General
Full URL
https://finanswebde.com/_next/static/94dbf05ae698a1f7bd7ac3182a5a758b73152cd0/pages/index.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
276081e83aec37e80200d476154f867516adacd7f0508d623d80ff4a9d0e0114

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"20dec-17bf909d53b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:27 GMT
_app.js
finanswebde.com/_next/static/94dbf05ae698a1f7bd7ac3182a5a758b73152cd0/pages/
8 KB
3 KB
Script
General
Full URL
https://finanswebde.com/_next/static/94dbf05ae698a1f7bd7ac3182a5a758b73152cd0/pages/_app.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
3b96281a4d7f0a6dd75da09d47fb06e4f8417d743974dcd7a14ba8d5fbea33c9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1fce-17bf909d53f"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:27 GMT
webpack-d99145c68f82eafef3ec.js
finanswebde.com/_next/static/runtime/
3 KB
2 KB
Script
General
Full URL
https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
dcfd2026eab710c04b46105b32a10edb216c66c9c603d2f5c3704ea781d99342

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"a4e-17bf909d52f"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:27 GMT
commons.aeb8eb159180e081c165.js
finanswebde.com/_next/static/chunks/
571 KB
176 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
2cd9d25613a1c83ffd779df6e1115d89bc6453f3ee2a163c2d6da6d6ce6561bd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"8ed28-17bf909d537"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:27 GMT
main-541f01c65744a5c2c60b.js
finanswebde.com/_next/static/runtime/
18 KB
6 KB
Script
General
Full URL
https://finanswebde.com/_next/static/runtime/main-541f01c65744a5c2c60b.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
70083d81f4abc958e43215542c5543afedd6294b03d1d544934118c5e2ea054b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"4629-17bf909d537"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:27 GMT
js
www.googletagmanager.com/gtag/
97 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-49264185-15
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec05129d47675209868349c25491880f7ac29bb9987a9c4cec93ff729f8e04dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39276
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Sep 2021 05:07:27 GMT
web.min.css
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/
235 KB
56 KB
Stylesheet
General
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/web.min.css
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
79e3381adccea1f5cadcf8e81b189501b935f79475555dcbd8e8831f53c4b4e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:27 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 10:48:12 GMT
server
nginx
x-amz-request-id
A9960826A4FC94EC
etag
W/"4d4d63749f73c010b081996d4d777087"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/07012021/web.min.css>; rel="canonical"
x-amz-id-2
g/vV8DxR78T9WTdQE1JyT/sQgL4ihIxn07b+74pkfyax90e5Og+ZMK870hD68f2U/jlr/ugqbHU=
expires
Sun, 03 Oct 2021 05:07:27 GMT
hms.png
finanswebde.com/mobile/images/
25 KB
25 KB
Image
General
Full URL
https://finanswebde.com/mobile/images/hms.png
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
ef677dc1926cbfa2aa4e0f3a2cd13cc318d2d968cbfd2bcc5d7eb9a94ff13034

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://finanswebde.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:27 GMT
Last-Modified
Sun, 15 Aug 2021 06:13:47 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"6287-17b4871e09a"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25223
Expires
Mon, 26 Sep 2022 05:07:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d52d911dbd24c2527abaa08d96416ed4adb22773c17916fb760b4f0fba1ecbb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49945
x-xss-protection
0
server
cafe
etag
11006350823794324775
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Sep 2021 05:07:27 GMT
e8927eb029.js
use.fontawesome.com/
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/e8927eb029.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e623f6cb6978519f97a73de00c8633974b11405e184d292eab0602a0981413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
G265C239QBQ6GYAB
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
Yb0w4K5w3yVIOKKapCaJTo5EccQpH3yfwJDVQud1avv87YEZf24S8/4UWKeUDnyYA5SCRfFNoo0=
last-modified
Thu, 01 Jul 2021 19:54:16 GMT
server
cloudflare
etag
W/"134c3d18e809fbefe83bc29f441b1463"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OF9yD9oBJ4x8OWCMvoM3Or9Xvrd92PQ1eTITJv0FqLnJJhq3iGJHfDwZ2wDLhbbhwgsd1sgLLOvsfo69bU%2FZfj6d8i2wUkF0%2BuNIdOMZZz786QGgdLKfH9S7nsS02%2Fp3XRzqunso389p%2FcUc%2F9YAN3t"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
6949f802caaa5c1a-FRA
outside.js
static.virgul.com/theme/mockups/adcode/
55 KB
20 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3d2f9b99a7e294b146e0d759e5fb9029ffab763a803aa06672fde7dbe176863d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
last-modified
Fri, 24 Sep 2021 10:26:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 03 Oct 2021 05:07:28 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49264185-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1230
date
Sun, 26 Sep 2021 04:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 26 Sep 2021 06:46:57 GMT
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-924247547&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49264185-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6fab712a4ea0a4f08541569d33adbd45acfcad3d77007df18c3126862d8ca0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39093
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Sep 2021 05:07:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 1B62
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 25 Sep 2021 05:09:11 GMT
expires
Sat, 09 Oct 2021 05:09:11 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
86296
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Flaticon.woff
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/font/
9 KB
9 KB
Font
General
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/font/Flaticon.woff
Requested by
Host: finanscepte-xuoe622gjknvdey.stackpathdns.com
URL: https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/web.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
a290abc20f0b59dc02b4f83a189b9830ee4f7c1110318dbdbb6bd8e19cc84407

Request headers

Referer
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/web.min.css
Origin
https://finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:27 GMT
last-modified
Thu, 11 Jul 2019 15:08:07 GMT
server
nginx
x-amz-request-id
6399CCA6C35B761D
etag
"d692e40c5d9f2c580f1b78ad3c0b706e"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/font/Flaticon.woff>; rel="canonical"
content-length
9184
x-amz-id-2
Vw4HFk8aFVZDmAIPv9og+LnIu6qia8s4s0imX8Twx170+QxjrlnYHRg/Icohl5wjnEvh7nPISts=
expires
Sun, 03 Oct 2021 05:07:27 GMT
collect
www.google-analytics.com/j/
2 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=798248422&t=pageview&_s=1&dl=https%3A%2F%2Ffinanswebde.com%2F&ul=en-us&de=UTF-8&dt=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2061853917&gjid=1241524286&cid=1757065320.1632632848&tid=UA-49264185-15&_gid=876826594.1632632848&_r=1&gtm=2ou9m0&z=859191458
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finanswebde.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
37 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-924247547&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14160
x-xss-protection
0
server
cafe
etag
14207842493151788310
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Sep 2021 05:07:28 GMT
collect
stats.g.doubleclick.net/j/
4 B
463 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-49264185-15&cid=1757065320.1632632848&jid=2061853917&gjid=1241524286&_gid=876826594.1632632848&_u=YEBAAUAAAAAAAC~&z=1967163018
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://finanswebde.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 26 Sep 2021 05:07:28 GMT
content-type
text/plain
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
e8927eb029.css
use.fontawesome.com/
1 KB
759 B
Stylesheet
General
Full URL
https://use.fontawesome.com/e8927eb029.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2259fd47c8c7d4495d954f079cab5f532a7b6747a358a3e8fd92209348b0a8a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7T80Z7MXMFK1575T
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
1r3fdqzjuwqYjezABwsvtyGXb+DCpSV8XrGWbbDe7A+d+gSayLaBtq92D9Ee5LZuSy2oU5qVbro=
last-modified
Thu, 01 Jul 2021 19:54:16 GMT
server
cloudflare
etag
W/"a00e40ff4ad7d4534f920814436d32c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zvFc2JOSbCPWVnoYgBDqdoaOeUQyy5SxcCnLOeCalv3MquR5RTMdrk0psYg2YpNp7XPlwXcrfVW%2BTGYg1IO8Fi3zzl15pDQ36P6UUa5pfvYWsIgpMlTe8vMm5gHVPyyCCnDxo50lc25ksGoGzXC4M2Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6949f8046f2f5c1a-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/?random=1632632848072&cv=9&fst=1632632848072&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffinanswebde.com%2F&tiba=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66edf466983904d7448be44f9f321830581c3a860f2a968d6fb3fbf840597222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/924247547/
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/924247547/?random=1632632848072&cv=9&fst=1632632400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffinanswebde.com%2F&tiba=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&async=1&fmt=3&is_vtc=1&random=2018439092&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/924247547/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/924247547/?random=1632632848072&cv=9&fst=1632632400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffinanswebde.com%2F&tiba=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&async=1&fmt=3&is_vtc=1&random=2018439092&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
522 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-49264185-15&cid=1757065320.1632632848&jid=2061853917&_u=YEBAAUAAAAAAAC~&z=307190362
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
522 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-49264185-15&cid=1757065320.1632632848&jid=2061853917&_u=YEBAAUAAAAAAAC~&z=307190362
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
73 KB
26 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
7c53b55028cdde294448c17f60159a27099e92236b11513a7fdd4dff44c88796
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"998 / 242 of 1000 / last-modified: 1632522815"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25706
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Sep 2021 05:07:28 GMT
consent.js
static.virgul.com/theme/mockups/consent/
10 KB
5 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/consent/consent.js?dts=18896
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
4f5833fc257e59a588dcbe93912b4fce2a8109ce1ac14ac14b57c08e35ecb4f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 09:12:28 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 03 Oct 2021 05:07:28 GMT
prebid4.41.0.js
static.virgul.com/theme/mockups/outside/
371 KB
138 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/outside/prebid4.41.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cd40e8c12bdc69b56a0882deabd76b770f5dabed15e7647f84137f6a8cf51be1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 08:09:20 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 03 Oct 2021 05:07:28 GMT
apstag.js
c.amazon-adsystem.com/aax2/
133 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
351
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server
Server
x-amz-rid
020EN40P0X008MCACY3W
date
Sun, 26 Sep 2021 05:05:15 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
weTN_Hu7kFGy92WkTVYWQ-CrfRos7bNM7Dm3ZYACd4rBh8p2ZwC5Og==
finanswebde.js
static.virgul.com/theme/mockups/fallback/
3 KB
3 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/fallback/finanswebde.js?dts=18896
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
8960045a0f15851413611eb6f4222e018bc397cf49be3ff0420390e96db405cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
last-modified
Wed, 15 Sep 2021 11:30:47 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2560
expires
Sun, 03 Oct 2021 05:07:28 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/
120 B
335 B
Script
General
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
last-modified
Wed, 25 Dec 2019 09:23:27 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
120
expires
Sun, 03 Oct 2021 05:07:28 GMT
AGSKWxUTbTW2xFAPoj6SAPD8c4YxVWcid6EpTPZLU1zGZmBgEvmewlltu0Sdt0D3k44DoBA_7v6F-FSWLH1Xiok6XsA=
fundingchoicesmessages.google.com/f/
22 KB
10 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUTbTW2xFAPoj6SAPD8c4YxVWcid6EpTPZLU1zGZmBgEvmewlltu0Sdt0D3k44DoBA_7v6F-FSWLH1Xiok6XsA=
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/consent/consent.js?dts=18896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a0d193b4614f95570ea527b2370560db06eddc3e22e9ffa89a5b0008fe3bdc8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E/PnhcHrp8Sybhhzl+qlgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-E/PnhcHrp8Sybhhzl+qlgA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-E/PnhcHrp8Sybhhzl+qlgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-E/PnhcHrp8Sybhhzl+qlgA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/
336 KB
118 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Sep 2021 05:07:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
71 B
96 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=finanswebde.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
43dd014cc7cb0656790c11b99656d9ad1853c7309e2469b54a4389dccd46ac71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71
x-xss-protection
0
expires
Sun, 26 Sep 2021 05:07:28 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/e8927eb029.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030805
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
BVYNR017DZMX3ZD5
x-amz-id-2
QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8hKA0%2FY34jSKb8Z%2FgsNHO4UQJcrzrluXkwunJhAekAwpbcHUTsU6vjl7eR5XE%2FHWxbJDM2EIxg3mVM7B7kSM8osPjloahameE0163rnZf6o3EFMcdM9YRfIfyQ66i7XfU3D%2BRHjPIpwIyjOmCcXoqYQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6949f805daca5c1a-FRA
config
c.amazon-adsystem.com/cdn/prod/
0
334 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffinanswebde.com%2F&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:49:37 GMT
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
server
Server
age
1070
x-edge-origin-shield-skipped
0
access-control-allow-origin
https://finanswebde.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
nTp9xDiz9bCOY_uyETfJz2x5n3_vEoGljQ8J31l7gt3EZuxBy9qKhQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
28686
x-edge-origin-shield-skipped
0
access-control-max-age
3000
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Sun, 26 Sep 2021 00:04:52 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4360596ad590d8363ce70eb7bf282e43.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
XXhk3l9i7gISHLQvcc2etBdEKqLv217BgEjqglEW5e1C3flRV147Dw==
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/e8927eb029.css
Origin
https://finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030457
cf-ray
6949f8062d8a6967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
x-amz-id-2
AXMUS/oghgx/FQodNGLfcUBVLjn76ZQNRXfy+BsznL8Eotkhj/cxKR5maRBhExz2KmLhLXnCvz8=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9e8MW0mI3TfF1oh0%2Fa%2BMrBt04AWmZWuRRvcdUP45sRps79qdHYdyl5yJmGrloFw3W5IMq981fi%2FldCVXUm%2FSqcOtbpQ6u3aacKVW0x42np3ST%2FN8wbKdMdOJbQIDBZGxNPqmvtDN7s50UuND2ohDtFg"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
ZTDWFQ3QBSQ1C41D
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
application/font-woff2
pageview
ng.virgul.com/
21 KB
5 KB
Script
General
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1632632848471&v=https%3A%2F%2Ffinanswebde.com%2F&r=finanswebde:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
700cc89daa20c9f56e281236cdfe27a13ce2207d474614b8cf31efb45808003e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
content-encoding
gzip
server
openresty/1.15.8.3
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://finanswebde.com
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
content-length
4829
expires
Tue, 16 Apr 2013 10:49:40 GMT
finanswebde.js
static.virgul.com/theme/mockups/sites/
3 KB
3 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/sites/finanswebde.js?dts=453509
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
fbca08e51785468fece6f54f24d8c03c5abcc2ed1c931c755c4788d186c7d277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
last-modified
Mon, 13 Sep 2021 08:59:50 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2904
expires
Sun, 03 Oct 2021 05:07:28 GMT
pandg-sdk.js
pghub.io/js/
4 KB
2 KB
Script
General
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:12:21 GMT
content-encoding
gzip
age
3307
x-guploader-uploadid
ADPycdszA71f68-lhyxM8ct9zs8Rn8BbeGMV_5tQt65f1tHkAun2zZe5skyICWeBwnc8jFfSzdGX9Ybl8x1Y9riSQCU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1482
last-modified
Wed, 07 Apr 2021 18:40:01 GMT
server
UploadServer
etag
"dd7e4933d35d1a7cb610442e9bea8b94"
vary
Accept-Encoding
x-goog-hash
crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation
1617820801121016
cache-control
public,max-age=3600
x-goog-stored-content-length
1482
accept-ranges
bytes
content-type
application/javascript
tag
pandg.tapad.com/ Frame 2EE5
173 B
656 B
Document
General
Full URL
https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2F&owner=P%26G&bp_id=noktacommedya&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
446e9266bca4076d9954d6bebbfadf9e24a7d33073c91df5acee7c5f34fc9376
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pandg.tapad.com
:scheme
https
:path
/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2F&owner=P%26G&bp_id=noktacommedya&data=%7B%22category%22%3A%22site_geneli%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

