finanswebde.com Open in urlscan Pro
2606:4700:3035::ac43:c49b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://finanswebde.com/
Effective URL:
https://finanswebde.com/
Submission: On December 05 via manual (December 5th 2022, 8:31:29 am UTC) from TR — Scanned from DE

Summary HTTP 133 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 23 domains to perform 133 HTTP transactions. The main IP is 2606:4700:3035::ac43:c49b, located in United States and belongs to CLOUDFLARENET, US. The main domain is finanswebde.com.
TLS certificate: Issued by E1 on October 30th 2022. Valid for: 3 months.

This is the only time finanswebde.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	2606:4700:303... 2606:4700:3035::ac43:c49b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 3	108.156.255.76 108.156.255.76	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:8000:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	95.216.154.67 95.216.154.67	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	151.139.245.20 151.139.245.20	33438 (STACKPATH) (STACKPATH)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	13.226.156.149 13.226.156.149	16509 (AMAZON-02) (AMAZON-02)
2	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::775	54113 (FASTLY) (FASTLY)
15	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	185.7.176.4 185.7.176.4	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
133	31

23 2606:4700:3035::ac43:c49b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

finanswebde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.finanswebde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.7.176.221 (Turkey) 1 redirects

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logger.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
istr.izlesene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.156.255.76 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-76.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:8000:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 95.216.154.67 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.67.154.216.95.clients.your-server.de

finans.apipara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.245.20 (United States)

ASN33438 (STACKPATH, US)

finanscepte-xuoe622gjknvdey.stackpathdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-149.dus51.r.cloudfront.net

d10vd2486q68pd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::775 (United States)

ASN54113 (FASTLY, US)

cuneytekinci.ghost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.7.176.4 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

panel.izlesene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

istr-n23.nktcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144	491 KB
23	finanswebde.com 1 redirects finanswebde.com blog.finanswebde.com	1 MB
15	virgul.com static.virgul.com — Cisco Umbrella Rank: 83991 ng.virgul.com — Cisco Umbrella Rank: 72487 logger.virgul.com — Cisco Umbrella Rank: 99767	228 KB
14	apipara.com finans.apipara.com — Cisco Umbrella Rank: 880271	308 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 pubads.g.doubleclick.net Failed	208 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 87	2 KB
5	gstatic.com fonts.gstatic.com	140 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51 imasdk.googleapis.com — Cisco Umbrella Rank: 437	348 KB
4	stackpathdns.com finanscepte-xuoe622gjknvdey.stackpathdns.com	26 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5234 adservice.google.de — Cisco Umbrella Rank: 7808	2 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1005	88 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 333	4 KB
2	izlesene.com 1 redirects panel.izlesene.com — Cisco Umbrella Rank: 168336 istr.izlesene.com — Cisco Umbrella Rank: 134294	1 KB
2	ghost.io cuneytekinci.ghost.io	1 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 128007	131 KB
2	cloudfront.net d3div1mtym39ic.cloudfront.net d10vd2486q68pd.cloudfront.net	87 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	95 KB
1	nktcdn.com istr-n23.nktcdn.com — Cisco Umbrella Rank: 422665
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 288	17 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	48 KB
1	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1955	257 B
1	pghub.io pghub.io — Cisco Umbrella Rank: 1839	4 KB
133	23

	Domain	Requested by
18	finanswebde.com	1 redirects finanswebde.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com finanswebde.com a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
14	finans.apipara.com	finanswebde.com
7	static.virgul.com	finanswebde.com static.virgul.com
7	pagead2.googlesyndication.com	finanswebde.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	logger.virgul.com	c1.imgiz.com
5	blog.finanswebde.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	1 redirects finanswebde.com tpc.googlesyndication.com a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net finanswebde.com
4	finanscepte-xuoe622gjknvdey.stackpathdns.com
4	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
4	use.fontawesome.com	finanswebde.com use.fontawesome.com
3	fonts.googleapis.com	finanswebde.com tpc.googlesyndication.com
3	ng.virgul.com	static.virgul.com
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	imasdk.googleapis.com	c1.imgiz.com imasdk.googleapis.com
2	cuneytekinci.ghost.io	finanswebde.com
2	a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
2	c1.imgiz.com	finanswebde.com c1.imgiz.com
2	www.google.de	finanswebde.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	finanswebde.com www.googletagmanager.com
1	istr-n23.nktcdn.com
1	istr.izlesene.com	1 redirects
1	panel.izlesene.com	c1.imgiz.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.googletagservices.com	a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
1	d10vd2486q68pd.cloudfront.net
1	pandg.tapad.com	pghub.io
1	pghub.io	static.virgul.com
1	d3div1mtym39ic.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
0	pubads.g.doubleclick.net Failed	imasdk.googleapis.com
133	36

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
appgallery.cloud.huawei.com

Subject Issuer	Validity	Valid
*.finanswebde.com E1	`2022-10-30` - `2023-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-17`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.apipara.com Go Daddy Secure Certificate Authority - G2	`2022-07-10` - `2023-08-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.stackpathdns.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-10` - `2023-08-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ghost.io R3	`2022-10-31` - `2023-01-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.izlesene.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-03` - `2023-07-15`	9 months	crt.sh

This page contains 11 frames:

Primary Page: https://finanswebde.com/
Frame ID: 8D1886A6E5B69217889B9E2FE7FF8CD8
Requests: 99 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 004E8DC1BA936A8FE4885D148250A26E
Requests: 1 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: DCF54AD18B634BC54E0DE533947A0FBE
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2F&owner=P%26G&bp_id=noktacommedya&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 40422164C88E2F4FFEFB8026BA44BAD9
Requests: 1 HTTP requests in this frame

Frame: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0EEEB3F0CD2A05B3E0441A86511C5717
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63C1E4B2F3E9709DCD31AA635C147BF9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2FB0D7606B28126F1C04ECAE7E2B6BDA
Requests: 2 HTTP requests in this frame

Frame: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75AFF2E87D0A2812FCA9BF9D38CBC447
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html
Frame ID: C90D931BE73B9B15A9FF353563FA2F58
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D1FB6D9BB4B3EB11416114514CA8024A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.547.0_tr.html
Frame ID: 19C738CE16B1E206CF02B8AA7887ADE1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Döviz, Altın, Hisse Senedi, Kripto Piyasaları - [FinansCepte]

Page URL History Show full URLs

http://finanswebde.com/ HTTP 301
https://finanswebde.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

133
Requests

97 %
HTTPS

67 %
IPv6

23
Domains

36
Subdomains

31
IPs

5
Countries

3608 kB
Transfer

8450 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/us/app/doviz-ve-alt-n-alarm-kur-finans/id951497733?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.finanscepte.alarmkur

Search URL Search Domain Scan URL

URL: https://appgallery.cloud.huawei.com/ag/n/app/C101364027?channelId=FinansWebde&id=29f0128530624225908d4e550ce7df67&s=9BFB5E13EC7D3D424738D8FCE39D4279B7E9DDAA7EB619F077E903E284EF1FE3&detailType=0&v=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://finanswebde.com/ HTTP 301
https://finanswebde.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://istr.izlesene.com/data/videos/10487/10487510-480_2-170k.mp4?token=zbmf1eTu0GDwsG2o_0AFYA&ts=1670319087&playername=npm_finanswebde HTTP 302
https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=myZyT6-qt2H0ToB5lZX4sg&ts=1670315488

133 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
finanswebde.com/
Redirect Chain

http://finanswebde.com/
https://finanswebde.com/

97 KB
17 KB

167ms
143ms

Document
text/html

2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6df52655c01ab640e180c0c7f83cb8eb2a8c0a216aaab2fc479a1c0baac13a99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 774b6ce18c019b51-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Dec 2022 08:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GINg6Y6bSO7%2FXZHI9BqoCB4%2BihcQlVek7R%2FeMXDUgOU0HL3jhaZWM5AzUs%2BP5L%2BMynrPkylZId9mlxu6tRdQakku271pADC5VJI0kATQP0upNhXsg%2FkZmEA%2FwEafZ84uA6kkpbUjrDXzfCsn%2B8Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
x-powered-by: Express

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 774b6ce0e8309c0a-FRA
Connection: keep-alive
Content-Type: text/html
Date: Mon, 05 Dec 2022 08:31:24 GMT
Location: https://finanswebde.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPBo5SgQ%2F4vNribPQ0iaJBd6i3KGoFZDOSbQuK7XS6zv8cuNM1M%2FJ9hRcbK6aeaRKt5H9CCb0i2Sv6KHVHy8ZtyZRmR4zGA78wCPniK%2FwthsVaDS36upOMvAKWqRMAea00T9Sln70wfuuybVlgI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 83ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49264185-15

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eed0e267b0871a87bae6e56e92651c0b18dedf5e8ffecf0f915c51bf0f2cb9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43633
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Dec 2022 08:31:24 GMT

GET
H2 200 web.min.css
finanswebde.com/ 235 KB
45 KB 45ms
36ms Stylesheet
text/css 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/web.min.css
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 79e3381adccea1f5cadcf8e81b189501b935f79475555dcbd8e8831f53c4b4e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2393457
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 03 Oct 2022 12:33:56 GMT
server: cloudflare
etag: W/"3acd4-1839dd6b07a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGW%2BaXw3P0o%2Foq%2BADLzLXoq%2FBU9P1MdBiF1ZB4AsVtwkDfg0pKPqW0o1aQYN%2BsLTsSI74RlgI8uMrBWyVMP1IanlOJoC0%2Ftq9BffCtu2H19Dh5lZRMEFu2Y4Ak04clU0aFMDMq4t9bd7AETTY1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ce28e5c9b51-FRA
expires: Tue, 07 Nov 2023 15:40:26 GMT

GET
H2 200 index.js Show response
finanswebde.com/_next/static/bc916adb053c749d74e9b135a04d5c9144ea45b9/pages/ 131 KB
28 KB 32ms
24ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/bc916adb053c749d74e9b135a04d5c9144ea45b9/pages/index.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 62dc7b9b03d2c7ac705f4e5f88fa5174d503fec2a70ad081f8d03e2620cbf2c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 298423
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"20abd-183e5451793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsgVjaWJUgOVHPutnvRufl1cvTkMvk5Knl26CVn1fiMVXA%2FahZGBvv3Ri1SdZHlzk24Flr7H402MCzqX5bexJi0Xb6Z0HJQr8YgcnEtK7mseFsRG9Hri0P2T%2FXQAtEO2SZ2QOKhZawaywvBAdGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ce28e659b51-FRA
expires: Fri, 01 Dec 2023 21:37:41 GMT

