www.cleafy.com Open in urlscan Pro
35.152.104.113  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request droidbot-insights-from-a-new-turkish-maas-fraud-operation Show response www.cleafy.com/cleafy-labs/	80 KB 22 KB	223ms 86ms	Document text/html	35.152.104.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.152.104.113 Milan, Italy, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-152-104-113.eu-south-1.compute.amazonaws.com Software / Resource Hash 419e32040c8b72405dd8b96828163c61287f94ddc6a072c92dbf9776bdc2209f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 384462 alt-svc h3=":443"; ma=86400 cf-cache-status HIT cf-ray 8ef1f12f49b0edcf-MXP content-encoding gzip content-security-policy frame-ancestors 'self' content-type text/html date Mon, 09 Dec 2024 03:34:54 GMT last-modified Wed, 04 Dec 2024 16:43:08 GMT strict-transport-security max-age=31536000 surrogate-control max-age=432000 surrogate-key www.cleafy.com 6020129a813fe0c8f1e8053e pageId:609e4249b3778b39524cad9a 609e4249b3778b409b4cad98 60b40d39bb78e385c23d23fc 60bb55baee151591e306b7c8 vary Accept-Encoding x-cluster-name eu-south-1-prod-hosting-red x-frame-options SAMEORIGIN x-lambda-id 89641410-d754-402c-85ae-555fc88b18e5
GET H3	200	cleafy.a2edda149.min.css cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/css/	167 KB 34 KB	81ms 42ms	Stylesheet text/css	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/css/cleafy.a2edda149.min.css Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f49ab73e550e059edc0a27c33a64ff1de20e5615de346a5c38af867df2c87893 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding gzip cf-cache-status HIT etag "828e9af547b5fc80a69a72734e5e34c0" x-amz-version-id ttqWlSRdpp1_2xSOH5dyZswha633qxpo age 1687 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:54 GMT content-type text/css last-modified Wed, 04 Dec 2024 16:43:03 GMT vary Accept-Encoding priority u=0,i=?0 x-amz-id-2 BTF9zeTMBBggVX7EQY+HbL3BLIdXa2syXkDW/sdrwv9sUPHZFqrRXniudSb61loiAr3yH2+dlFY= cache-control public, max-age=31536000, immutable x-amz-request-id TQFKJ2D9F5WXZ9AW cf-ray 8ef1f12fff853731-FRA accept-ranges bytes access-control-allow-origin * content-length 34227 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	118ms 36ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding gzip age 239225 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 09:07:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 09:07:49 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 5437 x-xss-protection 0 server sffe
GET H3	200	v2.js Show response js.hsforms.net/forms/	484 KB 156 KB	109ms 62ms	Script application/javascript	104.18.141.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/v2.js Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers x-request-id 9a7521d1-0c7e-4efc-a831-2062cf9b352f content-encoding gzip cf-cache-status HIT etag W/"53fa063fb1734ce6bb187c96e7665972" x-amz-version-id kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3 age 373 cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JD58AwMUu70uolSHYBTOX9yID%2BirSg%2B4%2BCZV9P01YNsKW2uTc2Kv%2FHgMjbZtfviJLk82zdgzP4YaM4M9LdyxZd5AmuESdohDeCifDE0c7mVb6C2W1YVHIn7p4GPYNXUs"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-evy-trace-listener listener_https x-amz-cf-id G6pQHKDrA-47WAjwbfl04aRYFAdoETtitu1OhdgpJJbIA3r1OKWSvg== x-hubspot-correlation-id 9a7521d1-0c7e-4efc-a831-2062cf9b352f content-type application/javascript; charset=utf-8 last-modified Thu, 21 Nov 2024 17:07:16 UTC priority u=1,i=?0 server-timing cfExtPri x-amz-replication-status COMPLETED x-evy-trace-route-service-name envoyset-translator cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-856d8787d5-2w2nl x-envoy-upstream-service-time 2 x-hs-target-asset forms-embed/static-1.6227/bundles/project-v2.js server cloudflare x-evy-trace-virtual-host all x-amz-server-side-encryption AES256 x-hs-cache-status HIT date Mon, 09 Dec 2024 03:34:54 GMT vary accept-encoding strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8ed8d337194065ac-FRA via 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront) cf-ray 8ef1f1301a7bd376-FRA access-control-allow-origin * x-evy-trace-route-configuration listener_https/all x-amz-cf-pop IAD12-P3
GET		addthis_widget.js s7.addthis.com/js/300/	0 0