date
Sun, 26 Sep 2021 05:07:28 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1632632848821;Expires=Thu, 25 Nov 2021 05:07:28 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=10f7f3a2-caf7-419a-9012-9a96bb8b0b25;Expires=Thu, 25 Nov 2021 05:07:28 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-length
173
via
1.1 google
alt-svc
clear
receive
pixel.tapad.com/idsync/ex/ Frame 2EE5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6cbea0f-cb8a-471d-8c15-d99a5cc498a9&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25
95 B
430 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6cbea0f-cb8a-471d-8c15-d99a5cc498a9&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2F&owner=P%26G&bp_id=noktacommedya&data=%7B%22category%22%3A%22site_geneli%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:29 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6cbea0f-cb8a-471d-8c15-d99a5cc498a9&ttd_puid=10f7f3a2-caf7-419a-9012-9a96bb8b0b25
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
347
comment
finans.apipara.com/json/v9/options/ Frame
0
0
Preflight
General
Full URL
https://finans.apipara.com/json/v9/options/comment
Protocol
HTTP/1.1
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Credentials
true
stock
finans.apipara.com/json/v9// Frame
0
0
Preflight
General
Full URL
https://finans.apipara.com/json/v9//stock?async=1&auid=1&sortby=volume_try
Protocol
HTTP/1.1
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Credentials
true
notif
finans.apipara.com/json/v9/ Frame
0
0
Preflight
General
Full URL
https://finans.apipara.com/json/v9/notif?last=&more=1&auid=1&feed=onlycomments
Protocol
HTTP/1.1
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Credentials
true
css
fonts.googleapis.com/
2 KB
920 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 04:47:04 GMT
server
ESF
date
Sun, 26 Sep 2021 05:07:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 05:07:29 GMT
d65e.3bdd5f1dbb8c32bcfa6b.js
finanswebde.com/_next/static/chunks/
21 KB
7 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/d65e.3bdd5f1dbb8c32bcfa6b.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
2cceac1929e30ad3d0ca4612a3aac4c58a8a097d6b1f9aadf0a141087eb5e66a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"55c4-17bf909d53b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:29 GMT
d6db.4bac1b495dfdaaeb8af9.js
finanswebde.com/_next/static/chunks/
8 KB
3 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/d6db.4bac1b495dfdaaeb8af9.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
29a18daaaccc2896c4f4c22efc02cd69ef78861b9250bf53ea3c9704f285e6d7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1e53-17bf909d53b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:29 GMT
d926.5b9239abc7781d242b7c.js
finanswebde.com/_next/static/chunks/
10 KB
3 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/d926.5b9239abc7781d242b7c.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
24bf624ed768c1d266c62e624b1244c6990ca161138f9aebcd4dc9c0db7eb033

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"296b-17bf909d53b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:29 GMT
27f4.d5b7d19e7b8d3b04ec0d.js
finanswebde.com/_next/static/chunks/
13 KB
4 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/27f4.d5b7d19e7b8d3b04ec0d.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
2db9402fc3a72ee838132d05171bb8428d9192abe23f1fd90c1e4221d51e6dfa

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"32c4-17bf909d52b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:29 GMT
ba39.c978b26f220ac8ca87f3.js
finanswebde.com/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/ba39.c978b26f220ac8ca87f3.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
9ab0baca7a738a0ed49bd74f042400153d207a444f1675808802a3c2aa923322

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"c62-17bf909d537"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:29 GMT
1b5b.c778adc91d0ab2782614.js
finanswebde.com/_next/static/chunks/
5 KB
2 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/1b5b.c778adc91d0ab2782614.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
c038f2f92310db4f32b756ed4de997ef499335657fc351ed95c21f48e91e2fa9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1369-17bf909d52b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:29 GMT
e06e.695d6db8eb59caa0f2de.js
finanswebde.com/_next/static/chunks/
73 KB
18 KB
Script
General
Full URL
https://finanswebde.com/_next/static/chunks/e06e.695d6db8eb59caa0f2de.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
4f77143d53a55f7d543e285668bc7092e2aa24b59c95ae5c7ab8a2e512fb6ee9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 13:12:56 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"12399-17bf909d53b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Sep 2022 05:07:29 GMT
comment
finans.apipara.com/json/v9/options/
35 KB
10 KB
XHR
General
Full URL
https://finans.apipara.com/json/v9/options/comment
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
016691f519a843141365c99859f0eb5c693bbbc77d158de6c42f465fdcecb5f3

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
stock
finans.apipara.com/json/v9//
236 KB
45 KB
XHR
General
Full URL
https://finans.apipara.com/json/v9//stock?async=1&auid=1&sortby=volume_try
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c3e1ebcb161634c0da64d09c2310b20eeda6cd529584709e1a9c31a436752126

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
finanswebde-light.svg
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/
8 KB
4 KB
Image
General
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/finanswebde-light.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
0fe02731c22e5466827e8f662f13266450cd5cca96f2fbc063331c8014bfb961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:29 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 15:13:47 GMT
server
nginx
x-amz-request-id
817CEBA7B44C8E1B
etag
W/"1d3c1b74ae39f68256ef408529734cce"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/img/finanswebde-light.svg>; rel="canonical"
x-amz-id-2
7wjfpKsx79xUg+qJTaBI1sn80zNJvT9CbCKjmnPU7Yt4xQ0exrimZ52eLLO6OaYJf3VeqyC4gZs=
expires
Sun, 03 Oct 2021 05:07:29 GMT
notif
finans.apipara.com/json/v9/
31 KB
7 KB
XHR
General
Full URL
https://finans.apipara.com/json/v9/notif?last=&more=1&auid=1&feed=onlycomments
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f8932e89a86c599fc173a5891d3fd0736319164e0fe0db872bd3c8a71698158e

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
converter
finans.apipara.com/json/v9//
600 KB
121 KB
XHR
General
Full URL
https://finans.apipara.com/json/v9//converter
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6a35bf65b8c2a24c4dd6daa66baac11e1c30daa2102777909ad2c79f4fdffee7

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
converter
finans.apipara.com/json/v9// Frame
0
0
Preflight
General
Full URL
https://finans.apipara.com/json/v9//converter
Protocol
HTTP/1.1
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:29 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Credentials
true
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:58:19 GMT
x-content-type-options
nosniff
age
598150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 06:58:19 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:58:19 GMT
x-content-type-options
nosniff
age
598150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 06:58:19 GMT
7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v22/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTzGLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
998982ec1f9827bce6fb99972a72f62208a738803fe6c6144fd38ebcbb558214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 17:55:45 GMT
x-content-type-options
nosniff
age
558704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28508
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:53:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:55:45 GMT
7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v22/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTzGLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
998982ec1f9827bce6fb99972a72f62208a738803fe6c6144fd38ebcbb558214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 17:55:45 GMT
x-content-type-options
nosniff
age
558704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28508
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:53:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:55:45 GMT
market
finans.apipara.com/json/v9// Frame
0
0
Preflight
General
Full URL
https://finans.apipara.com/json/v9//market?auid=1
Protocol
HTTP/1.1
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Credentials
true
market
finans.apipara.com/json/v9//
159 KB
32 KB
XHR
General
Full URL
https://finans.apipara.com/json/v9//market?auid=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
20bf23704fac91299cb1ebf023e37ae1a39123f98ec845c591331c7273466f75