GET
H2 200 _app.js Show response
finanswebde.com/_next/static/bc916adb053c749d74e9b135a04d5c9144ea45b9/pages/ 8 KB
3 KB 43ms
35ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/bc916adb053c749d74e9b135a04d5c9144ea45b9/pages/_app.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 54807b0a049f4422abfc2629429cf84573f3c3a4fa24989a56aa0e7aefed2713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3215502
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"1fc4-183e5451797"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6TmGAd97t6%2Fv1BoaN8aS20XrdyEbtChiU6mKxGDIOJ5LAvJczikAw4jTyB9zVfK9i%2BbWHbnWe0hTfSziDhKz5pmTj4TxHT6ASYqmpPD4Ql3amWp75qhswNMV8krgNo%2FWuo8o4AxjEdPL7fsOzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ce28e699b51-FRA
expires: Sun, 29 Oct 2023 03:19:42 GMT

GET
H2 200 webpack-55c3090b557ff206105d.js Show response
finanswebde.com/_next/static/runtime/ 3 KB
2 KB 29ms
21ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 800d2f4e9afefbc998de8591d16f99848a1878dc9f0605cd19c8e313ab981ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2457650
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"a52-183e545178b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eymb%2FlHN89mI%2BMDy1OH2CdUfYwrqRZ7p%2Foot8by7rEh6ay88QfP676YG4GbdEzMuydAyM8UZ0cJBBuh3ZW72puAbiA0kXvTIQgbr%2B0lJwh8Lk0UlFLls%2ByBz3K9kMq31gh1nhhrxpmd4ictjknM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ce28e6a9b51-FRA
expires: Mon, 06 Nov 2023 21:50:34 GMT

GET
H2 200 commons.27783a28579284000e1e.js Show response
finanswebde.com/_next/static/chunks/ 614 KB
180 KB 45ms
41ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e209e9d76893c0781323ceb7cf01453dd2be7ef7c8903ee8d6562575bc44dbf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458006
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"996e3-183e5451793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZvNGDhBmyl7wa2Ls0vpl%2FfPQtKzEC3xR0AaVz5ErBCBe3H4nufyQK4yk97AVsFziVsdTh%2B0apKH7LkWvhTig%2FnrnhIkLWVgb1dS%2FmLqScOhNvyxUAcrp2TPZItPZoMW7VTTG%2BpW8Nwidu4GEh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ce28e6e9b51-FRA
expires: Mon, 06 Nov 2023 21:44:38 GMT

GET
H2 200 main-541f01c65744a5c2c60b.js Show response
finanswebde.com/_next/static/runtime/ 18 KB
6 KB 35ms
31ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/runtime/main-541f01c65744a5c2c60b.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 70083d81f4abc958e43215542c5543afedd6294b03d1d544934118c5e2ea054b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6780495
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Sep 2022 12:06:16 GMT
server: cloudflare
etag: W/"4629-18312b1a73f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0tvkBiF4HyBLVQ5itq21UsVmZM2avsMWDYQIRIfWZRyXtnvap1Khoox7RuK6RoWtVwCJmPSBYTjlBSA2ChKRL%2FuD8zy%2BpMJgowWenQTC3OA5iiSUFnWtOz%2BIIU%2FMiNFi0RsDP7t2c0EBz%2Fx1eg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ce28e6f9b51-FRA
expires: Sun, 17 Sep 2023 21:03:09 GMT

GET
H2 200 hms.png
finanswebde.com/mobile/images/ 25 KB
25 KB 25ms
24ms Image
image/png 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanswebde.com/mobile/images/hms.png
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ef677dc1926cbfa2aa4e0f3a2cd13cc318d2d968cbfd2bcc5d7eb9a94ff13034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3036643
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25223
last-modified: Thu, 01 Sep 2022 22:02:43 GMT
server: cloudflare
etag: W/"6287-182fb13ee50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86QuVtIFOlImwEmHMMyvpHTo%2FaUxituEKW3lZl7xVHOV6V5f92%2BTsdo8cRXLuSuPw%2Fln8wYdYGeqUTrR09ujhxsfynB408DewCcAkLkkAR75xEzkyZlocW2OLchn089YEu1TLTFUTLWGPRJU54I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 774b6ce29eac9b51-FRA
expires: Tue, 31 Oct 2023 05:00:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 188ms
115ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15a06c30208d58235ad0899985232c8e22530268f1b7703fa7d10fe36605227a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48987
x-xss-protection: 0
server: cafe
etag: 17479923169289141958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:31:24 GMT

GET
H2 200 e8927eb029.js Show response
use.fontawesome.com/ 9 KB
4 KB 50ms
26ms Script
text/javascript 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/e8927eb029.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11e623f6cb6978519f97a73de00c8633974b11405e184d292eab0602a0981413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D1Q3R85D4VYBRVF1
age: 5277
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9INgLV9ZsM2wAjgFZhL6WDWkNOo2ekRt5vChptKScAxQTD0PEPYxt7e8BXXpvgs/hSRIhpk69nc=
last-modified: Thu, 01 Jul 2021 19:54:16 GMT
server: cloudflare
etag: W/"134c3d18e809fbefe83bc29f441b1463"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Og3cGw%2Bu18UIscKdATcq5bP3x0d4CdUZpJlDUDzSdGMib1Ag%2BqSt4atbd6OZZwy6irioSDHCTZV%2BHWsLKn8V%2BAz6%2BjyUq8WELp%2B70uaUrg0E5K57eg4VOTErYvMMBsoMe5SwH1TSWX6opE28HBqk81i"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 774b6ce2bb70bb74-FRA

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ 66 KB
24 KB 258ms
50ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d93aad7c4d1cd3a00131ff659f9e70bed0a10e0107445caf73a73e07ae900ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 11:22:23 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H3 200 Flaticon.woff
finanswebde.com/font/ 9 KB
9 KB 116ms
116ms Font
application/font-woff 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/font/Flaticon.woff
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/web.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a290abc20f0b59dc02b4f83a189b9830ee4f7c1110318dbdbb6bd8e19cc84407

Request headers

Referer: https://finanswebde.com/web.min.css
Origin: https://finanswebde.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 22:02:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"23e0-182fb13c37c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EB18eHfp2Bhl6KkMcOZUktIBdXlAvoBs0EdUoxLk7ZWpBiInOogORgC%2BTuoScdYg4LQMCDh8SWKq3yKQQe%2FOxVdHTUJBfst1B3joYSPrBp2a8YSvoxALKO%2F87lC6ZsgvD9XhyEG8L1XsZUY56U4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=14400
cf-ray: 774b6ce2ed9e902e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 e8927eb029.css
use.fontawesome.com/ 1 KB
1002 B 24ms
15ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/e8927eb029.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2259fd47c8c7d4495d954f079cab5f532a7b6747a358a3e8fd92209348b0a8a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YKN4GJMZ2N469PFV
age: 1587
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bRbkLxDJAUHnqq4ncyHKsCHy+bWaY7XRduVHq2UVRABUg8J0carJZzsKt3+RP9EF/9rGH975B5XXa1MpXAwNlw==
last-modified: Thu, 01 Jul 2021 19:54:16 GMT
server: cloudflare
etag: W/"a00e40ff4ad7d4534f920814436d32c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znmXDXTSzp2RE1e2hLSugAnhnBOpLq3AoPIDId7sxrQR4ga1I0gYW6O%2FWhjFrhCbOjjnOMWvmLo1fZ7meBqDM7Krh%2BXnXwGK5nGm7aAc9SShQzIlL5Gfq9eEOsm0WX9uOplDYSzhowkmArwI0NunL0N3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 774b6ce329379b5e-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 94ms
25ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49264185-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 07:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4538
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 05 Dec 2022 09:15:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 62ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-924247547&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49264185-15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5675b40571d01f5172d21cc6cbc549334f1b803dff974a4b8d742fda77a6b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52913
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Dec 2022 08:31:24 GMT

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 22ms
21ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/e8927eb029.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6GFEKMY757AZVMJR
age: 27134807
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: a1rJqww5kk6lKRIdMoYuvo+3HD7E3szcwTrKVVU4ncyVGl1400tEbljwaRkXSznguGC14aUQGXY=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6NH5lB3N%2FQuSIrIsb0J1HqCPutH3xsEjKR0DD%2FEq7T18WFrnzyvS1kqQgbLRcg%2F0Zc48BB6Ge4oFPEsnbKiRspe8onlUetf%2BYckwXrOflEzTyNgrKBVaL1p2SHggdi6e6LnjGPBTZN7vA9pa12CXzX6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 774b6ce3496b9b5e-FRA

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 34ms
23ms Font
application/font-woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/e8927eb029.css
Origin: https://finanswebde.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9JRDHRSNEZ08S1SY
age: 1933659
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-amz-id-2: NTB2VVqz4IHt3T11PAnoio/9iUvr14WBVxXmmFdq1Su4irKWiOmB87mbIqV4zHDJDGGx6+CQBhM=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d004gADB4ehOF1wtf81fWz9uAkfquIMeN9EVnKfdvcQgk9CRHs1cHuD8637V7vWaq6rNEgQWzMfoZyOAs4FGa1KzpIRjlFX7PjZoPJHi7XYBLbwjhlobZZZ%2Fu1I4AN7cHwVPGDcHavEEfInUatTrmUOB"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 774b6ce38f83694c-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/ 2 KB
1 KB 98ms
53ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/?random=1670229084754&cv=11&fst=1670229084754&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffinanswebde.com%2F&tiba=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&auid=165672174.1670229085&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-924247547&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c00412f01fdbf0769c41d16dd280b7498bb01b0bd6ebcedba058608770c7f9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 929
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 53ms
21ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1333069732&t=pageview&_s=1&dl=https%3A%2F%2Ffinanswebde.com%2F&ul=en-us&de=UTF-8&dt=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=784656888&gjid=815734178&cid=246564559.1670229085&tid=UA-49264185-15&_gid=334634260.1670229085&_r=1&gtm=2oubu0&z=225771300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:31:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finanswebde.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 004E 10 KB
5 KB 13ms
12ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:58:01 GMT
etag: 10353107486223812946
expires: Sun, 18 Dec 2022 16:58:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 109ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a525c29375c645110e4d70c15004dced135dc3d5858b52d71b48db3eb3d4eb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27507
x-xss-protection: 0
server: sffe
etag: "1412 / 424 of 1000 / last-modified: 1670022507"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 05 Dec 2022 08:31:24 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 120 B
283 B 45ms
44ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:31:24 GMT
last-modified: Wed, 25 Dec 2019 09:23:27 GMT
server: openresty/1.15.8.3
accept-ranges: bytes
content-length: 120
content-type: application/javascript