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 32 KB	126ms 45ms	Script application/javascript	18.244.20.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6020129a813fe0c8f1e8053e Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.20.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-20-109.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://www.cleafy.com/ Response headers access-control-max-age 3000 content-encoding br etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" age 26484 access-control-allow-methods GET x-cache Hit from cloudfront x-amz-cf-id Rr9wVzqDPgStRRwWsg0BSHeINrjMxyW4jyPA4wybrdXl0Kxyc6jHaA== date Sun, 08 Dec 2024 20:13:31 GMT content-type application/javascript last-modified Mon, 20 Jul 2020 17:53:02 GMT vary accept-encoding cache-control max-age=84600, must-revalidate via 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA56-P11 server AmazonS3
GET H3	200	cleafy.65d67f643.js Show response cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/js/	726 KB 182 KB	128ms 108ms	Script text/javascript	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/js/cleafy.65d67f643.js Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b1509ae895b8bdd9b4e93f80a7a76a66c74844c8ae977e2bfa1b0a617388b59 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding gzip cf-cache-status HIT etag "ca664d636f21f428341cad5d971870c2" x-amz-version-id gl9luqDtQ7q7ILJDxh5Qh8pBo7N12Ye8 age 1687 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:54 GMT content-type text/javascript last-modified Wed, 04 Dec 2024 16:43:03 GMT vary Accept-Encoding priority u=1,i=?0 x-amz-id-2 73rQVWYTMcr4wtzMBboiZ/yhwgPpFQj3qb8T0QLbFszob3IAxb8gRzyB8F1wZkrEeh4SqgmIGuM= cache-control public, max-age=31536000, immutable x-amz-request-id TQFPJNAZ5XG3493G cf-ray 8ef1f12fff873731-FRA accept-ranges bytes access-control-allow-origin * content-length 185125 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	116ms 43ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Inconsolata:400,700%7CRoboto+Mono:regular%7CRoboto:300,regular,700 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5b3daff7dc05dfc7febc3603c086fdf84daabcb2c58d91c1db173079b22964c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 09 Dec 2024 03:34:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 03:34:54 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 09 Dec 2024 03:34:54 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	gtm.js Show response www.googletagmanager.com/	364 KB 117 KB	138ms 59ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WF5KQ9M Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 23cf85e0a917b6f6145a00922087b6e196955c2e09193697363bc9af8bc3d9cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Mon, 09 Dec 2024 03:34:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 03:34:54 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 09 Dec 2024 03:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 119043 x-xss-protection 0 server Google Tag Manager
GET H3	200	6059fd81ed4a6c1673c8f579_CleafyIcon.ttf cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/	2 KB 3 KB	78ms 77ms	Font application/x-font-ttf	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/6059fd81ed4a6c1673c8f579_CleafyIcon.ttf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/css/cleafy.a2edda149.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 982ec121721fb8c8ec7de5fdc9b4880110192ec150fcfda12484537fac62498b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/css/cleafy.a2edda149.min.css Response headers access-control-max-age 3000 cf-cache-status HIT etag "fe780be1587854651c5451b56860fee3" x-amz-version-id yyXB.LeBb3pAPhefeXi3e_lcW9drRqON age 1634 access-control-allow-methods GET, HEAD alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:54 GMT content-type application/x-font-ttf vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Tue, 23 Mar 2021 14:38:58 GMT x-amz-id-2 +V7CFTYPPhWM27h9gPdFrNWDNrclVmbSklQbewDJfolxZRCu2aPqZ4Bmok22iHoifs8BC5ELXZw= priority u=0,i=?0 cache-control max-age=31536000, must-revalidate x-amz-request-id FFMWDCD8QSKWJ3T1 cf-ray 8ef1f130fa88d380-FRA accept-ranges bytes access-control-allow-origin * content-length 2456 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	6031121f255fb120fa9d4d05_Cleafy-logo.svg cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/	