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/
7 KB
3 KB
Script
General
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=18896
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
7c9bc717b6fa6b46de0f2be69cfe616f05ecad3386fd5e99104eabdf1f4056e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
last-modified
Mon, 18 Jan 2021 06:27:44 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 03 Oct 2021 05:07:30 GMT
integrator.js
adservice.google.com.ua/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.com.ua/adsid/integrator.js?domain=finanswebde.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=finanswebde.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
69 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3548984713581063&correlator=2825396222672962&output=ldjh&impl=fif&eid=31062913%2C44750532&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20210926&iu_parts=21728129623%3A36563801%2Cweb_finanswebde_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160&fluid=height&ppid=vnete3e34428e62b4b6c80773482bc55dc79&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Dfinanswebde%26mt%3D1632632848471%26pager%3D1%2540site_geneli%2540finanswebde%253Asite_geneli%26host%3Dfinanswebde.com%26url%3D%252Fhttps%253A%252F%252Ffinanswebde.com%252F%26targetCtr%3D0%26targetCr%3D0%26Mobile%3Dfalse%26webmAd%3D1%26overlay%3D1%26datasave%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1632632850&dt=1632632850234&dlt=1632632847756&idt=609&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=158&adks=1971925398&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffinanswebde.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1110x-1&msz=1600x-1&ga_vid=1757065320.1632632848&ga_sid=1632632850&ga_hid=798248422&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9b11d535311e6caa6c8f3ebcb4dc75fead5c853921611abd229867c7429d41ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20856
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 505D
6 KB
4 KB
Document
General
Full URL
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 26 Sep 2021 05:07:30 GMT
expires
Mon, 26 Sep 2022 05:07:30 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
finanswebde.com/socket.io/
101 B
373 B
XHR
General
Full URL
https://finanswebde.com:8094/socket.io/?EIO=3&transport=polling&t=NmWW4UT
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
/
Resource Hash
fd499d7f2b929c6b81dcf9ceebe3763483080964f80a156d54d680a7f2b66085

Request headers

Accept
*/*
Referer
https://finanswebde.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://finanswebde.com
Date
Sun, 26 Sep 2021 05:07:30 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
101
Content-Type
application/octet-stream
truncated
/
141 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78ecd2259a162af3406fc676dbe4810a4861027fb275e327c176a219d846d7ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
145 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d40df0be5909048df8152417ab6dab760735f9f2e7888859ce11929f55e8a65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
592 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43c16c3c66b80fd8b1fa295088d1c8ea7037ab3c1651c2e614e2e6f770173758

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
263 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b77566a54f5661c98f1bec60bd942ff3987e570513dc29dcc054108ae5cf7b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
99 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85fb8eee8dd39adf4434a726733bc6cd6de0cc72cb7be8394ea86f7e179c5e95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
93 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
stockMap
finans.apipara.com/json/v9//
17 KB
4 KB
XHR
General
Full URL
https://finans.apipara.com/json/v9//stockMap?auid=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
39d838595c35ce856f24893976d8689c7acf0615ba7a4d9174810e19732ba934

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
stockMap
finans.apipara.com/json/v9//
17 KB
4 KB
XHR
General
Full URL
https://finans.apipara.com/json/v9//stockMap?auid=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
39d838595c35ce856f24893976d8689c7acf0615ba7a4d9174810e19732ba934

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
cuneytekinci.ghost.io/ghost/api/v2/content/posts/
3 KB
2 KB
XHR
General
Full URL
https://cuneytekinci.ghost.io/ghost/api/v2/content/posts/?key=3ec7f28c39f563d6e90b173d71&limit=5&fields=id,title,created_at,slug,meta_description,url,feature_image,primary_tag&filter=tag:haber,tag:Yazilar
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
a3c5e2355d2e1bc59d05f0486cbd099deba92650ecc11aafdb30a58cc7afd429

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
token
_magic

Response headers

ghost-age
300707
date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS, MISS
status
304 Not Modified
content-length
1297
ghost-fastly
true
x-request-id
56652759f28c2b4e100cea1ffd7de2d9, bea515afbe07b7c8b90e558d39c4f300
x-served-by
cache-ams21075-AMS, cache-fra19154-FRA
accept-ranges
bytes
server
openresty
x-timer
S1632632851.727707,VS0,VE10
etag
W/"bc2-2LfRDPGfGUZSNxPwROrdq7gv9Q8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache
HIT
x-cache-hits
0, 0
wallet.svg
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/
15 KB
6 KB
Image
General
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/wallet.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
7abe950e5ba5f0bfce71296a946a842fd3c7c5c93a96a324fe3866b3662f77a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 15:14:01 GMT
server
nginx
x-amz-request-id
DE33307F5964288A
etag
W/"6d9f11ded122f3f23fc20a0408077cd2"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/img/wallet.svg>; rel="canonical"
x-amz-id-2
qTvCKeMYlUCwqz6okdU868vfQatPp+1if8gf3ILbIQh7pPcXA/lBeAju/a0PZ8D33uvA6gFrdgU=
expires
Sun, 03 Oct 2021 05:07:30 GMT
stockMap
finans.apipara.com/json/v9// Frame
0
0
Preflight
General
Full URL
https://finans.apipara.com/json/v9//stockMap?auid=1
Protocol
HTTP/1.1
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Credentials
true
stockMap
finans.apipara.com/json/v9// Frame
0
0
Preflight
General
Full URL
https://finans.apipara.com/json/v9//stockMap?auid=1
Protocol
HTTP/1.1
Server
94.130.181.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.181.130.94.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Sep 2021 05:07:30 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Credentials
true
/
cuneytekinci.ghost.io/ghost/api/v2/content/posts/ Frame
0
0
Preflight
General
Full URL
https://cuneytekinci.ghost.io/ghost/api/v2/content/posts/?key=3ec7f28c39f563d6e90b173d71&limit=5&fields=id,title,created_at,slug,meta_description,url,feature_image,primary_tag&filter=tag:haber,tag:Yazilar
Protocol
H2
Server
2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
auid,token
Origin
https://finanswebde.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
openresty
status
204 No Content
access-control-allow-origin
*
x-request-id
5379a2804dc659229634266200396e16 5379a2804dc659229634266200396e16
access-control-allow-headers
auid,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
ghost-cache
MISS
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-age
0
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
date
Sun, 26 Sep 2021 05:07:30 GMT
x-served-by
cache-ams21022-AMS, cache-fra19154-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1632632851.697918,VS0,VE17
vary
Access-Control-Request-Headers
ghost-fastly
true
container.html
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E8C
6 KB
3 KB
Document
General
Full URL
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 26 Sep 2021 05:07:30 GMT
expires
Mon, 26 Sep 2022 05:07:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632310961004595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 26 Sep 2021 05:07:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c53a3667106f0b0507733f245f5b0614b767d476d9bd9d400600d593244332c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8503
x-xss-protection
0
/
finanswebde.com/socket.io/
5 B
275 B
XHR
General
Full URL
https://finanswebde.com:8094/socket.io/?EIO=3&transport=polling&t=NmWW4ZK&sid=sRM0cKQuv2Q9uHqPAAPP
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
/
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Accept
*/*
Referer
https://finanswebde.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://finanswebde.com
Date
Sun, 26 Sep 2021 05:07:30 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
5
Content-Type
application/octet-stream
NFT.--3-.png
blog.finanswebde.com/content/images/2021/09/
379 KB
379 KB
Image
General
Full URL
https://blog.finanswebde.com/content/images/2021/09/NFT.--3-.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
dc6fdfd97aa43f40fa0ca79165be3616c2abeb92ff24044af5c381620cfea76e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ghost-age
0
date
Sun, 26 Sep 2021 05:07:31 GMT
via
1.1 varnish, 1.1 varnish
age
1460867
x-cache
HIT, HIT
status
200 OK
content-length
387892
ghost-fastly
true
x-request-id
5e11f6e65d156f3cd2de074cddb72ad3, 5e11f6e65d156f3cd2de074cddb72ad3
x-served-by
cache-ams21056-AMS, cache-fra19172-FRA
accept-ranges
bytes
last-modified
Thu, 09 Sep 2021 07:19:44 GMT
server
openresty
x-timer
S1632632851.131148,VS0,VE0
etag
W/"5eb34-17bc96d3c7a"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 2
NFT.--2-.png
blog.finanswebde.com/content/images/2021/09/
2 MB
2 MB
Image
General
Full URL
https://blog.finanswebde.com/content/images/2021/09/NFT.--2-.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
376806d5d9e206c897a72213fdb5e3ce523924b7d346c6f77ed11c56ef43b355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ghost-age
0
date
Sun, 26 Sep 2021 05:07:31 GMT
via
1.1 varnish, 1.1 varnish
age
1602000
x-cache
HIT, HIT
status
200 OK
content-length
1910840
ghost-fastly
true
x-request-id
6920f2ec305c0d92384d2908e4c01592, 6920f2ec305c0d92384d2908e4c01592
x-served-by
cache-ams21039-AMS, cache-fra19172-FRA
accept-ranges
bytes
last-modified
Tue, 07 Sep 2021 16:07:30 GMT
server
openresty
x-timer
S1632632851.131203,VS0,VE0
etag
W/"1d2838-17bc103b374"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 2
NFT.--1-.png
blog.finanswebde.com/content/images/2021/09/
377 KB
377 KB
Image
General
Full URL
https://blog.finanswebde.com/content/images/2021/09/NFT.--1-.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
32b87a349a7ae7982a16088339461e9a6ebef1e46ca0f5c548e07fb7f9d0e420

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ghost-age
0
date
Sun, 26 Sep 2021 05:07:31 GMT
via
1.1 varnish, 1.1 varnish
age
1633893
x-cache
HIT, HIT
status
200 OK
content-length
385874
ghost-fastly
true
x-request-id
1d9e622ac58657aafa4880f4f11e7026, 1d9e622ac58657aafa4880f4f11e7026
x-served-by
cache-ams12732-AMS, cache-fra19172-FRA
accept-ranges
bytes
last-modified
Tue, 07 Sep 2021 07:15:58 GMT
server
openresty
x-timer
S1632632851.131257,VS0,VE0
etag
W/"5e352-17bbf1d0fe1"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 2
NFT..png
blog.finanswebde.com/content/images/2021/09/
29 KB
29 KB
Image
General
Full URL
https://blog.finanswebde.com/content/images/2021/09/NFT..png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
44b8bb79c99cb436e742cc7a74e26d446a33648976ccb3b63be7844fb5d63401