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame DCF5 891 B
1 KB 46ms
46ms Document
text/html 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Mon, 05 Dec 2022 08:31:24 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 finanswebde.js Show response
static.virgul.com/theme/mockups/fallback/ 3 KB
3 KB 48ms
48ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/finanswebde.js?dts=19331
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8960045a0f15851413611eb6f4222e018bc397cf49be3ff0420390e96db405cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:31:24 GMT
last-modified: Wed, 15 Sep 2021 11:30:47 GMT
server: openresty/1.15.8.3
accept-ranges: bytes
content-length: 2560
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-49264185-15&cid=246564559.1670229085&jid=784656888&gjid=815734178&_gid=334634260.1670229085&_u=YEBAAUAAAAAAACAAI~&z=499476999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 08:31:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finanswebde.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/924247547/ 42 B
548 B 66ms
27ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/924247547/?random=1670229084754&cv=11&fst=1670227200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffinanswebde.com%2F&tiba=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1081671234&rmt_tld=0&ipr=y

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:31:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/924247547/ 42 B
548 B 64ms
25ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/924247547/?random=1670229084754&cv=11&fst=1670227200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffinanswebde.com%2F&tiba=D%C3%B6viz%2C%20Alt%C4%B1n%2C%20Hisse%20Senedi%2C%20Kripto%20Piyasalar%C4%B1%20-%20%5BFinansCepte%5D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1081671234&rmt_tld=1&ipr=y

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:31:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
27ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49264185-15&cid=246564559.1670229085&jid=784656888&_u=YEBAAUAAAAAAACAAI~&z=1182793174

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
26ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49264185-15&cid=246564559.1670229085&jid=784656888&_u=YEBAAUAAAAAAACAAI~&z=1182793174

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022112901.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 64ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 15:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133261
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 09:37:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Dec 2023 15:16:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 148 B
111 B 99ms
49ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=finanswebde.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfba3a870c2fc34b914511160418b1b668e0722213b83e2e87fa53d7d0358034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:31:25 GMT

GET
H2 200 prebid7.17.0.js Show response
static.virgul.com/theme/mockups/outside/ 458 KB
170 KB 57ms
57ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.17.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d457512b1696fb63b4672dd84835ee0bad3bf4a6ba31445b0359b5a4775bf04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:25 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 14:51:45 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
44 KB

46ms
10ms

Script
application/javascript

2600:9000:2182:8000:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Protocol: H2
Server: 2600:9000:2182:8000:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:10:03 GMT
content-encoding: gzip
via: 1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 1283
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: cSBxkkOZ3ev4csEjhEp8vvFcNGXuJjE4exYSbTGCv7Ubs-uNpi_8_g==

Redirect headers

date: Sun, 04 Dec 2022 22:27:21 GMT
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, DUS51-P2
age: 36244
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: im5JFVXAQXZWnPB9j78JZdy0Zc6vqqaekR5soSIAVxtBFp6z2Wte2w==

GET
H2 200 pageview Show response
ng.virgul.com/ 21 KB
21 KB 145ms
133ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1670229085142&v=https%3A%2F%2Ffinanswebde.com%2F&r=finanswebde:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=&rdmt=0.4765616745407193
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 16824b9ab6e921c5058ba5479bda9f663088f2cb26f15d4ea7f3a85630636a47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:25 GMT
server: openresty/1.15.8.3
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://finanswebde.com
content-type: application/javascript
access-control-allow-credentials: true
content-length: 21711
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 11ms
10ms XHR
text/plain 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffinanswebde.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-76.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:22:40 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
age: 14925
x-cache: Hit from cloudfront
access-control-allow-origin: https://finanswebde.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 5RbHo0bO2U56VJbX6wk2t-BWFXNN57JoxdCQutKkjVjFPgUwNxJ7IQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 34ms
15ms XHR
application/javascript 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-76.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding: gzip
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
date: Mon, 05 Dec 2022 03:20:14 GMT
x-amz-cf-pop: DUS51-P2
age: 18672
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: SBkYBagCm2lBOBd5rWt1EynDPkXaw22nVIcjswTIVzCtTtk5KuQjpw==

GET
H2 200 finanswebde.js Show response
static.virgul.com/theme/mockups/sites/ 3 KB
1 KB 45ms
45ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/finanswebde.js?dts=463952
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a35fd94e9d404b47b62b964377174b34c9ae0aac4f5d975922cc3fc8ceddbb4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:25 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 08:18:46 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 51ms
18ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 07:46:31 GMT
content-encoding: gzip
age: 2694
x-guploader-uploadid: ADPycdtV10PC2H92bGMWArPeIJdCuhfI16Xj2_CJhJf5DcF5Z5k11LxzRORs0gYBeEC52dfU8i56aPhdFBxbMkpm21dNc9VHxr-R
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 9
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3690
last-modified: Tue, 05 Apr 2022 17:08:24 GMT
server: UploadServer
etag: "1f39af8c4109e6a95d6895228aab0692"
vary: Accept-Encoding
x-goog-generation: 1649178504809914
x-goog-hash: crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-meta-last-modified: 2022-07-11T15:04:42.732Z
x-goog-stored-content-length: 3690
x-goog-meta-cache-control: public, max-age=230400
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 4042 13 B
257 B 53ms
20ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2F&owner=P%26G&bp_id=noktacommedya&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Mon, 05 Dec 2022 08:31:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

OPTIONS
H/1.1 200
OK comment
finans.apipara.com/json/v9/options/ Frame 0
0 94ms
29ms Preflight
text/plain 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9/options/comment
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Dec 2022 08:31:26 GMT
Server: nginx/1.14.0 (Ubuntu)

OPTIONS
H/1.1 200
OK stock
finans.apipara.com/json/v9// Frame 0
0 94ms
30ms Preflight
text/plain 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//stock?async=1&auid=1&sortby=volume_try
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Dec 2022 08:31:26 GMT
Server: nginx/1.14.0 (Ubuntu)

OPTIONS
H/1.1 200
OK notif
finans.apipara.com/json/v9/ Frame 0
0 95ms
29ms Preflight
text/plain 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9/notif?last=&more=1&auid=1&feed=onlycomments
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Dec 2022 08:31:26 GMT
Server: nginx/1.14.0 (Ubuntu)

GET
H2 200 css
fonts.googleapis.com/ 2 KB
938 B 65ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700&subset=lating-ext&display=swap

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e79c5f974661bbb24283a9a66cfbc3fcd7daaa055a68dbce8f4cc62325e911d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:09:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:31:26 GMT

GET
H3 200 d65e.4b2fd06db0f0f3d79b7e.js Show response
finanswebde.com/_next/static/chunks/ 20 KB
6 KB 16ms
16ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/d65e.4b2fd06db0f0f3d79b7e.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 32d25f6382bcb6fb3280cdee82f113646a33af948ad82eb1256c2f980f6d16f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 897229
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"4e62-183e5451797"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3npbHqLSxLC3MC54BcrqHphenCrdCNXqXGJ0pX73E4uusA0VUPdC3V5o2CvheCd3vtylQIwGi855iTlSPCSRQwZXkVTtCRMo65b5HwXfmSP9kvm8yrS1fNi8SyKnkYisK2dsfD2prYmW88O%2BlHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ceede63902e-FRA
expires: Fri, 24 Nov 2023 23:17:37 GMT

GET
H3 200 d6db.4bac1b495dfdaaeb8af9.js Show response
finanswebde.com/_next/static/chunks/ 8 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/d6db.4bac1b495dfdaaeb8af9.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 29a18daaaccc2896c4f4c22efc02cd69ef78861b9250bf53ea3c9704f285e6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1556477
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"1e53-183e5451797"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D92%2FCZCmJv6E49cOSY5XrdMlCXwJhPsA2jwqoXJAExcmiA43bXYmaOkIjjEPHfwaaIvz%2BYQ6gwGioMEFTmJgIqyOuP5dNMwbATcRjqgpq5QCFzu2caO2wNLdNsAR8U%2BE3k2TT2DeCnMm6hxW3%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ceede66902e-FRA
expires: Fri, 17 Nov 2023 08:10:09 GMT

GET
H3 200 d926.5b9239abc7781d242b7c.js Show response
finanswebde.com/_next/static/chunks/ 10 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/d926.5b9239abc7781d242b7c.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 24bf624ed768c1d266c62e624b1244c6990ca161138f9aebcd4dc9c0db7eb033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3887
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"296b-183e5451797"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDldQtT9JuenR0mmIBx%2BjcJYt21nnxkTJxxKqmgw77jNnicVNXPvk92Q4jUu9114lFGdvo1%2FdoYxIBsULhzXdm8l93E92sp0WD86pq3Y33A7FjMnhF8C2Wsonw%2BK1RR%2BrfccxQrFqYwiF2UeSes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ceede68902e-FRA
expires: Tue, 05 Dec 2023 07:26:39 GMT

GET
H3 200 27f4.8dc5e2a54277d2a6cc4e.js Show response
finanswebde.com/_next/static/chunks/ 13 KB
5 KB 26ms
26ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/27f4.8dc5e2a54277d2a6cc4e.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d1b1ac2bd9304b995189bf5c34d3d5288f629cac61349c02a709f17a0aad5634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3887
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"32bf-183e545178b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQSDvIa5%2By6B8YGVHjX2WKVFa7MTP4zBzviLmuMFLMokCdGCVuQWsODPx%2BbYRnTi34QlKXzvR1ZCD33EOO078cyNzBtS5gC%2BWMm2eltLZ%2BlozW%2FPjgZP8TfxOnaI7%2BT04hn9%2F%2BOEZ%2FFGski3gbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ceede69902e-FRA
expires: Tue, 05 Dec 2023 07:26:39 GMT

GET
H3 200 ba39.c978b26f220ac8ca87f3.js Show response
finanswebde.com/_next/static/chunks/ 3 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/ba39.c978b26f220ac8ca87f3.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9ab0baca7a738a0ed49bd74f042400153d207a444f1675808802a3c2aa923322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 435432
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"c62-183e5451793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFsRANjz5e5h1PZcv6gwbGPt2HgWYJYPf5tC4cIpApM28JMWZU6635eIlpoUJYb0bBNx%2F6UiSI%2BsF2MzLXTx1v79S7pNSdM%2F1Bkfb04yfxCh%2BUeHixA4MQS6JhvZXXxyOONZB91mab9x6ixzKCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ceede6a902e-FRA
expires: Thu, 30 Nov 2023 07:34:14 GMT