2 KB 1 KB	94ms 93ms	Image image/svg+xml	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/6031121f255fb120fa9d4d05_Cleafy-logo.svg Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85f7c36d87c5f0e216ee9b938c315f417869080cc8409dd062e77fd080295cac Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding br cf-cache-status HIT etag W/"1c2ad9d008e16a57ebc4d3cdbc7b3d80" x-amz-version-id GPsQ7MyW.ryKlIuROZJKgbTPvowEWgx1 age 1634 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:54 GMT content-type image/svg+xml last-modified Sat, 20 Feb 2021 13:44:00 GMT vary Accept-Encoding priority u=3,i x-amz-id-2 fcQM/lXrFKZ/42GNEviySWa5nkViLVdpK0t4L4SBe6unjYjEFhRaY5eU2MHOJJKGIYiRblxWfrw= cache-control max-age=31536000, must-revalidate x-amz-request-id FFMJNJHXYNZGJCMW cf-ray 8ef1f130cfd93731-FRA access-control-allow-origin * server cloudflare x-amz-server-side-encryption AES256
GET H3	200	60b5585b6689a33061c9c75d_C_Labs_Octanium.svg cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/	2 KB 1 KB	94ms 93ms	Image image/svg+xml	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/60b5585b6689a33061c9c75d_C_Labs_Octanium.svg Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abc5a0dfe4d07a6e3c5cf11e90abfdd994e3db90a27414568366f72ac50e84db Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding br cf-cache-status HIT etag W/"4a5f4548e1c5e1b08a80d9d969067453" x-amz-version-id QXh4bIsT_7qVfNe71wvJ2nfDf31fD5uT age 1634 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:54 GMT content-type image/svg+xml last-modified Mon, 31 May 2021 21:42:52 GMT vary Accept-Encoding priority u=3,i x-amz-id-2 TszwYU0KGzBL0l72egBG0tyuMG9vQMj0o7Alw4MLDZHkFBr+Ef+gt2NGIWS1SuwdODjlUAGvVHo= cache-control max-age=31536000, must-revalidate x-amz-request-id FFMK709BK4M5CB43 cf-ray 8ef1f130cfda3731-FRA access-control-allow-origin * server cloudflare x-amz-server-side-encryption AES256
GET H3	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	102ms 60ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inconsolata:400,700%7CRoboto+Mono:regular%7CRoboto:300,regular,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://fonts.googleapis.com/ Response headers age 331365 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 07:32:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 07:32:09 GMT last-modified Thu, 01 Aug 2024 20:41:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18492 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	88ms 46ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inconsolata:400,700%7CRoboto+Mono:regular%7CRoboto:300,regular,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://fonts.googleapis.com/ Response headers age 525129 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 03 Dec 2025 01:42:45 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 01:42:45 GMT last-modified Thu, 01 Aug 2024 20:41:21 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18596 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	75ms 33ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inconsolata:400,700%7CRoboto+Mono:regular%7CRoboto:300,regular,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://fonts.googleapis.com/ Response headers age 483372 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 03 Dec 2025 13:18:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 13:18:42 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H3	200	L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2 fonts.gstatic.com/s/robotomono/v23/	12 KB 12 KB	115ms 73ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inconsolata:400,700%7CRoboto+Mono:regular%7CRoboto:300,regular,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://fonts.googleapis.com/ Response headers age 526691 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 03 Dec 2025 01:16:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 01:16:43 GMT last-modified Thu, 14 Sep 2023 01:16:46 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 12764 x-xss-protection 0 server sffe