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ghost-age
0
date
Sun, 26 Sep 2021 05:07:31 GMT
via
1.1 varnish, 1.1 varnish
age
1949953
x-cache
HIT, HIT
status
200 OK
content-length
29351
ghost-fastly
true
x-request-id
84ca08529eaa1390412630efbcd52467, 84ca08529eaa1390412630efbcd52467
x-served-by
cache-ams21059-AMS, cache-fra19172-FRA
accept-ranges
bytes
last-modified
Fri, 03 Sep 2021 15:28:17 GMT
server
openresty
x-timer
S1632632851.131278,VS0,VE0
etag
W/"72a7-17bac465d76"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 2
Bitcoin-Madencili-i-1.png
blog.finanswebde.com/content/images/2021/09/
914 KB
915 KB
Image
General
Full URL
https://blog.finanswebde.com/content/images/2021/09/Bitcoin-Madencili-i-1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ee5739deb9216d60219ee14cbc9ef3a22eb596f8bccbdb2797ab8a3fc963893c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ghost-age
0
date
Sun, 26 Sep 2021 05:07:31 GMT
via
1.1 varnish, 1.1 varnish
age
1482667
x-cache
HIT, HIT
status
200 OK
content-length
936009
ghost-fastly
true
x-request-id
5ac4fd0d85489861c826d0c90dca3de1, 5ac4fd0d85489861c826d0c90dca3de1
x-served-by
cache-ams12757-AMS, cache-fra19172-FRA
accept-ranges
bytes
last-modified
Thu, 02 Sep 2021 11:57:44 GMT
server
openresty
x-timer
S1632632851.131305,VS0,VE0
etag
W/"e4849-17ba65f3db7"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 2
/
finanswebde.com/socket.io/
4 B
274 B
XHR
General
Full URL
https://finanswebde.com:8094/socket.io/?EIO=3&transport=polling&t=NmWW4cW&sid=sRM0cKQuv2Q9uHqPAAPP
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.aeb8eb159180e081c165.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
/
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Accept
*/*
Referer
https://finanswebde.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://finanswebde.com
Date
Sun, 26 Sep 2021 05:07:30 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4
Content-Type
application/octet-stream
ima3.js
imasdk.googleapis.com/js/sdkloader/
345 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=18896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41e03561fcd66267e40478b43dfc163e850387b636883e84aa4c8947bf273a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121279
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sun, 26 Sep 2021 05:07:30 GMT
comscore-streamsense.min.js
c1.imgiz.com/js/site/
91 KB
22 KB
Script
General
Full URL
https://c1.imgiz.com/js/site/comscore-streamsense.min.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6d4c9f94381f2ec7e6e3384952a393b331e7793beda9dda950d2802a79279701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2016 09:24:23 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 03 Oct 2021 05:07:30 GMT
gplayer.js
gatr.hit.gemius.pl/
22 KB
6 KB
Script
General
Full URL
https://gatr.hit.gemius.pl/gplayer.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
10be3500edafe99844bb29e02525b9be3ca35ed9ff1a89a09248beca69d16e89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 10:02:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
5965
expires
Sun, 26 Sep 2021 17:07:30 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/
395 KB
127 KB
Script
General
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=9/26/2021
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=18896
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
c22ac0cae9f97e811944726665673a5bfd34f66cd5d5d98cf649a5978f3b15a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 08:44:04 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 03 Oct 2021 05:07:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 1E8C
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 05:06:21 GMT
css
fonts.googleapis.com/ Frame 1E8C
8 KB
809 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 03:52:30 GMT
server
ESF
date
Sun, 26 Sep 2021 05:07:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 05:07:30 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/ Frame 1E8C
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.css
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 00:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275084
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 00:19:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 23 Sep 2022 00:42:46 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/ Frame 1E8C
352 KB
122 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29e2d6b0a0026b3054cf162219c34ad65705c2e33c752fdfcad9a0f5e29cfde2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 00:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275084
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124823
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 00:19:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 23 Sep 2022 00:42:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 1E8C
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 04:45:44 GMT
gemiuslib.js
gatr.hit.gemius.pl/
38 KB
10 KB
Script
General
Full URL
https://gatr.hit.gemius.pl/gemiuslib.js
Requested by
Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/gplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
eee895ae5ca7763e9908ff335945dc6222394aa2136cd534d05f12ad6e3d112a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:30 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 10:02:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10489
expires
Sun, 26 Sep 2021 17:07:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 26 Sep 2021 05:07:31 GMT
fpdata.js
gatr.hit.gemius.pl/
284 B
421 B
Script
General
Full URL
https://gatr.hit.gemius.pl/fpdata.js?href=finanswebde.com
Requested by
Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
170458ae1dd13b8b4b3a11201a85aaddaa22276b96b2b6a08111b21cf1740b99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:31 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
284
expires
Tue, 26 Oct 2021 05:07:31 GMT
lsget.html
ls.hit.gemius.pl/ Frame 2062
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
185d8f83d2806259d06317454f79e517accf0cc4c54b58616eb526d5bd56ae17

Request headers

:method
GET
:authority
ls.hit.gemius.pl
:scheme
https
:path
/lsget.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

date
Sun, 26 Sep 2021 05:07:31 GMT
expires
Tue, 26 Oct 2021 05:07:31 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2710
content-encoding
gzip
csi
csi.gstatic.com/ Frame 1E8C
0
348 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ku0rg2bi&c=7942828369774&slotId=3971414184887&qqid=CK6F3Kjvm_MCFc_yuwgdOSEM6Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1E8C
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
304551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1E8C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
304548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E8C
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CeXD3EgBQYa60Ec_l7_UPucKwyA6ToOP1Y-mI-6i_Dpeum5fHIBABIMCygmtglYKAgKwHoAH8_8vxAsgBBagDAcgDmwSqBNMBT9AtJrg4AwFb7swQyfRm6aOSeI_n-sWd-px756jFW6t1sGCQUnDe-HgVNZYxGoIO8cdVuqzvAid7615GjzcLYHvM_3UfFBadHHKZKu60aHqYI8RL1ErmKUioDqW7rvn73RlRRKIbMRb267N-Wh2qTKJujLTLwSWm5kxpab-JAaNd8uBBUifCmIGUCYFWeovRgUb8Sm0EvJLZXBSR0wzyZIb1k9Z1DR4DcUAtNi5GqWjKzKV96nQEbOaE_1ZbNVOx-o4xNYkwO74o579h-fNEk8F10sAE9pja1eAD4AQDkAYBoAZOgAfs_7OOAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04Mzg1MTU4NjcyNzkzMzI2gAoDmAsByAsBgAwBsBOlrLAM0BMA2BMNiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1632632851143&ai=CeXD3EgBQYa60Ec_l7_UPucKwyA6ToOP1Y-mI-6i_Dpeum5fHIBABIMCygmtglYKAgKwHoAH8_8vxAsgBBagDAcgDmwSqBNMBT9AtJrg4AwFb7swQyfRm6aOSeI_n-sWd-px756jFW6t1sGCQUnDe-HgVNZYxGoIO8cdVuqzvAid7615GjzcLYHvM_3UfFBadHHKZKu60aHqYI8RL1ErmKUioDqW7rvn73RlRRKIbMRb267N-Wh2qTKJujLTLwSWm5kxpab-JAaNd8uBBUifCmIGUCYFWeovRgUb8Sm0EvJLZXBSR0wzyZIb1k9Z1DR4DcUAtNi5GqWjKzKV96nQEbOaE_1ZbNVOx-o4xNYkwO74o579h-fNEk8F10sAE9pja1eAD4AQDkAYBoAZOgAfs_7OOAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04Mzg1MTU4NjcyNzkzMzI2gAoDmAsByAsBgAwBsBOlrLAM0BMA2BMNiBQE2BQB0BUB-BYBgBcB
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 1E8C
19 KB
13 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A9rQVyo-oeA7ld_Ht1ZNQgyvEyZaFtFx3Epa4hAH3aAXQ0-qNc_W4K9jRO_b8pV-CCFU62s_o6i56uB1lsmybC30xS3g&dbm_d=AKAmf-ASVzFl-lyzwTI0wV4aKQWItS75CJztVUWxXSWDJjBXCR-8PwlCn-uqdxrHp_OcKvYxD2mgw7onQQzuzkOQ2zlt_jvQZnmi2kAjMJJolfmxIQZtODb2otH2mW3QVVCwAsPiV-2ZcQfOFKgGTsDgQUo1Xxs6gtXJ136l7A31NhtsMKBQAjvHAq8vCnXDaMRuOCNe2FhlPWynjLamgVSbJ30s31wrX4kLwl76ziu7wIW6WgBDR1Hdh-9fEoXpmVJ03Sbi_ph6_9U-TUBKB8xqAVv4Z3EhexVxg5xY4mtsRWgVQBjJ_uADLbsK1FI0Mykyo497mke0DME0iDsxBgJ2EqhnNZhIwSv8hrCSZxfOUDoPgY_tJtTNx24Oz9Qk8JXljBAzXQAqzjJ8r1c1b1vEflRRObNL97XJ-wjBjDr0waxXWl_xG8LINguSekOMs0Ahx_Gc6RQLKBWyjzafP5XsgV-61FKM06_GN-GfQvWyzPk5arHxJajxhf3VLVxIH4b7SjgvkwEXphxhTxfH5J3t4xG-BzP1sqlArIrhpyzGRwiVrtX96EAybe3Sy1DC0Aw9qoka7xGWlZU1lrrwH3K8X6y4RijEECR68L7MsvxSXIViqMhFx834lRZyghUUClyNdfzwd4q2LYzZEFsj-exMaT7xgNaFcUaYVzbugqOLwtWIhM9NU5EKdacTd4FCuquD9AqqicmVZThddGPbeStOqURdCEE5nUffI9H47J5zjXv-R312LBRiqYIKLnQy0f04woXSWMcj0is5VkkrB_2tQCtVGaPVus3bLw5Q_xMOZiqu254u1H0aFHluRGGFzBCwPOKwZA8_-FcYf6njuEA2GdLvCoz8qhfYmw-vGKJnAAmUpGf61x874FG2KHidDG1X3iN0F0hIfaX60ZJMYa86-R5yoJZBp4hqafZBHtD1uCEXMfqcxgKIOrvzCiEFTT-d7YNzblJwaTTE_Izod3GTopenTllNKK3sESrL8qQP1WUtwx2jp9zLBJyyWQ-PPjMfqQBJ-sUDCjMttFqkzNrwbpMV_sg-bnC8NqfJFwXJ2uyN8sIWZhnDUzFvq36rR7CN117gpb9tpS2Q0xnRiUqDFHU2Syeo49_Ju0V7xl0JpB4UQxP2UbMjhI6m47iPPBwn6HsptH0X1PSZIZ4ei2Vb9m4FqXAQkpdEll9cgD-P_bT9XNlU9pzrGrFuvv3KH2E2wCjqdgP1HcNhUHbjRxNrSe40kh61ftZzz59m3uz_N-YoRR0XFHmNjeggjAiWrEjmoTVKg91JbIAE5vNCAoN8KuNkIsW6VQsfrQYUo85TffWEQrLmSkAOGsbeaPoCriWUz1YihG4JF1VJ7EnSSz3-vrqVh1PBWb6_LDyh05xcG3tDh_PQMkbn7X3TrWyzH3royhDQmeqyKcEyUoFshAfn4jMCID1HS-Tl9gpmX2LehsG8hcUwUrN4u6g_aO4Pq5bW-_xabFpUfxS-FZUDlvUF7ZQIKjMoL1yKXk4m_Gnw35HAQUOll8V49ils5MM00aE6i8hghv-aoiezi4sLLywRihYNyNEy6wpdtDNHWOMZzsXZW1upYwjztYVL0iJIAIqdA2nmwaMCJJc_QlO2ZrFktgozTmuq4_AKn1F1quPRdewxRH1tJ1Xxx1n32QnjyVJrTJAkiEQYkDvNjz5GqGTMwh-zLXmlePu29-MEMczLA35H_EOKww_0dGqON1r0KOmm7IeLl9yTL-_g6zRf2XCC4BF1kyQtfwI3qMJC1y0sGHpspPpAv1W6h1_NhH4xWwCzUjiWysr-yIXqAO-uCvg3DYylEw7JLsWojRbqVt2y3PYUX2NUHZDdLzVeaaV3fg7seKQU4T96wFqnKah9HzqimBdVnKCKOa8pIMedFWw6Gvv7YduMR5tbYWrEbtijtwcrU5uvgjhRlhtRlnowlu9kyKCrrO0GEDUMn14tlhC5cgSymvf5lzSbyhY5_pZEdVcI8r-qAHLnCaZXUpMAdSkApWfdCUYVR7vEe_-6-FrQwZyhU_j1gQZ0vwoBE0lkZBTT4X_ITTXxbEk3_nlerJVOux-VbdUyDI_J10kELCP1mZ2qM5PvGfTF1ZQI_iUd4mII25QKSQF1SXQpPhD-S1AF2G_blm5v51T9iMwlURsZkwcMW0aU3rMPGtIUWZTBvmuNd4ZvB4KcpvRDu_KmfOfU78Ak1q8F87RHDmoVb0nMQGg7L2Zjt5bMXEG2oRoLfkZP2JQVkJUhTlclY5SLYnqj_gzDn79UAY9gjh_-Ved5MvJ6_PaJDkU_BC9-3I_rJER5oNIPNjF_xPRku087rDdwYBEQzLoobdD6lbwKmGmWttP3LUtNPvwgkvMXeAKltCDOS-lLzrFLxerRzufQ5ed1n3GK53XQkDg-ZmdxL31heSN76Qs5h8BwjiL9C1s0MUJK_JnIclD_txJv2S1Relqk26UmX6zoekzL8nSMLlhUYxpBwrXDk8uvn6Ni1zA4MCjxJ_tNyWestnxmEIQf4Iu59JAc4364LZAGsYSTBsfTKnXfTmpgKOQKutbQ4Tg7MvwTzdz_1G5s1j7vmVcujpkuXe8KY2-UwCFcTPCQJ8jcAx5T8mZlUvvd6oy9wUs6PWMNqHkcmXbWDGP6W5tk7aDnNwkdSoHNHI_7tKqE_-fhI3uVt8_cP3hBiQkOlKPbPPddMW-11dOl19eGWLjkDAfLS0NSXG9XKbiafFyk-8tTJUsOe9593_vGwk1qVfTWlJvGLzcD1swP1Ki6obrbDKTqVOuer0qlj6ZpP8NS5SO3JTqPQLtch1o3C_J1MJvSUxXDoc1o1uCkgFggEmM2mUmhtktJxD8bh-D67L5YuHk_xY4Ani3pxAcMkTsX895Xf7nL333jkm3Xk0wqirXusbwfl7C3MeRfo1ndP9lsFQFcwd1BX3NI2JGi8LBgPEodav0rfIYXGRPLgF1_3KR4TYZzj9k6ketKKOFB2YSyCE2WDCHARIj-tGwL3iwBOf2I1ObpnTq6z2nggf-8bR2W0Wpr3QR14oAKQqrPi3MGkHyU1s2-wStbz2qCTm411hdkCObJL7ri-R9TCFlmcSXmAPmZNjJCcxE9k25ZPdpGLCXs2iLXhbW-STGRVVgDZN85JrRzsxDUVyP234j6ePY2NwoW8rhXzpKsZg&cid=CAASEuRobbMLr9wO992_xT5oy2zp0A&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
cafe /
Resource Hash
fdc406088a921b393c515e15d4cfa8d06504f84fa87a24254f7eabb6ea49d9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12387
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1E8C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcSQFEgBQYa60Ec_l7_UPucKwyA6ToOP1Y-mI-6i_Dpeum5fHIBABIMCygmtglYKAgKwHoAH8_8vxAsgBBagDAcgDmwSqBNABT9AtJrg4AwFb7swQyfRm6aOSeI_n-sWd-px756jFW6t1sGCQUnDe-HgVNZYxGoIO8cdVuqzvAid7615GjzcLYHvM_3UfFBadHHKZKu60aHqYI8RL1ErmKUioDqW7rvn73RlRRKIbMRb267N-Wh2qTKJujLTLwSWm5kxpab-JAaNd8uBBUifCmIGUCYFWeovRgUb8Sm0EvJLZXBSR0wzyZIb1k9Z1DR4DcUAtNi5GqWjKzKV96iwF9hMXbTfJ7tsemQCeA278OlDkpTKohH6lKMAE9pja1eAD4AQDiAWPz8yUNJIFBggbEAIYAZIFCwgiEAIYAUjf1pABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfs_7OOAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwsQoMe9AxiNnv-vAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA8gLAbATpaywDMgTj_be3QPQEwDYEw2IFATYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=macs12rTtIA&cid=CAQSOwCNIrLM5BgvQiBDCcgOEKOnhkyVhTM6TOpVUZGixbCUUPNbgS4S5IvVW_BGnh8F82hF96tY4G74RiOy&vt=10
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F20A
1 KB
868 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 25 Sep 2021 08:58:57 GMT
expires
Sun, 26 Sep 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72514
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1E8C
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a5220285e6345d3330b20c5eb4e8b2b64a9a0fc5096d7f4da79f3bf6e547153