GET
H3 200 1b5b.c778adc91d0ab2782614.js Show response
finanswebde.com/_next/static/chunks/ 5 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/1b5b.c778adc91d0ab2782614.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c038f2f92310db4f32b756ed4de997ef499335657fc351ed95c21f48e91e2fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5476633
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Sep 2022 09:44:39 GMT
server: cloudflare
etag: W/"1369-1838dc8a333"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZ4H1w4RL1W3wCWK4PS6ls5xpaCla9otnoiTGA9sVLxF32BmhaAAaHGBJ9gTz4%2FYm9KtjBOua76%2FdB3DklkDbGLHL4FvHiVoV%2Fiau2hzPw%2FoegoqaW6VzFETIJXZQKdyZFU1VU4S0Tpa9DPhvqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ceede6b902e-FRA
expires: Mon, 02 Oct 2023 23:14:13 GMT

GET
H3 200 b71c.907fb58417edf76b3603.js Show response
finanswebde.com/_next/static/chunks/ 72 KB
18 KB 20ms
20ms Script
application/javascript 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finanswebde.com/_next/static/chunks/b71c.907fb58417edf76b3603.js
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-55c3090b557ff206105d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dd2525cf39a900bcd9653e62bb19ec817d4a9919d2cb75ece2b8a77a9d5ef300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3887
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 09:27:34 GMT
server: cloudflare
etag: W/"12089-183e5451793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVxdffaaORkFqJRswLBAT2gPkNCU3kq4xwpuFo7P9dHrZssRtUZwJ8VmSVRTzapJA3SJHzVvYJ6%2BIaaacr5IRPQrz%2B5RJf68lxpSZNHpfsvCGgpmnb3hT6lWf7fN5froMgmYMJAhUiNrt4pubNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 774b6ceede6c902e-FRA
expires: Tue, 05 Dec 2023 07:26:39 GMT

GET
H/1.1 200
OK comment Show response
finans.apipara.com/json/v9/options/ 38 KB
11 KB 58ms
56ms XHR
application/json 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9/options/comment
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 993dbd1b800cd19c39b3829df6b5ec50b8fb18482d35f9d110ae4aa40e4c76fe

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid
token: _magic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:31:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Content-Type: application/json
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK stock Show response
finans.apipara.com/json/v9// 260 KB
52 KB 106ms
104ms XHR
application/json 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//stock?async=1&auid=1&sortby=volume_try
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6a2737f4fb4af1009bac4e0c049eba28753371426192ed41afd140dabbbfcbf0

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid: _183o13mpralbaj4el8_1670228831708
token: d121f39483b0049660ed3b5b21503aeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:31:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Content-Type: application/json
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 finanswebde-light.svg
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/ 8 KB
4 KB 36ms
11ms Image
image/svg+xml 151.139.245.20
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/finanswebde-light.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fe02731c22e5466827e8f662f13266450cd5cca96f2fbc063331c8014bfb961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 15:13:47 GMT
server: nginx
x-amz-request-id: VGEJ9HKTBW0NXVYZ
etag: W/"1d3c1b74ae39f68256ef408529734cce"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/img/finanswebde-light.svg>; rel="canonical"
x-amz-id-2: u7ykaStjpuQcYnWe0qs1w4v4cjiKJEm1AuTRx+xbm/OlwTN1iDwC+M3O6BwefY7WWJ6BEVlvAY4=
expires: Mon, 12 Dec 2022 08:31:26 GMT

GET
H/1.1 200
OK notif Show response
finans.apipara.com/json/v9/ 20 KB
4 KB 61ms
60ms XHR
application/json 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9/notif?last=&more=1&auid=1&feed=onlycomments
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 46f504853c22830746efb516a1381df43fc062034c4aff823b49d8f6cf029b2c

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid: _183o13mpralbaj4el8_1670228831708
token: d121f39483b0049660ed3b5b21503aeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:31:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Content-Type: application/json
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK converter Show response
finans.apipara.com/json/v9// 922 KB
177 KB 122ms
122ms XHR
application/json 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//converter
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fe0b183659cefbe0c08a2d7fa608fb2d71f6a9cefd72f9af056029b856a5206f

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid: _183o13mpralbaj4el8_1670228831708
token: d121f39483b0049660ed3b5b21503aeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:31:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Content-Type: application/json
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

OPTIONS
H/1.1 200
OK converter
finans.apipara.com/json/v9// Frame 0
0 83ms
28ms Preflight
text/plain 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//converter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Dec 2022 08:31:26 GMT
Server: nginx/1.14.0 (Ubuntu)

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 52ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=lating-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanswebde.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:01:37 GMT
x-content-type-options: nosniff
age: 217789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 20:01:37 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 63ms
28ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=lating-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanswebde.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:01:37 GMT
x-content-type-options: nosniff
age: 217789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 20:01:37 GMT

GET
H2 200 7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v28/ 28 KB
28 KB 75ms
41ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=lating-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee6428dc15beb065bef14ce4cbab92a469d0fccfa20ec5b05455775e77a05b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanswebde.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 19:32:30 GMT
x-content-type-options: nosniff
age: 478736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28504
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:36:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:32:30 GMT

GET
H2 200 7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v28/ 28 KB
28 KB 67ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=lating-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee6428dc15beb065bef14ce4cbab92a469d0fccfa20ec5b05455775e77a05b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finanswebde.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 19:32:30 GMT
x-content-type-options: nosniff
age: 478736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28504
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:36:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:32:30 GMT

GET
H2 200 d8efe629c2_250x250.png
finanscepte-xuoe622gjknvdey.stackpathdns.com/avatar/tmp/ 8 KB
9 KB 8ms
7ms Image
application/octet-stream 151.139.245.20
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanscepte-xuoe622gjknvdey.stackpathdns.com/avatar/tmp/d8efe629c2_250x250.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: f4e1a404c6c692067af16312440f9b5a36f9f74ff9d7fd68110102c4390de29a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
x-amz-request-id: 57F3MWN3ZBTAANSA
x-cache: HIT
content-length: 8293
x-amz-id-2: dXsgmeukk3xGDnYleF8gFjK6OnnOth94bu55g7ru4LNSs3/IoAWTARDE2YC+Pd1VZHutdZQrWd4=
last-modified: Wed, 09 Mar 2022 15:47:02 GMT
server: nginx
etag: W/"35dc8994cda4826ca9aaaabf0bb4497f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/avatar/tmp/d8efe629c2_250x250.png>; rel="canonical"
expires: Mon, 12 Dec 2022 08:30:27 GMT

GET
H/1.1 200
OK thumb_big.jpg
d10vd2486q68pd.cloudfront.net/akur/home/uploads/1670226161/ 42 KB
43 KB 54ms
11ms Image
image/jpeg 13.226.156.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10vd2486q68pd.cloudfront.net/akur/home/uploads/1670226161/thumb_big.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-149.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af8c22e8b3a6c3dec18e0781c7a2a489dda9605e4f0cc7fc91d3f3637aaadddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 07:44:57 GMT
Via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
Last-Modified: Mon, 05 Dec 2022 07:42:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
Age: 2790
ETag: "82c4583f68a9da5c7eca3cf6702fccf7"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43139
X-Amz-Cf-Id: OS9RLRPjGYdC_JadH9OVj5E3ISUXpaRZxF_vXxeZo7x4-_FgbqPCEA==
Expires: Sun, 05 Dec 2027 07:42:41 GMT

GET
H2 200 d9ffbd7edd_250x250.png
finanscepte-xuoe622gjknvdey.stackpathdns.com/avatar/tmp/ 8 KB
8 KB 13ms
13ms Image
application/octet-stream 151.139.245.20
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanscepte-xuoe622gjknvdey.stackpathdns.com/avatar/tmp/d9ffbd7edd_250x250.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: 249bb1b5563c151f5dda58b62914daf7f2992e781d06095677d0a5e468249f21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
x-amz-request-id: KMNB46M6B7RHE80P
x-cache: HIT
content-length: 7801
x-amz-id-2: ospHJLYIs9xw8XozMn1Gmu5dPpLQwrsYax5q+jDUUya2Ti3rSeADJ6sY6gICw9hANKMc7sc8OkA=
last-modified: Wed, 15 Jun 2022 07:22:28 GMT
server: nginx
etag: W/"1411da1ab65c18ef25d41372c9f1013e"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/avatar/tmp/d9ffbd7edd_250x250.png>; rel="canonical"
expires: Mon, 12 Dec 2022 08:31:26 GMT

GET
H/1.1 200
OK market Show response
finans.apipara.com/json/v9// 311 KB
57 KB 62ms
61ms XHR
application/json 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//market?auid=1
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ca2e069d79232ef3d7d779887588a89a58cecf1ad80c59078928fc0783f3b035

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid: _183o13mpralbaj4el8_1670228831708
token: d121f39483b0049660ed3b5b21503aeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:31:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Content-Type: application/json
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

OPTIONS
H/1.1 200
OK market
finans.apipara.com/json/v9// Frame 0
0 38ms
38ms Preflight
text/plain 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//market?auid=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Dec 2022 08:31:26 GMT
Server: nginx/1.14.0 (Ubuntu)

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ 7 KB
3 KB 321ms
47ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19331
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 12 Dec 2022 08:31:27 GMT