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C693
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 25 Sep 2021 19:02:13 GMT
expires
Sun, 25 Sep 2022 19:02:13 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A86C
783 B
980 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac30299a451b07f3dfdd005c59c473583148c7273b74bb637c525d8a83972fb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2rID9Xiy4uMzYXCUm9cTLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 26 Sep 2021 05:07:31 GMT
date
Sun, 26 Sep 2021 05:07:31 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-2rID9Xiy4uMzYXCUm9cTLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
56071563
unified.adsafeprotected.com/v2/775613/ Frame 1E8C
21 KB
5 KB
XHR
General
Full URL
https://unified.adsafeprotected.com/v2/775613/56071563?mon=56071564&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N418801.3478950AMNET-DV360/B26146846.308937582%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://finanswebde.com/%3Bdc_ves%3DdGltZXN0YW1wOiAxNjMyNjMyODUxMjcxCg%3Bdc_cid%3D154742664%3Bdc_adid%3D501788673%3Bdc_vpaid%3D0%3B
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.224.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-224-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1bf06be45a3e3bdd2f3980868ec63ea4278b1bfbd88eba7f7af4e6d3539f0e59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:31 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4244
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F20A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHLtJp5W6ADfpE7y5ZSoC0E&google_cver=1&google_push=AYg5qPJKnxaktJZ5uDE-qKDtfx6s2Z9uHhSZJhr73_nHxm9vxtp3lZ_kebKAfhFP_N2XVYCAXv6SV6xG5kUu-6GrH_8QYJMNPwAR
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2ODYyMDgxMzY5MjcyNTk0NQ==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHLtJp5W6ADfpE7y5ZSoC0E&google_cver=1
43 B
407 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHLtJp5W6ADfpE7y5ZSoC0E&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHLtJp5W6ADfpE7y5ZSoC0E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame F20A
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGrx8hN-XHgb-asUt5uoJaA&google_cver=1&google_push=AYg5qPJlkvrNcbo090Q2UGqQZBlioxUOy7iVnGlaYLbcIovtj522oqT1VeocC4oP9z2MVpKGKCS_4E3JcoRMPPc94JxzUH5mW5mr
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F20A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL6na32WK6Azmt1g0vUx2ic&google_cver=1&google_push=AYg5qPJT2rvCx_2pdDTGpV3VSjyDkwAcsWbxRXD3AI-azWhrbTmdENN2wCWrQ23_IgqfSAiHfdfYzlMNmbgx5F7M...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJT2rvCx_2pdDTGpV3VSjyDkwAcsWbxRXD3AI-azWhrbTmdENN2wCWrQ23_IgqfSAiHfdfYzlMNmbgx5F7MeJom10Y8xXA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJT2rvCx_2pdDTGpV3VSjyDkwAcsWbxRXD3AI-azWhrbTmdENN2wCWrQ23_IgqfSAiHfdfYzlMNmbgx5F7MeJom10Y8xXA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 26 Sep 2021 05:07:31 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJT2rvCx_2pdDTGpV3VSjyDkwAcsWbxRXD3AI-azWhrbTmdENN2wCWrQ23_IgqfSAiHfdfYzlMNmbgx5F7MeJom10Y8xXA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 26 Sep 2021 05:07:30 GMT
pixel
cm.g.doubleclick.net/ Frame F20A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMjaSuIJ0SemfTgDlsbDaHk&google_cver=1&google_push=AYg5qPL961I6enT5JCsO010fWQ8XWDQsbCB5-cBKtwxwY2tPNCfkxwf51f_kmAsaIUFvmS2tXllKEDSSJ-50p5xRdgHCT2DAw7YW
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0E526A1C6D649E88D91119913544B49&google_push=AYg5qPL961I6enT5JCsO010fWQ8XWDQsbCB5-cBKtwxwY2tPNCfkxwf51f_kmAsaIUFvmS2tXllKEDSSJ-50p5x...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0E526A1C6D649E88D91119913544B49&google_push=AYg5qPL961I6enT5JCsO010fWQ8XWDQsbCB5-cBKtwxwY2tPNCfkxwf51f_kmAsaIUFvmS2tXllKEDSSJ-50p5xRdgHCT2DAw7YW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 26 Sep 2021 05:07:31 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0E526A1C6D649E88D91119913544B49&google_push=AYg5qPL961I6enT5JCsO010fWQ8XWDQsbCB5-cBKtwxwY2tPNCfkxwf51f_kmAsaIUFvmS2tXllKEDSSJ-50p5xRdgHCT2DAw7YW
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 25 Sep 2021 05:07:31 GMT
google
match.adsrvr.org/track/cmf/ Frame F20A
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGbHP5UNclbVRb_dKEnQ3c4&google_cver=1&google_push=AYg5qPLpVW5-gHnLUEPtro2EOwIbycEYJmfBX-nwxvtC3nTT3cvXvZOTt_RQ8OHVerEk3_DSWbD4s-9M1W0dovSw_yHWeZyUraoH
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F20A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJB2mvrJ8fSDPHaFSnqYmGo&google_cver=1&google_push=AYg5qPIOPClSG5yJdzYabqWpVTqgb8U6czv0GB5AmSYSYJrT5ZFn67wbQs9iH4q0W3rl-O8ylIsZSBd4YBPEuz...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjEwNDcwMTQyNjUzMDQ1Mw%3D%3D&google_push=AYg5qPIOPClSG5yJdzYabqWpVTqgb8U6czv0GB5AmSYSYJrT5ZFn67wbQs9iH4q0W3rl-O8ylIsZSBd4YBPEuzPF6O...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjEwNDcwMTQyNjUzMDQ1Mw%3D%3D&google_push=AYg5qPIOPClSG5yJdzYabqWpVTqgb8U6czv0GB5AmSYSYJrT5ZFn67wbQs9iH4q0W3rl-O8ylIsZSBd4YBPEuzPF6OhVm3zGNgI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjEwNDcwMTQyNjUzMDQ1Mw%3D%3D&google_push=AYg5qPIOPClSG5yJdzYabqWpVTqgb8U6czv0GB5AmSYSYJrT5ZFn67wbQs9iH4q0W3rl-O8ylIsZSBd4YBPEuzPF6OhVm3zGNgI
Date
Sun, 26 Sep 2021 05:07:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame F20A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlO...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame F20A
0
253 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkAMgW0sdLYSSlxPtBkTPS0sP1Dnaq5rG7jg0q3BsPhG5CFOZQLr6RDPYUqaW3tnJP9K-U
Requested by
Host: 0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
URL: https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bridge3.481.0_tr.html
imasdk.googleapis.com/js/core/ Frame DD8F
575 KB
189 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.481.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75e1cd844a9a26f0baa515444590c3a30a872b7a4e885a1ba8d831d07d349c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.481.0_tr.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finanswebde.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193246
date
Mon, 20 Sep 2021 20:35:11 GMT
expires
Tue, 20 Sep 2022 20:35:11 GMT
last-modified
Mon, 20 Sep 2021 20:26:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
462740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 26 Sep 2021 05:07:31 GMT
10487510
panel.izlesene.com/api/player/npm_finanswebde/
3 KB
2 KB
XHR
General
Full URL
https://panel.izlesene.com/api/player/npm_finanswebde/10487510
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=18896
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.7.176.4 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
nginx/1.4.4 /
Resource Hash
b0e293cdc6c27b7c0e86405ff8ab817a7d942728c705da1d1d832a80612b7689

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 05:07:31 GMT
Content-Encoding
gzip
Server
nginx/1.4.4
Age
0
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Via
1.1 varnish
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
X-Varnish
382467543
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1350
Expires
Sat, 26 Jul 1997 05:00:00 GMT
favicon-32x32.png
finanswebde.com/static/img/
1 KB
1 KB
Image
General
Full URL
https://finanswebde.com/static/img/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
f38ab134ffcf8f1521b461973c3db993098f7915161c5d79627d3fc4ee4056fc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finanswebde.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://finanswebde.com/
Cookie
_ga=GA1.2.1757065320.1632632848; _gid=GA1.2.876826594.1632632848; _gat_gtag_UA_49264185_15=1; _gcl_au=1.1.95425914.1632632848; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632632848444]]; pId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79; uuid=183nxvrumkgku0rfbay_1632632816122; utoken=b0b5518871ec15e5c17853c7e9d86ad7; __gads=ID=4e86176e76270a29:T=1632632850:S=ALNI_MaKphRqfieb_Rrr3EUHuW0bT05Gmw; __gfp_64b=0SEb.mULxuxYHVppyiHAhYXdOXXl6sjKBSNwWttn7AT.k7|1632632851; watchID=0ca32a02-a6f0-4748-be1a-89f76880301b; userID=2ee23aa3-1c28-4af8-91f1-9ab0f0435af3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:31 GMT
Last-Modified
Sun, 15 Aug 2021 06:13:38 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"429-17b4871bbde"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1065
Expires
Mon, 26 Sep 2022 05:07:31 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 1E8C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 07:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 19 Sep 2022 07:23:42 GMT
file.mp4
r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 1E8C
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0
Fetch
General
Full URL
https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81348E60371809A0E68E86207816743296686BD5.35F1152AF7093049B9BE70D87335E046BFEB147C/key/cms1/cms_redirect/yes/mh/vW/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1632632429/mv/m/mvi/3/pl/51/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:31 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231553
Last-Modified
Fri, 16 Jul 2021 15:05:23 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 26 Sep 2021 05:07:31 GMT

Redirect headers

date
Sun, 26 Sep 2021 05:07:31 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
654
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81348E60371809A0E68E86207816743296686BD5.35F1152AF7093049B9BE70D87335E046BFEB147C/key/cms1/cms_redirect/yes/mh/vW/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1632632429/mv/m/mvi/3/pl/51/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1E8C
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ku0rg2bt&c=7942828369774&slotId=3971414184887&qqid=CK6F3Kjvm_MCFc_yuwgdOSEM6Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=991&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=19&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.12p
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A86C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092001&jk=3548984713581063&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
pagead2.googlesyndication.com/bg/ Frame C693
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 19:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
121829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 24 Sep 2022 19:17:02 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame FB2C
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Wed, 22 Sep 2021 09:07:14 GMT
expires
Thu, 22 Sep 2022 09:07:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
331217
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
pagead2.googlesyndication.com/bg/ Frame FB2C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
52668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 25 Sep 2022 14:29:43 GMT
count
logger.virgul.com/
0
116 B
Ping
General
Full URL
https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_finanswebde:13::10487510&o=0-100&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=9/26/2021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finanswebde.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 26 Sep 2021 05:07:32 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
file.mp4
r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 1E8C
2 MB
2 MB
Media
General
Full URL
https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/d16586e389d37218/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3770895924/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81348E60371809A0E68E86207816743296686BD5.35F1152AF7093049B9BE70D87335E046BFEB147C/key/cms1/cms_redirect/yes/mh/vW/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1632632429/mv/m/mvi/3/pl/51/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
109fa26166c6f285673f4456e8d6eb93c832d915dfbf86a4a48221048c363bbd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 26 Sep 2021 05:07:32 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-2231552/2231553
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231553
Last-Modified
Fri, 16 Jul 2021 15:05:23 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
Expires
Sun, 26 Sep 2021 05:07:32 GMT
csi
csi.gstatic.com/ Frame 1E8C
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ku0rg2p8&c=7942828369774&slotId=3971414184887&qqid=CK6F3Kjvm_MCFc_yuwgdOSEM6Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=991&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F775613%252F56071563%253Fmon%253D56071564%2526omidPartner%253D%255BOMIDPARTNER%255D%2526apiframeworks%253D%255BAPIFRAMEWORKS%255D%2526bundleId%253D%255BBUNDLEID%255D%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN418801.3478950AMNET-DV360%252FB26146846.308937582%25253Bsz%25253D0x0%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Ffinanswebde.com%252F%25253Bdc_ves%25253DdGltZXN0YW1wOiAxNjMyNjMyODUxMjcxCg%25253Bdc_cid%25253D154742664%25253Bdc_adid%25253D501788673%25253Bdc_vpaid%25253D0%25253B&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1E8C
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ku0rg2ww&c=7942828369774&slotId=3971414184887&qqid=CK6F3Kjvm_MCFc_yuwgdOSEM6Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=991&mt=video%2Fmp4&vs=640x360&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252Fd16586e389d37218%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3770895924%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F8D248A6643A8AFA295546D684F85DEE4D3A65728.54A1A9F56F212539A353514CD20CCF6698BDA335%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
count
logger.virgul.com/
0
116 B
Ping
General
Full URL
https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_finanswebde:preroll:100&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=9/26/2021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finanswebde.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 26 Sep 2021 05:07:32 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
truncated
/
1 KB
1 KB
XHR
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14a130f836ad1c90c49fc2d4e9456ac78f7f28e0b72767001fcdb5b36ca96106