GET
H2 200 zoneview
ng.virgul.com/ 0
213 B 45ms
45ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1670229086889&v=https%3A%2F%2Ffinanswebde.com%2F%26vi%3D10487510%40&r=153567@153435@153927@153492:finanswebde&userId=vnet0e29aad8-4fa1-4b8b-9de5-33bc47eafee0&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.7329722035657953
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://finanswebde.com
date: Mon, 05 Dec 2022 08:31:26 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 87ms
25ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=finanswebde.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 66ms
23ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=finanswebde.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
44 KB 609ms
608ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2327924981888600&correlator=748031358167408&eid=31071079%2C31065824&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fif&iu_parts=21728129623%3A36563801%2Cweb_finanswebde_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160&fluid=height&ifi=1&adks=1971925398&didk=3343866085&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dfinanswebde%26mt%3D1670229085142%26pager%3D1%2540site_geneli%2540finanswebde%253Asite_geneli%26host%3Dfinanswebde.com%26url%3Dhttps%253A%2520%2520finanswebde.com%2520%26targetCtr%3D0%26pid%3Dvnet0e29aad8-4fa1-4b8b-9de5-33bc47eafee0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnet0e29aad84fa14b8b9de533bc47eafee0&sc=1&cookie_enabled=1&abxe=1&dt=1670229086901&lmt=1670229086&dlt=1670229084547&idt=582&adxs=315&adys=159&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffinanswebde.com%2F&frm=20&vis=1&psz=1110x-1&msz=1600x-1&fws=128&ohw=0&ga_vid=246564559.1670229085&ga_sid=1670229087&ga_hid=1333069732&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b36bb3478a2270b81019c5691a1b78b87fc6325d94bc2e629635d2890e6b18c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI74spuI4vsCFVZ74AodTh4G1A&gqi=&layout=/sadbundle/%24csp%253Der3%24/787910389773164944/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI74spuI4vsCFVZ74AodTh4G1A&gqi=&layout=/sadbundle/%24csp%253Der3%24/787910389773164944/index.html
date: Mon, 05 Dec 2022 08:31:27 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44955
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://finanswebde.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 96ms
68ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5e5beb63aebc5801261d1cb9dcfba607d0e34f46c4d2928cb19ea7e288c0055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11304
x-xss-protection: 0

GET
H2 200 container.html Show response
a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0EEE 6 KB
3 KB 77ms
25ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:31:26 GMT
expires: Tue, 05 Dec 2023 08:31:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78ecd2259a162af3406fc676dbe4810a4861027fb275e327c176a219d846d7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d40df0be5909048df8152417ab6dab760735f9f2e7888859ce11929f55e8a65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43c16c3c66b80fd8b1fa295088d1c8ea7037ab3c1651c2e614e2e6f770173758

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b77566a54f5661c98f1bec60bd942ff3987e570513dc29dcc054108ae5cf7b26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85fb8eee8dd39adf4434a726733bc6cd6de0cc72cb7be8394ea86f7e179c5e95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK stockMap Show response
finans.apipara.com/json/v9// 16 KB
4 KB 48ms
48ms XHR
application/json 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//stockMap?auid=1
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 40870451732fafdd059922451b326cffc5275fcb0f961f7e9cb23c727b0794a1

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid: _183o13mpralbaj4el8_1670228831708
token: d121f39483b0049660ed3b5b21503aeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:31:27 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Content-Type: application/json
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK stockMap Show response
finans.apipara.com/json/v9// 16 KB
4 KB 55ms
54ms XHR
application/json 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//stockMap?auid=1
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 40870451732fafdd059922451b326cffc5275fcb0f961f7e9cb23c727b0794a1

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid: _183o13mpralbaj4el8_1670228831708
token: d121f39483b0049660ed3b5b21503aeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:31:27 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 3628800
Transfer-Encoding: chunked
Content-Type: application/json
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 / Show response
cuneytekinci.ghost.io/ghost/api/v2/content/posts/ 3 KB
1 KB 7ms
7ms XHR
application/json 2a04:4e42:400::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cuneytekinci.ghost.io/ghost/api/v2/content/posts/?key=3ec7f28c39f563d6e90b173d71&limit=5&fields=id,title,created_at,slug,meta_description,url,feature_image,primary_tag&filter=tag:haber,tag:Yazilar
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.27783a28579284000e1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: a1ebb83ad16d029b6c0b2533ed1105e947084ed06fb85fed67d5e259d1ab4dc5

Request headers

Accept: application/json, text/plain, */*
Referer: https://finanswebde.com/
accept-language: de-DE,de;q=0.9
auid: _183o13mpralbaj4el8_1670228831708
token: d121f39483b0049660ed3b5b21503aeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 543851
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 1023
ghost-fastly: true
x-request-id: f5dd04b9d49956a3af83a7806ac36913, f5dd04b9d49956a3af83a7806ac36913
x-served-by: cache-ams12774-AMS, cache-fra-eddf8230098-FRA
server: openresty
x-timer: S1670229087.996033,VS0,VE0
etag: W/"b1a-jhgLdcmeXQMcX8YjtHuAQ/zA5TE"
vary: Accept-Version, Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 4, 3

GET
H2 200 wallet.svg
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/ 15 KB
6 KB 11ms
10ms Image
image/svg+xml 151.139.245.20
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/wallet.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: 7abe950e5ba5f0bfce71296a946a842fd3c7c5c93a96a324fe3866b3662f77a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:26 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 15:14:01 GMT
server: nginx
x-amz-request-id: FFCF5SHFNF6Z1M7V
etag: W/"6d9f11ded122f3f23fc20a0408077cd2"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/img/wallet.svg>; rel="canonical"
x-amz-id-2: rgdg8ZZtVxI5MGh7gUDy0tQONC1n0qolPML46uic1fka/EKwIy6EF82gXE8lPdw0gAN080B3zLI=
expires: Mon, 12 Dec 2022 08:31:26 GMT

OPTIONS
H/1.1 200
OK stockMap
finans.apipara.com/json/v9// Frame 0
0 34ms
34ms Preflight
text/plain 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//stockMap?auid=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Dec 2022 08:31:26 GMT
Server: nginx/1.14.0 (Ubuntu)

OPTIONS
H/1.1 200
OK stockMap
finans.apipara.com/json/v9// Frame 0
0 34ms
34ms Preflight
text/plain 95.216.154.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finans.apipara.com/json/v9//stockMap?auid=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.154.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.154.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Dec 2022 08:31:26 GMT
Server: nginx/1.14.0 (Ubuntu)

OPTIONS
H2 204 /
cuneytekinci.ghost.io/ghost/api/v2/content/posts/ Frame 0
0 43ms
7ms Preflight 2a04:4e42:400::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cuneytekinci.ghost.io/ghost/api/v2/content/posts/?key=3ec7f28c39f563d6e90b173d71&limit=5&fields=id,title,created_at,slug,meta_description,url,feature_image,primary_tag&filter=tag:haber,tag:Yazilar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auid,token
Access-Control-Request-Method: GET
Origin: https://finanswebde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: auid,token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
age: 529551
alt-svc: clear
cache-control: public, max-age=0
date: Mon, 05 Dec 2022 08:31:26 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 5, 3
x-request-id: 3e0bf3ce6e188bde63e27bb1d7055273 3e0bf3ce6e188bde63e27bb1d7055273
x-served-by: cache-ams12753-AMS, cache-fra-eddf8230098-FRA
x-timer: S1670229087.988169,VS0,VE0

GET
H2 200 delivery-5585969_1920.jpg
blog.finanswebde.com/content/images/2022/11/ 98 KB
98 KB 50ms
30ms Image
image/jpeg 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.finanswebde.com/content/images/2022/11/delivery-5585969_1920.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 688904b447feb655d03c45c4829adbcce2190946623041d61411cb4aaf9677a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 05 Dec 2022 08:31:27 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574078
x-cache: HIT, MISS
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100000
ghost-fastly: true
x-request-id: bbd652210f5c32764e19bd3c26d69108, bbd652210f5c32764e19bd3c26d69108
x-served-by: cache-ams21052-AMS, cache-hhn4045-HHN
last-modified: Mon, 28 Nov 2022 09:44:48 GMT
server: cloudflare
x-timer: S1669655009.100984,VS0,VE12
etag: W/"186a0-184bd9ff8f8"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be%2BD9TE73Qbw3iU1IrFwhdJqupxKUN0elfbCFTm4gbaXWXQBewAbFeDHCvtv38EQpgQtSwTdZsHAopIWWUVbrtQ0zNxhZNyMJeER4fAcp%2BXvkr8tP0tSZ%2FzFneTCTPzXHWQRWcsnals%2FGmvyXhF8OXHQyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
cf-ray: 774b6cf1efda9b51-FRA
x-cache-hits: 3, 0

GET
H2 200 black-friday-4645768_1920.jpg
blog.finanswebde.com/content/images/2022/11/ 226 KB
227 KB 52ms
32ms Image
image/jpeg 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.finanswebde.com/content/images/2022/11/black-friday-4645768_1920.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e80608d332697c032931d7a6122b5201f886a928bcd3af3e00ea11c112a0b946

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 05 Dec 2022 08:31:27 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276591
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 231454
ghost-fastly: true
x-request-id: f7964577d2e7c88133e3ec27889caa2e, f7964577d2e7c88133e3ec27889caa2e
x-served-by: cache-ams12744-AMS, cache-fra-eddf8230030-FRA
last-modified: Mon, 28 Nov 2022 09:42:25 GMT
server: cloudflare
x-timer: S1669952497.835017,VS0,VE1
etag: W/"3881e-184bd9dc8e6"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpd7ZG7L9DQLqkbRbQkmRlCmW%2FhNT%2B4OtbA%2FqiGAjIsJmwl8mBidWuWrNt1BXkMbrz9dgEStT4Vvlc08R3KwfdxHFxmFWW7gkSW5a0oBcfZZVXG1jKCcCcAVFU72FhexQLr8QYJQQmlBJTOtnXlnld5PZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
cf-ray: 774b6cf1efdd9b51-FRA
x-cache-hits: 6, 1

GET
H2 200 newspapers-3488861_1920.jpg
blog.finanswebde.com/content/images/2022/11/ 239 KB
240 KB 40ms
20ms Image
image/jpeg 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.finanswebde.com/content/images/2022/11/newspapers-3488861_1920.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9731fbdb63a512673e637da38a126761370903ca54a8d45e466509c9b88f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 05 Dec 2022 08:31:27 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446298
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 245168
ghost-fastly: true
x-request-id: dcf47912f3082206afc70831a5b690be, dcf47912f3082206afc70831a5b690be
x-served-by: cache-ams12731-AMS, cache-hhn4023-HHN
last-modified: Mon, 28 Nov 2022 09:40:54 GMT
server: cloudflare
x-timer: S1669782789.490408,VS0,VE1
etag: W/"3bdb0-184bd9c6471"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xle2WrBD0NHcEjMkHsbt35yjfVdmDf5PWm3m8nF55uOUPV5cSuLSHG7UWWIn8XyWSr1rKXKfGSS6chBN0xHpgAIxgcLG06DDVGsrehwZCI6OKa%2Fw0BjJmpzS%2BNk4B1E1AgFN%2BXHQBkVpJZ5DimuL5F3sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
cf-ray: 774b6cf1efe09b51-FRA
x-cache-hits: 3, 1