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/vnd.apple.mpegurl
chunklist.m3u8
istr.izlesene.com/data/videos/10487/10487510-240.mp4/
2 KB
2 KB
XHR
General
Full URL
https://istr.izlesene.com/data/videos/10487/10487510-240.mp4/chunklist.m3u8?token=16R96lstmtXI3Pgk97Kteg&ts=1632722851&playername=npm_finanswebde
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=9/26/2021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
facce6a61b9f2d903eaffd102f5e0e7cc8f94556667daff83b0043f13d35ea51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:32 GMT
server
openresty/1.15.8.3
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=8640000
accept-ranges
bytes
access-control-allow-headers
origin,range,accept-encoding,referer
expires
Sat, 25 Dec 2021 22:33:45 GMT
truncated
/
1016 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092001&jk=3548984713581063&bg=!T0ylTAjNAAZNQyuQTUM7ACkAdvg8WreITPn7qWqb_SqIboKtVUTL3gJL1S-Zb_-RRcDfYIuq2mMHLwIAAAITUgAAACpoAQeZAsk3CvuF-EtjtmBwBVouMyhFl7qqZBHHVN7y7YanHzM-nfRA1fgr5b2RFbVbKRQZ7aezC5Sx8Y92Wf2OdG3Tb34RMxQGbfSNKlryvmacJX_Ho4z31SNoR--8Vuu_6AX1v2n8aHhEVQNqikHk1G8bF5rmb5I5b3wcsMkcQUsTx5gLBT5lSZWO7WlMtKupoTXP1cEn25_n9MroVaoJhZXLoWl_wz8eY6s0R-7u0SeMFm5wVZJRZBhWTT9e3rcYc7x30nNrb87dW8V0aQLEKIlC6ctKNo8drb0345J4PYhwxO_T0c_CK22QlApekmkt5-KuUeKISIZ_hxTRldaNB4J4aafaWUHGdePWZiUaJHIXi_zJ053iTIIapCMaSWALeB1FhZSHGgFK0YVQj6p7c9yF3VUCHxn2mvc6CoYYSvSMoZxermzIYNlB9LpCtn_OmR3outDS2FWI17XLlIo4nNEkCSyUoVKk-58p93BFOzanoWlE_noHwzbWrvSEUoB5OkwnFDNm4vImbgTp-WbCmLa6IVZ3MyU3ReohB7hr_15lRYF2w5GED0g2Pgdr1IZnyKzu7U194YwpI3prorMMAOVCa2U6jTl5evoJrsEDLseYSYP6iWIl6E-8eVxvyyhezj3rBQdpSiDoaF7GpF1HBVy6LJIRVMQJx7slv4ZPNItTGebUJUjqQj2atObTKpzx_taAfoNt41bhhS3d3p7FLZPd3cV5RKxfk2Eqhg7XPpQm2SmZnL0BaWAPEIcatH1HF3od9uxwNpdAVpeT967NfVstK57N5ckJh_gqgPrbBZwO-rS-xjDFwSIt_nVlm8piZyf874lHEVAFBngivJjHBmPvegWBklw_WSLyjLdbdGv8XO_f-AvFy2hdHo7-VcO3fJ07BQhf7o3FN-wDBNphqSNjxGP1lWrwoxQnih2p6Ie87VlpWQx_YmOYLcZKvg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame FB2C
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bm3ZnEwBQYd_oD8GI9fgPiZCj8AUAAAAAOAHgBAI&bg=!0tGl0ZXNAAZNQyuQTUM7ACkAdvg8WhgaUtDenTrulOEe6pkf2VedTXTnIbrNcBs7Xp_tXwJlZKpuXgIAAAGxUgAAABdoAQcKAA-GLvD9S8kjBNFmGta41HOZAvxx_FRfMxcqfV-wQws6VpctE7fDjjO38wvBsOxeYp4Ip3nFHA_Y9v26uCF7fO4IpkkxOzQOWQmT1tx0eGaoK0rqu3lprtC7-MAAnqvyr6qjT40kMODdPP64UoT9_LCpcEdqB9Su6CAIqctiyQiVdsQhxmq4DhbjGcrHBoQfOJpuhlLySnnc2l6vg3glxEPsXYlqHyVt9DeU1c5tStkq-hZs2eK2hsy4_Nrlu0mHQAi1lmaC2O1_rZ4WqeRH4GSgSWZ4GA2gq-ipmYjW0Nf-lWZtZ1MTX67yKT3EGdj7HzWqrJd24MIY9WXWcOSk9j3IWrEY3updX-FcI5YDBO2QIMyVSCrjnzfF7qm2d_EdajymlFdWu1J4Z0U_DqxexKTRST6WKQ2E5NVuziMeHPR0iwvnZu9hFyjO5gyxZcMgP3VMopWyGyxqnPqopAFNn1HDOVxG-tUdu4Z-NpUJfwpNyP0f9CpSmE7GrtxQPiE-FzD38-zIEkum1gYgvKr6hC8jrRGVA6RXyEA3jNyX5qB1YUuqKJjg4neXqkhBHBmxX6eLsCZzGBJD0Thg2k2yc2WQia5jkJbXMINhNGpIoonddjqQE9Zhd9TOtqENLn-25hpulVVv-7rCYxqWh5nCGt-FBlUah3FkUMOme3rYkJLopHmGy-10j_4kvlbWhZv6ddJtj6WYk_fM3NKgt5JpOvrwNKEwFQmQbZ8bnjM_qY-522WkPZllj9yW_C9QBFGwpzuCU6AlX1Hl5CudedxUV-uogpZxk6jQsrqIe1ZPHTL9b2N2C2LPFE4O_fuq8c3MVRXgZbloyex1VrlpSiGMrKyg6K4y7KTDjoWfHtTb_xCsz3vcD9_2cVt8Hka1cwRYh9ewv-sJDPcTe1QgICeYqbkE4COiagmdnRb1ealAEt5PDk2tWVmg5ydPjm_B8yPxyReuKdDbTLWJVxOrpPviHte-3qcN1VPDsH6WIzJHWw26yanorf9uZtkwT_xx2jXpRqN5jvtnbOcj_cqLio8TEw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIn76Xqe-b8wIVQUQdCR0JyAheEAAYACCI3-RJQhMIroXcqO-b8wIVz_K7CB05IQzp;met=1;acvw=sv%3D20210922%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 1E8C
42 B
340 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn76Xqe-b8wIVQUQdCR0JyAheEAAYACCI3-RJQhMIroXcqO-b8wIVz_K7CB05IQzp;met=1;acvw=sv%3D20210922%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D202511707%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632632852324;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 1E8C
42 B
121 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CeXD3EgBQYa60Ec_l7_UPucKwyA6ToOP1Y-mI-6i_Dpeum5fHIBABIMCygmtglYKAgKwHoAH8_8vxAsgBBagDAcgDmwSqBNMBT9AtJrg4AwFb7swQyfRm6aOSeI_n-sWd-px756jFW6t1sGCQUnDe-HgVNZYxGoIO8cdVuqzvAid7615GjzcLYHvM_3UfFBadHHKZKu60aHqYI8RL1ErmKUioDqW7rvn73RlRRKIbMRb267N-Wh2qTKJujLTLwSWm5kxpab-JAaNd8uBBUifCmIGUCYFWeovRgUb8Sm0EvJLZXBSR0wzyZIb1k9Z1DR4DcUAtNi5GqWjKzKV96nQEbOaE_1ZbNVOx-o4xNYkwO74o579h-fNEk8F10sAE9pja1eAD4AQDkAYBoAZOgAfs_7OOAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04Mzg1MTU4NjcyNzkzMzI2gAoDmAsByAsBgAwBsBOlrLAM0BMA2BMNiBQE2BQB0BUB-BYBgBcB&sigh=mU6RCM9ZREs&label=part2viewed&ad_mt=8&acvw=sv%3D20210922%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D202511707%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632632852324
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 1E8C
43 B
182 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:48:57 GMT
x-content-type-options
nosniff
age
1115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Sep 2021 04:48:57 GMT
pixel.png
unified.adsafeprotected.com/ Frame 1E8C
35 B
174 B
Image
General
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vMGRhYWYyNjFhMmE2ZjBlOWU1MzNkMTQ5NjIzMzIxMTQuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiNzc1NjEzIiwiY3VzdG9tOCI6IjU2MDcxNTYzIiwieHNpZCI6IjA1MjhlMzk2LWNhN2UtNDA2NS1iNjhhLTRkOTEyYTYxMzI3YyJ9LCJoZWFkZXJzIjp7ImhlYWRlcjExIjoiRENNIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiW09NSURQQVJUTkVSXSIsImhlYWRlcjQiOiJbQVBJRlJBTUVXT1JLU10iLCJoZWFkZXI1IjoiW0JVTkRMRUlEXSIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2MzI2MzI4NTE1NDI5ODk5NDYiLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX0EifQ==&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.224.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-224-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:07:32 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame 1E8C
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/775613/56071564/skeleton.gif?xmtp=v&xmapp=0&xsId=0528e396-ca7e-4065-b68a-4d912a61327c&mon=56071564
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=0528e396-ca7e-4065-b68a-4d912a61327c&mon=56071564
43 B
259 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=0528e396-ca7e-4065-b68a-4d912a61327c&mon=56071564
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.251.11 -, , ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 05:07:32 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
16114709
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=0528e396-ca7e-4065-b68a-4d912a61327c&mon=56071564
cache-control
no-cache
content-length
0
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame 1E8C
0
592 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLxbYmN7EyliUicwtQi9Uub_xpgZqEWblWvSq8jdbKRgTHIT5y9GObrivxC5U6p90140M8L21XIhIdGqbQRMfjToQiz9556uiPpuOUEP7gx0DfRkgG7EonEsEATLC7ZsSfR1ZP8B0XrR6JkVGdlC2W_9bk_8_ZKMYoOqQa1oSwgtpVA50e5mBBLFV2HlYqdkytLHC81hUdotAg9f7AIJhmhAg6BHMPeRiAgjbcBvwyGT84BosnFoYUVmpb9osYzpF7NZmKWlW9dixA02Y_JH6LKTNwvVglXRQC2lG5-ogBU1pPJI5Qn8BU-45sV7OGOAvtYirxVa1VTlF_9fCB_u13zMVg7O_gjPbJsInv2hV-vuQhRwGoODXU62oIoyAlhIu31YkzAw3eWf8_augVUVYrF1-DGJzh1Ux41b9LKmg0jeYnrk-iuDqQSp7wK5sWtHBWAcz8834SVSy7jZG-_eaakfSJw6X4ZnIBwa8IkFNh0HvkDu6e2MnqLQuMW9TyWny8-PaQW0KHG7vcY5jeqkLJTIwcrKHTGzcHIY2VK0jGQ55Rqt5GPAh6iUqH-lOw6zjsSBA36ILczyZC9fIhEvArYq70WtdmlbKDpBTYLYNtcUPKjsiP5IXyJHvU22Z45j7KQRnu5vHUKJBnw3N-QCktbPoZUsxWbQ-Qv25X5cx22OjvT9WR76O58xLG1B7BUli65TGSWqwHNQ4scwXJC321brbRgjGYUGTw3NbiYiaUXHROwlOBPkH2-J6Ss4mrXTOmi2cNQgqauJwTRslxzPMJ9G9CcTHF4DboEIV_9w2C9idSVNP_R0czd02tMBp8tXALM9yd98TGsMwjDXDtkIsv2IXP_9bWus4_UP9iNSw7nLBt2Sktf7ZErWCe7p2WvLx9gLuwNWcmR7aUXWgbSURiQ3ZqCbtlpaZO5WdfVeYQ0J0Or1DZXw3DV0p9KmXy7Vf2S5OATACUMzS36-xsZ64Buv6jKF27iQM2DcoPWookAvXpLK9isQbcoScTo2-SWtGsM9gCbIfqldGvUiBJqkGN90sqDQYWi5GgO2SIIHYHfzLMWcszIvjB4ImU_NunMpazj2vYKzkA2HDVAUoNWO8UPXtt2x44gDwIrqB8EQ7NsHQdKZTVRlGRipFcxON6nPTKLvtv4ewEg0FTw9dCiPd6XgxtPg&sai=AMfl-YR2iLK07PO3bJY28Q_DS7x81-xncUzbASXBBmrefJAm9_PwpB37aSTG3NYkZqMDBm4KYMSuijy-Ploe2Mxb6G1ZhMzsqy1dCmp2p6QWWxa--yIaFDp6VaalYWRy1-UGBw6EaKmWAFS6v0bfs8p2Jrk7jnMtew&sig=Cg0ArKJSzIBR5hIVZh6gEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 26 Sep 2021 05:07:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
firstevent
intelcorp.demdex.net/ Frame 1E8C
Redirect Chain
  • https://intelcorp.demdex.net/event?event=imp&d_campaign=26146846&d_site=5134578&d_placement=308937582&d_ad=501788673&d_creative=154742664
  • https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=26146846&d_site=5134578&d_placement=308937582&d_ad=501788673&d_creative=154742664
42 B
957 B
Image
General
Full URL
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=26146846&d_site=5134578&d_placement=308937582&d_ad=501788673&d_creative=154742664
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.185.148 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-083815726.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
opWJ4jvfSf8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v018-072cb8bc6.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4O9mC67LR9Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=26146846&d_site=5134578&d_placement=308937582&d_ad=501788673&d_creative=154742664
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E8C
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGI2e_68BIAEwAQ&v=APEucNXvQOz_IFDpK7SZxTVU56dTcOxvFPv0wuRgTFH3mgJP87okBcEf30omtkKQZ8V_LNbXeDkTH4uidRRDfZ-BT673e7spDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E8C
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIn76Xqe-b8wIVQUQdCR0JyAheEAAYACCI3-RJQhMIroXcqO-b8wIVz_K7CB05IQzp;met=1;acvw=sv%3D20210922%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 1E8C
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn76Xqe-b8wIVQUQdCR0JyAheEAAYACCI3-RJQhMIroXcqO-b8wIVz_K7CB05IQzp;met=1;acvw=sv%3D20210922%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D202511707%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632632852324;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1E8C
42 B
113 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQpTwv9xySEAu-RgNVolYqqvH9syFdgAcSdzQPVCove4k-gtuqGt6SWXEBzVb4Er-iFddTmnX_YvcHYzxjQ9aZ4bOfRgUc70q-fqh2mwTnhLvWhFGToQ&sai=AMfl-YQIoQqdJzIXFnd6N7cfOXWON-Q1Vxlucu4bz4MLbpHRx_la1fgws1kjUoUVU6_mFyrrs3-U-ni1aXzJ9ivWHJbMexfT7HdMc74hqlxqR_8-W2BfFrPXht8pAUs&sig=Cg0ArKJSzFQ92oqWrMZIEAE&cid=CAASEuRobbMLr9wO992_xT5oy2zp0A&id=lidarv&acvw=sv%3D20210922%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D202511707%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632632852324&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 1E8C
42 B
108 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CeXD3EgBQYa60Ec_l7_UPucKwyA6ToOP1Y-mI-6i_Dpeum5fHIBABIMCygmtglYKAgKwHoAH8_8vxAsgBBagDAcgDmwSqBNMBT9AtJrg4AwFb7swQyfRm6aOSeI_n-sWd-px756jFW6t1sGCQUnDe-HgVNZYxGoIO8cdVuqzvAid7615GjzcLYHvM_3UfFBadHHKZKu60aHqYI8RL1ErmKUioDqW7rvn73RlRRKIbMRb267N-Wh2qTKJujLTLwSWm5kxpab-JAaNd8uBBUifCmIGUCYFWeovRgUb8Sm0EvJLZXBSR0wzyZIb1k9Z1DR4DcUAtNi5GqWjKzKV96nQEbOaE_1ZbNVOx-o4xNYkwO74o579h-fNEk8F10sAE9pja1eAD4AQDkAYBoAZOgAfs_7OOAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04Mzg1MTU4NjcyNzkzMzI2gAoDmAsByAsBgAwBsBOlrLAM0BMA2BMNiBQE2BQB0BUB-BYBgBcB&sigh=mU6RCM9ZREs&label=vast_creativeview&ad_mt=8&acvw=sv%3D20210922%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D7%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D202511707%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1632632852324
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1E8C
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ku0rg2ww&c=7942828369774&slotId=3971414184887&qqid=CK6F3Kjvm_MCFc_yuwgdOSEM6Q&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=991&mt=video%2Fmp4&vs=640x360&dm=15000&event_name=first_play&asset_bytes=214235&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=13&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=2&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=videopreviewstarted.1mo
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210922_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 05:07:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
seg-1-v1-a1.ts
istr-n21.nktcdn.com/data/videos/10487/10487510-240.mp4/
0
0

74c83d08-6639-4023-988e-f898e463b907
https://finanswebde.com/
60 KB
0
Other
General
Full URL
blob:https://finanswebde.com/74c83d08-6639-4023-988e-f898e463b907
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47543be2a33dfa594a50d4b3e7b828c709bf7e96bbee6e9c499230009b3176c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
61784
Content-Type
text/javascript
5f34da2ce4b08a6a3a8f36ff
ng.virgul.com/tck/i_vb2/
0
213 B
Image
General
Full URL
https://ng.virgul.com/tck/i_vb2/5f34da2ce4b08a6a3a8f36ff?l=&r=153435@site_geneli@finanswebde:site_geneli&cs=1632632852699&userId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Sun, 26 Sep 2021 05:07:32 GMT
access-control-allow-credentials
true
server
openresty/1.15.8.3
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
content-length
0
expires
Tue, 16 Apr 2013 10:49:40 GMT
5f8590cde4b081a63b5265de
ng.virgul.com/tck/i_vb2/
0
213 B
Image
General
Full URL
https://ng.virgul.com/tck/i_vb2/5f8590cde4b081a63b5265de?l=&r=153492@site_geneli@finanswebde:site_geneli&cs=1632632852700&userId=vnete3e34428-e62b-4b6c-8077-3482bc55dc79
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Sun, 26 Sep 2021 05:07:32 GMT
access-control-allow-credentials
true
server
openresty/1.15.8.3
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
content-length
0
expires
Tue, 16 Apr 2013 10:49:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i
Domain
istr-n21.nktcdn.com
URL
https://istr-n21.nktcdn.com/data/videos/10487/10487510-240.mp4/seg-1-v1-a1.ts?token=IGWTepOv2N7-fSXI_nwkjA&ts=1632719252