GET
H2 200 businessman-3492380_1920.jpg
blog.finanswebde.com/content/images/2022/11/ 84 KB
84 KB 59ms
39ms Image
image/jpeg 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.finanswebde.com/content/images/2022/11/businessman-3492380_1920.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7af0de072e07f144f7643eab54a9fa8e14e343bfa873d646b787a37568b372e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 05 Dec 2022 08:31:27 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 836078
x-cache: HIT, MISS
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85657
ghost-fastly: true
x-request-id: e39ac4d675cf43b850edebcf75ca4f6b, e39ac4d675cf43b850edebcf75ca4f6b
x-served-by: cache-ams12775-AMS, cache-hhn4081-HHN
last-modified: Fri, 25 Nov 2022 06:56:36 GMT
server: cloudflare
x-timer: S1669393010.624850,VS0,VE14
etag: W/"14e99-184ad92e785"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFT9hTxsw74AwWEIlTxVfWjRX4JlJbTUmbU%2FmdR%2FjQuWLnGI54pCgnPe44Sv0%2F5ydsf3YMrgYou4PYXaHx0AfrUFw6pmkBTjOw7yyj%2Fzkk1mt05kV%2BAQw9zhqjcyxZQWsXS6ECqr8QHRvlLt85i6Xkch1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
cf-ray: 774b6cf1efe39b51-FRA
x-cache-hits: 7, 0

GET
H2 200 refinery-4800320_1920.jpg
blog.finanswebde.com/content/images/2022/11/ 352 KB
353 KB 55ms
36ms Image
image/jpeg 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.finanswebde.com/content/images/2022/11/refinery-4800320_1920.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d6b2ea493433a588e6e27e0022e5aff94415209c8e8c67566f93c7ec946dc2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 05 Dec 2022 08:31:27 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 854725
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 360230
ghost-fastly: true
x-request-id: 6266fb6d995094714c8e909e8b5c75ad, 6266fb6d995094714c8e909e8b5c75ad
x-served-by: cache-ams12745-AMS, cache-fra-eddf8230122-FRA
last-modified: Fri, 25 Nov 2022 06:47:21 GMT
server: cloudflare
x-timer: S1669374362.223397,VS0,VE1
etag: W/"57f26-184ad8a6e35"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ea46PDOpq%2B6uUa%2FbFxQ%2Fz5gU1date1cLbSwIaPrhCPcLQx1uTMZVjeyWgJZr3NZfczaAUDsN978YnjzsRsA%2BiWLkO5w6iImcc9iKqcFdqscqzspnVQuH3EonmdSOz0IopD%2Fqw3dlGg2%2BGnPLyWnZJsM5dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
cf-ray: 774b6cf1efe19b51-FRA
x-cache-hits: 2, 1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 175ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:31:27 GMT

GET /
finanswebde.com/socket.io/ 0
0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63C1 13 KB
5 KB 64ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:28:11 GMT
expires: Tue, 05 Dec 2023 08:28:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2FB0 783 B
535 B 53ms
23ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c6c1411eefe1a5773a3da1d049e8231a7c6ad0ba27c0dd68eeb1405cf12a67f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rlfnRavY7kYBUQe7vykO9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-rlfnRavY7kYBUQe7vykO9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:31:27 GMT
expires: Mon, 05 Dec 2022 08:31:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 371 KB
124 KB 62ms
22ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126620
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:31:27 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ 398 KB
128 KB 51ms
50ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12/5/2022
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 401aba8487796e29e020c1df0758a1accfc18d11a354dbe7dba65294372d7e13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
last-modified: Wed, 26 Oct 2022 21:50:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 12 Dec 2022 08:31:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2FB0 0
0 149ms
121ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022112901&jk=2327924981888600&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 63C1 36 KB
16 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 21:39:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 63C1 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EJgHWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75AF 6 KB
3 KB 44ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:31:26 GMT
expires: Tue, 05 Dec 2023 08:31:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/ Frame C90D 52 KB
6 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Requested by

Host: finanswebde.com
URL: https://finanswebde.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8dcc2b26565aa747e4c1a48f8bec637e7bc2695923d529becfa80a2463d6c37

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 305283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5733
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 19:43:24 GMT
expires: Fri, 01 Dec 2023 19:43:24 GMT
last-modified: Fri, 29 Apr 2022 21:36:54 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 75AF 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx0ceX6yNY85M1vaBB868mKANxImI5W36gpWu-BCMtMynoTcQASDAsoJrYJWCgICYB6ABsorBqgHIAQmpAob-Z2YI6qg-4AIAqAMByANIqgTzAU_QIl2awSdiZ6E-CxSUDHhitQakK_DccwHvqlUX-SsS2P6QX7xzyASaWRMPe_SqIRZnuf5TAKG73h9YJkeJbkf_tllEYZ0UJ5Vzx-6lBIJuwqH8pjoLiYx2PpGyxEwPtNOKvdeLxjE0_rUIzyGqWVYigQLGnFtfpIFYkmsT6Ta3h6Zx5UJ-iBKyzKBEK1bnSXW5b_FtSib8AmbZEI2QRqZI3NvgmnKdDzMWxcmWWq9js88N9OgZoWWjbTZq_Svaj-h5Bl2xeRFFSKEKQ9qB54lS4VprXa3qfGOPMcshfAkvSpNVjBLEQMOsjeirP-Y1a7iSZ8AE1tLNhpQE4AQBkgUECAQYAZIFBAgFGASgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQz8tY0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTgzODUxNTg2NzI3OTMzMjaACgPICwHYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=_8xcg27vRZ4&uach_m=[UACH]&cid=CAQSTQDq26N97ym8X4J5u0ejToWmw3Gw0DU73oMYBhh6nPSgMGIJNt_obfayBhIAhdpQxGXLkiVwqQ5fsnwyqueKRG4Uq99mjUXQusIgKpv2GAEgEw&template_id=419
Requested by: Host: finanswebde.com
URL: https://finanswebde.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 75AF 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C90D 6 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Dec 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C90D 34 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:40:58 GMT

GET
H3 200 9b68412525dd10858c39677e12566411.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/ Frame C90D 86 KB
22 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/9b68412525dd10858c39677e12566411.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92184305d4c9c3b409648ea14555b2e22ec243dae940a241762099b746c51b73

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 19:43:25 GMT
age: 305282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22816
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:36:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 19:43:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D1FB 143 B
166 B 64ms
13ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 75AF 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 75AF 18 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 75AF 0
0 23ms
23ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHvKZ2m-RKHuvvEZNsBBrOurz_zqZmpP6EsdYjbhK9Rz5tTYkOVeaFElsS6ikjPdH-3XIPs_HsqIlNSgHgrLwZ4U23rQ
Requested by: Host: a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75AF 155 KB
48 KB 74ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:31:27 GMT

GET
H3 200 bridge3.547.0_tr.html Show response
imasdk.googleapis.com/js/core/ Frame 19C7 691 KB
222 KB 46ms
15ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.547.0_tr.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c7c6b837bea32fa12096cd73da29e6eac5754c36e18c285b6a427414a6f87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finanswebde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 278295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226810
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:13:12 GMT
expires: Sat, 02 Dec 2023 03:13:12 GMT
last-modified: Wed, 30 Nov 2022 15:32:05 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 82ms
29ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 08:31:27 GMT

GET
H/1.1 200
OK 10487510 Show response
panel.izlesene.com/api/player/npm_finanswebde/ 1 KB
1 KB 274ms
77ms XHR
application/json 185.7.176.4
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://panel.izlesene.com/api/player/npm_finanswebde/10487510
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19331
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.4 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: nginx/1.4.4 /
Resource Hash: e1fde52159598cfbe040305c4e422dc178dd601d654cc0523a8f464e669b6c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 08:31:27 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Server: nginx/1.4.4
Age: 0
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
X-Varnish: 2203463294
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 643
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 favicon-32x32.png
finanswebde.com/static/img/ 1 KB
2 KB 21ms
21ms Image
image/png 2606:4700:3035::ac43:c49b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanswebde.com/static/img/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c49b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f38ab134ffcf8f1521b461973c3db993098f7915161c5d79627d3fc4ee4056fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4351129
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1065
last-modified: Thu, 01 Sep 2022 22:02:32 GMT
server: cloudflare
etag: W/"429-182fb13c394"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXCxWFC8ecPVUndona2pdx125cVoBYM8ZJF1Xz9bnMtvIN9H7wPtBEki8zk7xghQkKgP%2FgUR1PFG9%2Fkz4b%2FZRRqc7Pw7IvIWIdr3Zd2RzYr0MiDxkb8CvKMcwmLe%2FtP2NdnGJoP2OOXVtdDD4O0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 774b6cf63d84902e-FRA
expires: Sun, 15 Oct 2023 23:52:38 GMT

GET
H3 200 leaguespartan_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/fonts/ Frame C90D 35 KB
17 KB 53ms
19ms Font
font/ttf 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/fonts/leaguespartan_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/9b68412525dd10858c39677e12566411.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b99a6629efb2568ff1211ab08da867c73f39644e3169c86957e7c48a1476c20

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 19:43:25 GMT
age: 305282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17342
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:36:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 19:43:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C90D 672 B
360 B 60ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/9b68412525dd10858c39677e12566411.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:31:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:31:27 GMT

GET
H3 200 c0126501a19d3b95345b5eeaa594ece5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/ Frame C90D 286 KB
286 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/c0126501a19d3b95345b5eeaa594ece5.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d358037372d0ba5d6428e3e58190e9fe348a6552d46d4692e47dd3174d39177a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 01 Dec 2022 19:43:25 GMT
x-content-type-options: nosniff
age: 305282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 292448
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:36:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 19:43:25 GMT

GET
H3 200 5e8d45467d706df509e37c20fcafdad7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/ Frame C90D 12 KB
12 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/5e8d45467d706df509e37c20fcafdad7.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5367bc61611892a42f7fd5ccf6bb152068de3c4e4e7fc20356f893a4cbc716f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 01 Dec 2022 19:43:25 GMT
x-content-type-options: nosniff
age: 305282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12107
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:36:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 19:43:25 GMT

GET
H3 200 26d6b1807f31653d3d0c621fc0504b39.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/ Frame C90D 3 KB
3 KB 24ms
23ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/26d6b1807f31653d3d0c621fc0504b39.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1d5c2c020f46b2ba4dcbf385b98a6a87e210ed23f5338d4a862e15d968a5a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 01 Dec 2022 19:43:25 GMT
x-content-type-options: nosniff
age: 305282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3433
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:36:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 19:43:25 GMT