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Domain/Path Name / Value
finanswebde.com/socket.io Name: io
Value: sRM0cKQuv2Q9uHqPAAPP
.finanswebde.com/ Name: _ga
Value: GA1.2.1757065320.1632632848
.finanswebde.com/ Name: _gid
Value: GA1.2.876826594.1632632848
.finanswebde.com/ Name: _gat_gtag_UA_49264185_15
Value: 1
.finanswebde.com/ Name: _gcl_au
Value: 1.1.95425914.1632632848
.finanswebde.com/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1632632848444]]
.virgul.com/ Name: pId
Value: vnete3e34428-e62b-4b6c-8077-3482bc55dc79
.virgul.com/ Name: ng_finanswebde_site_geneli
Value: 1
.virgul.com/ Name: sc_finanswebde
Value: 1
finanswebde.com/ Name: pId
Value: vnete3e34428-e62b-4b6c-8077-3482bc55dc79
.tapad.com/ Name: TapAd_TS
Value: 1632632848821
.tapad.com/ Name: TapAd_DID
Value: 10f7f3a2-caf7-419a-9012-9a96bb8b0b25
.adsrvr.org/ Name: TDID
Value: d6cbea0f-cb8a-471d-8c15-d99a5cc498a9
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwimjZ-jsq2AOhAFGAUgASgCMgsI1LHyz8itgDoQBTgB
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6461
finanswebde.com/ Name: uuid
Value: 183nxvrumkgku0rfbay_1632632816122
finanswebde.com/ Name: utoken
Value: b0b5518871ec15e5c17853c7e9d86ad7
.doubleclick.net/ Name: IDE
Value: AHWqTUkTmn0BRRYlBhB1ZTUBhofK5Mv9-8c4KluyYMqN3B5JAMpq8ZjYrToqTe6bpwE
.finanswebde.com/ Name: __gads
Value: ID=4e86176e76270a29:T=1632632850:S=ALNI_MaKphRqfieb_Rrr3EUHuW0bT05Gmw
.finanswebde.com/ Name: __gfp_64b
Value: 0SEb.mULxuxYHVppyiHAhYXdOXXl6sjKBSNwWttn7AT.k7|1632632851
finanswebde.com/ Name: watchID
Value: 0ca32a02-a6f0-4748-be1a-89f76880301b
finanswebde.com/ Name: userID
Value: 2ee23aa3-1c28-4af8-91f1-9ab0f0435af3
.quantserve.com/ Name: d
Value: EBcBCQGrJIEA
.quantserve.com/ Name: mc
Value: 61500013-672c4-28f28-ef0ea
.casalemedia.com/ Name: CMID
Value: YVAAEyoihQfF9cMyrEBcgwAA
.casalemedia.com/ Name: CMPS
Value: 5232
.simpli.fi/ Name: suid
Value: A0E526A1C6D649E88D91119913544B49
.adfarm1.adition.com/ Name: UserID1
Value: 7012104701426530453
.mathtag.com/ Name: uuid
Value: d3806150-0013-4a00-bd4b-2dd5c70e8ae1
.mathtag.com/ Name: mt_mop
Value: 4:1632632851
.turn.com/ Name: uid
Value: 2668620813692725945
.casalemedia.com/ Name: CMPRO
Value: 1107
.casalemedia.com/ Name: CMST
Value: YVAAE2FQABMA

3 Console Messages

Source Level URL
Text
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 72)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 72)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVAAEyoihQfF9cMyrEBcgwAABFMAAAAB&google_gid=CAESEItVV6FxUAT2rjvlCjBbOu8&google_cver=1&google_push=AYg5qPKB4N4f5EIsVQwYnE1bQBiKyhGr9eZlOeo1ynBzghh-F7OKy2V7rx1bKSYHzMy6bf3UrbxzvtPkUtEXFrUhwYammukFv43i
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0daaf261a2a6f0e9e533d14962332114.safeframe.googlesyndication.com
ad.turn.com
ade.googlesyndication.com
adservice.google.com
adservice.google.com.ua
bid.g.doubleclick.net
blog.finanswebde.com
c.amazon-adsystem.com
c1.imgiz.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
cuneytekinci.ghost.io
dsp.adfarm1.adition.com
finans.apipara.com
finanscepte-xuoe622gjknvdey.stackpathdns.com
finanswebde.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gatr.hit.gemius.pl
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
intelcorp.demdex.net
istr-n21.nktcdn.com
istr.izlesene.com
logger.virgul.com
ls.hit.gemius.pl
match.adsrvr.org
ng.virgul.com
pagead2.googlesyndication.com
pandg.tapad.com
panel.izlesene.com
pghub.io
pixel.adsafeprotected.com
pixel.tapad.com
r.turn.com
r3---sn-4g5e6nzz.c.2mdn.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.virgul.com
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
unified.adsafeprotected.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
istr-n21.nktcdn.com
108.128.116.76
108.128.224.84
142.250.185.66
142.250.185.98
142.250.186.162
142.250.186.98
145.239.237.56
151.139.245.20
159.253.128.183
178.33.196.208
185.29.134.244
185.7.176.223
185.7.176.4
195.201.122.228
2001:678:cb4:bbbb::11
2606:4700:3037::6815:4e07
2607:f8b0:4009:805::2003
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:1::8
2a00:1450:4001:800::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9a
2a04:4e42:200::775
2a04:4e42::775
34.241.251.11
35.227.248.159
35.241.45.217
52.17.185.148
52.222.210.175
74.125.140.156
76.223.111.131
85.114.159.93
94.130.181.38
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
016691f519a843141365c99859f0eb5c693bbbc77d158de6c42f465fdcecb5f3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fe02731c22e5466827e8f662f13266450cd5cca96f2fbc063331c8014bfb961
109fa26166c6f285673f4456e8d6eb93c832d915dfbf86a4a48221048c363bbd
10be3500edafe99844bb29e02525b9be3ca35ed9ff1a89a09248beca69d16e89
11e623f6cb6978519f97a73de00c8633974b11405e184d292eab0602a0981413
14a130f836ad1c90c49fc2d4e9456ac78f7f28e0b72767001fcdb5b36ca96106
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
170458ae1dd13b8b4b3a11201a85aaddaa22276b96b2b6a08111b21cf1740b99
185d8f83d2806259d06317454f79e517accf0cc4c54b58616eb526d5bd56ae17
1bf06be45a3e3bdd2f3980868ec63ea4278b1bfbd88eba7f7af4e6d3539f0e59
1c53a3667106f0b0507733f245f5b0614b767d476d9bd9d400600d593244332c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20bf23704fac91299cb1ebf023e37ae1a39123f98ec845c591331c7273466f75
2259fd47c8c7d4495d954f079cab5f532a7b6747a358a3e8fd92209348b0a8a8
24bf624ed768c1d266c62e624b1244c6990ca161138f9aebcd4dc9c0db7eb033
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
276081e83aec37e80200d476154f867516adacd7f0508d623d80ff4a9d0e0114
29a18daaaccc2896c4f4c22efc02cd69ef78861b9250bf53ea3c9704f285e6d7
29e2d6b0a0026b3054cf162219c34ad65705c2e33c752fdfcad9a0f5e29cfde2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cceac1929e30ad3d0ca4612a3aac4c58a8a097d6b1f9aadf0a141087eb5e66a
2cd9d25613a1c83ffd779df6e1115d89bc6453f3ee2a163c2d6da6d6ce6561bd
2db9402fc3a72ee838132d05171bb8428d9192abe23f1fd90c1e4221d51e6dfa
32b87a349a7ae7982a16088339461e9a6ebef1e46ca0f5c548e07fb7f9d0e420
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
376806d5d9e206c897a72213fdb5e3ce523924b7d346c6f77ed11c56ef43b355
39d838595c35ce856f24893976d8689c7acf0615ba7a4d9174810e19732ba934
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97
3b96281a4d7f0a6dd75da09d47fb06e4f8417d743974dcd7a14ba8d5fbea33c9
3d2f9b99a7e294b146e0d759e5fb9029ffab763a803aa06672fde7dbe176863d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43c16c3c66b80fd8b1fa295088d1c8ea7037ab3c1651c2e614e2e6f770173758
43dd014cc7cb0656790c11b99656d9ad1853c7309e2469b54a4389dccd46ac71
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259
446e9266bca4076d9954d6bebbfadf9e24a7d33073c91df5acee7c5f34fc9376
44b8bb79c99cb436e742cc7a74e26d446a33648976ccb3b63be7844fb5d63401
47543be2a33dfa594a50d4b3e7b828c709bf7e96bbee6e9c499230009b3176c0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4f5833fc257e59a588dcbe93912b4fce2a8109ce1ac14ac14b57c08e35ecb4f4
4f77143d53a55f7d543e285668bc7092e2aa24b59c95ae5c7ab8a2e512fb6ee9
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
66edf466983904d7448be44f9f321830581c3a860f2a968d6fb3fbf840597222
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
6a35bf65b8c2a24c4dd6daa66baac11e1c30daa2102777909ad2c79f4fdffee7
6d4c9f94381f2ec7e6e3384952a393b331e7793beda9dda950d2802a79279701
70083d81f4abc958e43215542c5543afedd6294b03d1d544934118c5e2ea054b
700cc89daa20c9f56e281236cdfe27a13ce2207d474614b8cf31efb45808003e
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
75e1cd844a9a26f0baa515444590c3a30a872b7a4e885a1ba8d831d07d349c08
78ecd2259a162af3406fc676dbe4810a4861027fb275e327c176a219d846d7ee
79e3381adccea1f5cadcf8e81b189501b935f79475555dcbd8e8831f53c4b4e5
7abe950e5ba5f0bfce71296a946a842fd3c7c5c93a96a324fe3866b3662f77a4
7c53b55028cdde294448c17f60159a27099e92236b11513a7fdd4dff44c88796
7c9bc717b6fa6b46de0f2be69cfe616f05ecad3386fd5e99104eabdf1f4056e3
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fb8eee8dd39adf4434a726733bc6cd6de0cc72cb7be8394ea86f7e179c5e95
8960045a0f15851413611eb6f4222e018bc397cf49be3ff0420390e96db405cd
8d40df0be5909048df8152417ab6dab760735f9f2e7888859ce11929f55e8a65
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
998982ec1f9827bce6fb99972a72f62208a738803fe6c6144fd38ebcbb558214
9a0d193b4614f95570ea527b2370560db06eddc3e22e9ffa89a5b0008fe3bdc8
9a5220285e6345d3330b20c5eb4e8b2b64a9a0fc5096d7f4da79f3bf6e547153
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab0baca7a738a0ed49bd74f042400153d207a444f1675808802a3c2aa923322
9b11d535311e6caa6c8f3ebcb4dc75fead5c853921611abd229867c7429d41ba
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a290abc20f0b59dc02b4f83a189b9830ee4f7c1110318dbdbb6bd8e19cc84407
a3c5e2355d2e1bc59d05f0486cbd099deba92650ecc11aafdb30a58cc7afd429
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6fab712a4ea0a4f08541569d33adbd45acfcad3d77007df18c3126862d8ca0a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ac30299a451b07f3dfdd005c59c473583148c7273b74bb637c525d8a83972fb0
b0e293cdc6c27b7c0e86405ff8ab817a7d942728c705da1d1d832a80612b7689
b41e03561fcd66267e40478b43dfc163e850387b636883e84aa4c8947bf273a5
b77566a54f5661c98f1bec60bd942ff3987e570513dc29dcc054108ae5cf7b26
be3dd0be46030dfe4b0b816402a0a2740a9b10e6c47eb900952e83436bfd68ad
c038f2f92310db4f32b756ed4de997ef499335657fc351ed95c21f48e91e2fa9
c22ac0cae9f97e811944726665673a5bfd34f66cd5d5d98cf649a5978f3b15a1
c3e1ebcb161634c0da64d09c2310b20eeda6cd529584709e1a9c31a436752126
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd40e8c12bdc69b56a0882deabd76b770f5dabed15e7647f84137f6a8cf51be1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d52d911dbd24c2527abaa08d96416ed4adb22773c17916fb760b4f0fba1ecbb1
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dc6fdfd97aa43f40fa0ca79165be3616c2abeb92ff24044af5c381620cfea76e
dcfd2026eab710c04b46105b32a10edb216c66c9c603d2f5c3704ea781d99342
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec05129d47675209868349c25491880f7ac29bb9987a9c4cec93ff729f8e04dc
ee5739deb9216d60219ee14cbc9ef3a22eb596f8bccbdb2797ab8a3fc963893c
eee895ae5ca7763e9908ff335945dc6222394aa2136cd534d05f12ad6e3d112a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef677dc1926cbfa2aa4e0f3a2cd13cc318d2d968cbfd2bcc5d7eb9a94ff13034
f38ab134ffcf8f1521b461973c3db993098f7915161c5d79627d3fc4ee4056fc
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
f8932e89a86c599fc173a5891d3fd0736319164e0fe0db872bd3c8a71698158e
facce6a61b9f2d903eaffd102f5e0e7cc8f94556667daff83b0043f13d35ea51
fbca08e51785468fece6f54f24d8c03c5abcc2ed1c931c755c4788d186c7d277
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd499d7f2b929c6b81dcf9ceebe3763483080964f80a156d54d680a7f2b66085
fdc406088a921b393c515e15d4cfa8d06504f84fa87a24254f7eabb6ea49d9cd