GET
H3 200 c1bc74acc2d86585306003ead9f98559.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/ Frame C90D 4 KB
4 KB 23ms
22ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/media/c1bc74acc2d86585306003ead9f98559.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca53eb49a7bcdd3e0ab3405940363a4f9086f7a9ed93e30c6de6bba265c59a6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 01 Dec 2022 19:43:25 GMT
x-content-type-options: nosniff
age: 305282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4344
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 21:36:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 19:43:25 GMT

GET
DATA 200
OK truncated
/ Frame 75AF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b94890bdbc125c8bf5dd1069d2b59cb65a3873a21c5ef6374240b9970b37ab61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D1FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:31:27 GMT
expires: Mon, 05 Dec 2022 08:31:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:31:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C90D 1015 B
426 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/787910389773164944/9b68412525dd10858c39677e12566411.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2985f8e39270c409883a48f4a656e99d2bfd3aa8aa28d19583f36263d59a6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:11:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:31:27 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame C90D 23 KB
23 KB 44ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 487453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:07:14 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame C90D 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 21:39:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
126ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022112901&jk=2327924981888600&bg=!i4iliMzNAAbvMpMzzzI7ACkAdvg8WpUyhzdubNl-S1PISpWGpnL5JLXKIHhivzraDbtSbNpASg-C_AIAAABSUgAAAARoAQcKAOvPr6ZdS-kWWxQzYN1-ctAUyzvqVf5H9VajleZANyDEWNRZnS7l7GJUicZ9B1XAZDxlmlpuaGWwE0qEYcDhvSEgwgvvAyuijTC-MBZBXK0meUN8YKoNi1n0arMtnybAOpb53m3QAiv1A3e7JzTTZ3C_YsSuXc56oOFYnBh5kCgPwBnVw-U8nPe7NgRYZDuQ2dWCRdPHp-8922V5wYtQG84ybQt-JsI4B4agXPwxyy1nUumfbe3PqEOdxehj8h7lqyXuj5WuwTd4H3wbx2iCGjUfl6q1a1kEACU2OXw8m96BWDXZ-EhteuaBKikzmQKUWAynuo2O4IE_jw3cTGzJtn_Tr4YHSjsJErjdmXAogRErwRwcPxQQ2BVKN9iW6eP34Ty1rvVPGzyibuFgZvvN16Ndb8cS54LDfODAhY0QUQV4QHgqNHMYn4MtZVNxm9RXGjYIV9KY27qjITnM-58BB0YtXBgUbABBsuRV846UrH43F2_5PVouEbmCi-XNj4ubxjrl0XKxBUDqrzqTzw4MdhCesMDYvgz9Tv-HLxffM_U2dqdsqmzFKV7Bs_FqDGyCAZtkyhDifH-rwlRlabeDmLPBnpEt6ubxKC1xmcWHMHRl8wbniArkCp41CrrMfMPAD9L9FKGafyDEeC3MKMxANMqkZ-AAjaBpp4Y1lY5be4SVnWD_4bKKPXJaoqU4IjpIZUHYmheuki1t-Ftvq1jFaq8O7IRZRa-2JOSGl1s8ObJj8jgX1emSdQVJoThHhBJHpmj0Ov4P39yPGTcRdy8Rp6l_88n1i13SNVmMDA9HRD3QJEH_nSBE_uZ9Q58fsi2O2REUUHYNlBEGhd3v4L-vlZslOsSfPMRAHhzjac2TeO1NKQ-BUoJimtQXml27YUEcEwKtzYkJ1kkX2ljIlsXNPb_jrMFJhGdcY7UdS80LCKhF4XJeYscbBZzhzpsqh9GuOPYk--eo7qIpS6AUhmlrqWVZeqPSzOFAUWCOQ7Lypj1F4_4G44wvjZ04P1ljKWlt04h2Yr0yOvdK3Nhni1M4LbvknALLXlEua9qAcUj2ndplQf1Gk0vJOOUFtTNZGlaGykcoFqHAyTx9fG6WRjjQJPMf0jtpQUQHRj7OrNOFUGFl7GVNyNgWG9J_AsB1_6PB-QEJjYFa1QHjAkJi2ruQHmsoAnJ-YQ6b34aSA9_gggxLc3ww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

POST
H2 200 count
logger.virgul.com/ 0
116 B 58ms
46ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_finanswebde:13::10487510&o=0-100&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12/5/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:31:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 45ms
44ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_finanswebde:preroll:100&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12/5/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:31:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H2 200 zoneview
ng.virgul.com/ 0
213 B 46ms
45ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1670229088088&v=https%3A%2F%2Ffinanswebde.com%2F%26vi%3D10487510%40&r=153511:finanswebde&userId=vnet0e29aad8-4fa1-4b8b-9de5-33bc47eafee0&tp=&os=&call=&vd=44.533&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.09931403442177467
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://finanswebde.com
date: Mon, 05 Dec 2022 08:31:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
DATA 200
OK truncated
/ 1016 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

206

10487510-480_2-170k.mp4
istr-n23.nktcdn.com/data/videos/10487/
Redirect Chain

https://istr.izlesene.com/data/videos/10487/10487510-480_2-170k.mp4?token=zbmf1eTu0GDwsG2o_0AFYA&ts=1670319087&playername=npm_finanswebde
https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=myZyT6-qt2H0ToB5lZX4sg&ts=1670315488

96 KB
0

245ms
48ms

Media
video/mp4

185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=myZyT6-qt2H0ToB5lZX4sg&ts=1670315488
Protocol: H2
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
Content-Range: bytes 0-5715147/5715148
date: Mon, 05 Dec 2022 08:31:28 GMT
last-modified: Tue, 13 Oct 2020 09:26:52 GMT
server: openresty/1.15.8.3
Content-Length: 5715148
content-type: video/mp4

Redirect headers

date: Mon, 05 Dec 2022 08:31:28 GMT
server: openresty/1.15.8.3
content-type: text/html
location: https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=myZyT6-qt2H0ToB5lZX4sg&ts=1670315488
access-control-allow-origin: *
cache-control: max-age=0
content-length: 151
expires: Mon, 05 Dec 2022 08:31:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 75AF 42 B
64 B 134ms
133ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYcgcHJLLcl0WTm-QnSEdxeVeJTiU8LjcTAjMFV6OKIZED6XrlICcSG14K5QY6fVAaYIleJPowtNKpZ36TV3GtI11JU45oSlqJpzaqWglFQzEMC3Gm_QbCKVjNnbtKCMTgRIpGXQ&sai=AMfl-YQCeg-goq1JMR6uwT6gAp5ELTu4BmOX59jfXg78IlT7_Rp0b3JI5hFMtzabBQUjt4n39a0w3wgF1qAiU3pwJtDCsYz4eBgRXfbgBgBzKIYntB85XIU0j7W_upywE2TG-EHFz-As_b9VoDU9CtXppA&sig=Cg0ArKJSzJLWSUeksigBEAE&cid=CAQSTQDq26N97ym8X4J5u0ejToWmw3Gw0DU73oMYBhh6nPSgMGIJNt_obfayBhIAhdpQxGXLkiVwqQ5fsnwyqueKRG4Uq99mjUXQusIgKpv2GAEgEw&id=lidar2&mcvt=1001&p=159,650,409,950&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1971925398&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670229087531&rpt=274&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:31:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 45ms
44ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=initBufferFull&g=h&r=npm_finanswebde:n:10487510&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12/5/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:31:29 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 45ms
44ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=start&g=m&r=npm_finanswebde:n:13::10487510&o=vnet0e29aad8-4fa1-4b8b-9de5-33bc47eafee0:44:1000-1100::&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12/5/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:31:29 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 44ms
44ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_finanswebde:preroll&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12/5/2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:31:29 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 integrator.js
adservice.google.de/adsid/ 107 B
122 B 74ms
23ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=finanswebde.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js
adservice.google.com/adsid/ 107 B
122 B 56ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=finanswebde.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 buster.min.js
static.virgul.com/theme/mockups/adcode/ 21 KB
7 KB 46ms
45ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/buster.min.js?t=5-12-2022
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanswebde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:31:29 GMT
content-encoding: gzip
last-modified: Sat, 12 Feb 2022 19:47:00 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
DATA 200
OK truncated
/ 985 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET ads
pubads.g.doubleclick.net/gampad/ Frame 19C7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: finanswebde.com
URL: https://finanswebde.com:8094/socket.io/?EIO=3&transport=polling&t=OJXQLCu

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C36563801%2Fweb_finanswebde_preroll&description_url=http%3A%2F%2Ffinanswebde.com&env=vp&correlator=2759286810606357&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ppid=vnet0e29aad84fa14b8b9de533bc47eafee0&cust_params=site%3Dfinanswebde%26env%3Dweb%26mt%3D1670229085142%26r%3D153511%40site_geneli%40finanswebde%3Asite_geneli%26info%3D%26targetCtr%3D0%26viewable%3D2%26site%3Dfinanswebde%26plm%3Dnull%26pid%3Dvnet0e29aad8-4fa1-4b8b-9de5-33bc47eafee0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1699890163&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&sid=BD94A850-C91E-40CA-BF16-F361CA6A97EF&nel=0&eid=44731965%2C44748969%2C44765701%2C44771449&url=https%3A%2F%2Ffinanswebde.com%2F&dlt=1670229084547&idt=3329&dt=1670229089138&cookie=ID%3D57a0ebdbafd7f249%3AT%3D1670229086%3AS%3DALNI_MYAsIcyWn9Vx-fE_X2ktFlGXVLhCQ&gpic=UID%3D00000b8db570694b%3AT%3D1670229086%3ART%3D1670229086%3AS%3DALNI_MZj9Uv1gMGL0AVKSMYnkn-EM98R8g&scor=698602332516142&ged=ve4_td4_tt1_pd4_la4000_er508.1055.661.1355_vi0.0.1200.1600_vp100_eb24171

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finanswebde.com/	1970-01-20 10:06:45	Name: _gcl_au Value: 1.1.165672174.1670229085
.finanswebde.com/	1970-01-20 17:33:09	Name: _ga Value: GA1.2.246564559.1670229085
.finanswebde.com/	1970-01-20 07:58:35	Name: _gid Value: GA1.2.334634260.1670229085
.finanswebde.com/	1970-01-20 07:57:09	Name: _gat_gtag_UA_49264185_15 Value: 1
finanswebde.com/	1969-12-31 23:59:59	Name: pId Value: vnet0e29aad8-4fa1-4b8b-9de5-33bc47eafee0
finanswebde.com/	1970-01-20 07:58:35	Name: uuid Value: 183o13mpralbaj4el8_1670228831708
finanswebde.com/	1970-01-20 07:58:35	Name: utoken Value: d121f39483b0049660ed3b5b21503aeb
.doubleclick.net/	1970-01-20 17:18:45	Name: IDE Value: AHWqTUnTk5wNTQsxe8EIHxDaUxH7YxKOwniD6buyj72o0M1vVTFB3b4ffM0daW7pOCI
.finanswebde.com/	1970-01-20 17:18:45	Name: __gads Value: ID=57a0ebdbafd7f249:T=1670229086:S=ALNI_MYAsIcyWn9Vx-fE_X2ktFlGXVLhCQ
.finanswebde.com/	1970-01-20 17:18:45	Name: __gpi Value: UID=00000b8db570694b:T=1670229086:RT=1670229086:S=ALNI_MZj9Uv1gMGL0AVKSMYnkn-EM98R8g
finanswebde.com/	1969-12-31 23:59:59	Name: watchID Value: 6bf7fd41-4ed5-45b9-9fe3-2971a3800c73
finanswebde.com/	1970-01-20 08:40:21	Name: userID Value: ef579288-d689-459d-a37e-a2b0ec2b919e
.doubleclick.net/	1970-01-20 07:57:12	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/787910389773164944/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a04db976658485ca9318c3d0e697902f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
blog.finanswebde.com
c.amazon-adsystem.com
c1.imgiz.com
cuneytekinci.ghost.io
d10vd2486q68pd.cloudfront.net
d3div1mtym39ic.cloudfront.net
finans.apipara.com
finanscepte-xuoe622gjknvdey.stackpathdns.com
finanswebde.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
istr-n23.nktcdn.com
istr.izlesene.com
logger.virgul.com
ng.virgul.com
pagead2.googlesyndication.com
pandg.tapad.com
panel.izlesene.com
pghub.io
pubads.g.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.virgul.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
finanswebde.com
pubads.g.doubleclick.net
108.156.255.76
13.226.156.149
151.139.245.20
185.7.176.221
185.7.176.222
185.7.176.223
185.7.176.4
2600:9000:2182:8000:11:1ed0:3900:21
2606:4700:3035::ac43:c49b
2606:4700:e2::ac40:840f
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9a
2a04:4e42:400::775
34.102.243.38
35.241.45.217
95.216.154.67
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0fe02731c22e5466827e8f662f13266450cd5cca96f2fbc063331c8014bfb961
11e623f6cb6978519f97a73de00c8633974b11405e184d292eab0602a0981413
15a06c30208d58235ad0899985232c8e22530268f1b7703fa7d10fe36605227a
16824b9ab6e921c5058ba5479bda9f663088f2cb26f15d4ea7f3a85630636a47
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e1d5c2c020f46b2ba4dcbf385b98a6a87e210ed23f5338d4a862e15d968a5a6
2259fd47c8c7d4495d954f079cab5f532a7b6747a358a3e8fd92209348b0a8a8
249bb1b5563c151f5dda58b62914daf7f2992e781d06095677d0a5e468249f21
24bf624ed768c1d266c62e624b1244c6990ca161138f9aebcd4dc9c0db7eb033
29a18daaaccc2896c4f4c22efc02cd69ef78861b9250bf53ea3c9704f285e6d7
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2e79c5f974661bbb24283a9a66cfbc3fcd7daaa055a68dbce8f4cc62325e911d
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32d25f6382bcb6fb3280cdee82f113646a33af948ad82eb1256c2f980f6d16f7
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
401aba8487796e29e020c1df0758a1accfc18d11a354dbe7dba65294372d7e13
40870451732fafdd059922451b326cffc5275fcb0f961f7e9cb23c727b0794a1
43c16c3c66b80fd8b1fa295088d1c8ea7037ab3c1651c2e614e2e6f770173758
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f504853c22830746efb516a1381df43fc062034c4aff823b49d8f6cf029b2c
530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19
54807b0a049f4422abfc2629429cf84573f3c3a4fa24989a56aa0e7aefed2713
54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dc7b9b03d2c7ac705f4e5f88fa5174d503fec2a70ad081f8d03e2620cbf2c5
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
688904b447feb655d03c45c4829adbcce2190946623041d61411cb4aaf9677a3
6a2737f4fb4af1009bac4e0c049eba28753371426192ed41afd140dabbbfcbf0
6b99a6629efb2568ff1211ab08da867c73f39644e3169c86957e7c48a1476c20
6c6c1411eefe1a5773a3da1d049e8231a7c6ad0ba27c0dd68eeb1405cf12a67f
6df52655c01ab640e180c0c7f83cb8eb2a8c0a216aaab2fc479a1c0baac13a99
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70083d81f4abc958e43215542c5543afedd6294b03d1d544934118c5e2ea054b
78ecd2259a162af3406fc676dbe4810a4861027fb275e327c176a219d846d7ee
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79e3381adccea1f5cadcf8e81b189501b935f79475555dcbd8e8831f53c4b4e5
7abe950e5ba5f0bfce71296a946a842fd3c7c5c93a96a324fe3866b3662f77a4
7af0de072e07f144f7643eab54a9fa8e14e343bfa873d646b787a37568b372e9
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
800d2f4e9afefbc998de8591d16f99848a1878dc9f0605cd19c8e313ab981ec7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fb8eee8dd39adf4434a726733bc6cd6de0cc72cb7be8394ea86f7e179c5e95
8960045a0f15851413611eb6f4222e018bc397cf49be3ff0420390e96db405cd
8d40df0be5909048df8152417ab6dab760735f9f2e7888859ce11929f55e8a65
8d6b2ea493433a588e6e27e0022e5aff94415209c8e8c67566f93c7ec946dc2f
92184305d4c9c3b409648ea14555b2e22ec243dae940a241762099b746c51b73
993dbd1b800cd19c39b3829df6b5ec50b8fb18482d35f9d110ae4aa40e4c76fe
9ab0baca7a738a0ed49bd74f042400153d207a444f1675808802a3c2aa923322
9b36bb3478a2270b81019c5691a1b78b87fc6325d94bc2e629635d2890e6b18c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a1ebb83ad16d029b6c0b2533ed1105e947084ed06fb85fed67d5e259d1ab4dc5
a290abc20f0b59dc02b4f83a189b9830ee4f7c1110318dbdbb6bd8e19cc84407
a35fd94e9d404b47b62b964377174b34c9ae0aac4f5d975922cc3fc8ceddbb4b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a525c29375c645110e4d70c15004dced135dc3d5858b52d71b48db3eb3d4eb0d
a9c7c6b837bea32fa12096cd73da29e6eac5754c36e18c285b6a427414a6f87f
af8c22e8b3a6c3dec18e0781c7a2a489dda9605e4f0cc7fc91d3f3637aaadddb
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b77566a54f5661c98f1bec60bd942ff3987e570513dc29dcc054108ae5cf7b26
b94890bdbc125c8bf5dd1069d2b59cb65a3873a21c5ef6374240b9970b37ab61
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
c00412f01fdbf0769c41d16dd280b7498bb01b0bd6ebcedba058608770c7f9a5
c038f2f92310db4f32b756ed4de997ef499335657fc351ed95c21f48e91e2fa9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8dcc2b26565aa747e4c1a48f8bec637e7bc2695923d529becfa80a2463d6c37
ca2e069d79232ef3d7d779887588a89a58cecf1ad80c59078928fc0783f3b035
ca53eb49a7bcdd3e0ab3405940363a4f9086f7a9ed93e30c6de6bba265c59a6a
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1b1ac2bd9304b995189bf5c34d3d5288f629cac61349c02a709f17a0aad5634
d358037372d0ba5d6428e3e58190e9fe348a6552d46d4692e47dd3174d39177a
d457512b1696fb63b4672dd84835ee0bad3bf4a6ba31445b0359b5a4775bf04e
d5367bc61611892a42f7fd5ccf6bb152068de3c4e4e7fc20356f893a4cbc716f
d5675b40571d01f5172d21cc6cbc549334f1b803dff974a4b8d742fda77a6b18
d93aad7c4d1cd3a00131ff659f9e70bed0a10e0107445caf73a73e07ae900ad8
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dd2525cf39a900bcd9653e62bb19ec817d4a9919d2cb75ece2b8a77a9d5ef300
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfba3a870c2fc34b914511160418b1b668e0722213b83e2e87fa53d7d0358034
e1fde52159598cfbe040305c4e422dc178dd601d654cc0523a8f464e669b6c48
e209e9d76893c0781323ceb7cf01453dd2be7ef7c8903ee8d6562575bc44dbf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e5beb63aebc5801261d1cb9dcfba607d0e34f46c4d2928cb19ea7e288c0055
e80608d332697c032931d7a6122b5201f886a928bcd3af3e00ea11c112a0b946
ec9731fbdb63a512673e637da38a126761370903ca54a8d45e466509c9b88f43
ee6428dc15beb065bef14ce4cbab92a469d0fccfa20ec5b05455775e77a05b39
eed0e267b0871a87bae6e56e92651c0b18dedf5e8ffecf0f915c51bf0f2cb9a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef677dc1926cbfa2aa4e0f3a2cd13cc318d2d968cbfd2bcc5d7eb9a94ff13034
f2985f8e39270c409883a48f4a656e99d2bfd3aa8aa28d19583f36263d59a6d4
f38ab134ffcf8f1521b461973c3db993098f7915161c5d79627d3fc4ee4056fc
f4e1a404c6c692067af16312440f9b5a36f9f74ff9d7fd68110102c4390de29a
fe0b183659cefbe0c08a2d7fa608fb2d71f6a9cefd72f9af056029b856a5206f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

finanswebde.com Open in urlscan Pro 2606:4700:3035::ac43:c49b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

97 %HTTPS

67 %IPv6

23 Domains

36 Subdomains

31 IPs

5 Countries

3608 kBTransfer

8450 kBSize

13 Cookies

3 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

finanswebde.com Open in urlscan Pro
2606:4700:3035::ac43:c49b Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

97 %
HTTPS

67 %
IPv6

23
Domains

36
Subdomains

31
IPs

5
Countries

3608 kB
Transfer

8450 kB
Size

13
Cookies

133 HTTP transactions
9 data transactions