GET H3	200	QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2 fonts.gstatic.com/s/inconsolata/v32/	33 KB 33 KB	122ms 81ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inconsolata/v32/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inconsolata:400,700%7CRoboto+Mono:regular%7CRoboto:300,regular,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 3f3cd898943b026a13346c3259ebd91bf02fe245d5ccd152ce7f544257986865 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://fonts.googleapis.com/ Response headers age 426303 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 04 Dec 2025 05:09:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:09:51 GMT last-modified Thu, 14 Sep 2023 00:46:10 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 34104 x-xss-protection 0 server sffe
GET H3	200	json Show response forms.hsforms.com/embed/v3/form/3993512/937dd5e4-6dad-4102-b348-22607dfad29f/	7 KB 3 KB	197ms 156ms	XHR application/json	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/3993512/937dd5e4-6dad-4102-b348-22607dfad29f/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227 Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50589e705f9c5e34b027ffede7e2f90d066ca721c0cbbdea6ec2be6feddfde7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://www.cleafy.com/ Response headers x-robots-tag none access-control-max-age 180 x-request-id 59f72f54-de94-4c63-a775-af55a4680114 access-control-expose-headers X-Origin-Hublet content-encoding gzip cf-cache-status DYNAMIC x-origin-hublet na1 access-control-allow-methods OPTIONS, GET x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-evy-trace-listener listener_https server-timing cfExtPri date Mon, 09 Dec 2024 03:34:55 GMT x-hubspot-correlation-id 59f72f54-de94-4c63-a775-af55a4680114 content-type application/json;charset=utf-8 vary origin priority u=1,i access-control-allow-headers * strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator cache-control max-age=0, no-cache, no-store x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-b967ccf5d-6xdg5 x-envoy-upstream-service-time 18 access-control-allow-credentials false cf-ray 8ef1f131ebfe9752-FRA access-control-allow-origin https://www.cleafy.com x-evy-trace-route-configuration listener_https/all content-length 2317 server cloudflare x-evy-trace-virtual-host all
GET H3	200	662d3a39ac9bfbdb07311663_Footer-Texture.svg cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/	1 KB 874 B	45ms 45ms	Image image/svg+xml	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/662d3a39ac9bfbdb07311663_Footer-Texture.svg Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/css/cleafy.a2edda149.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 271242211f6907c22619947ff7295571acb712efa840b80bc6ec324ded8ebd82 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/css/cleafy.a2edda149.min.css Response headers content-encoding br cf-cache-status HIT etag W/"5f403b5b541961239f59c5c91dd558f9" x-amz-version-id qWSyI8NmzwytZ5P8PfvHwAIl_FTglRxq age 1635 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:55 GMT content-type image/svg+xml last-modified Sat, 27 Apr 2024 17:47:38 GMT vary Accept-Encoding priority u=3,i x-amz-id-2 JCS+MfMwjiKTRxR+fi6RAhAPdiuucQNRdSNIrymftMBHG/WEvcUFR2+Ms1f9YUfw0hDwHsGsMGE= cache-control max-age=31536000, must-revalidate x-amz-request-id FFMZVDZVNBXMBA74 cf-ray 8ef1f131c8423731-FRA access-control-allow-origin * server cloudflare x-amz-server-side-encryption AES256
GET H3	200	6036dd61d4e1d1975520d3b6_menuV2.json Show response cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/	3 KB 1 KB	44ms 44ms	XHR application/json	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/6036dd61d4e1d1975520d3b6_menuV2.json Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/js/cleafy.65d67f643.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45328a0fad361667f47be17f6b66f2c9a5d5c507f18301c94d1b9f59372ade36 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers access-control-max-age 3000 content-encoding br cf-cache-status HIT etag W/"b61af8e755e948c52629faa62f8f9856" x-amz-version-id t2WUFsdV7vL_rId7fZpTXCbHjAgpuNes age 1635 access-control-allow-methods GET, HEAD alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:55 GMT content-type application/json vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding priority u=1,i x-amz-id-2 dXq8vvLWJq+8tTLU9/PbM7T2riXhu2mWi/8IT+IriAlnSMPyi9vY7kegbAiSofGoWX4WYwdb51E= last-modified Wed, 24 Feb 2021 23:12:34 GMT cache-control max-age=31536000, must-revalidate x-amz-request-id FFMR531SWJJDA693 cf-ray 8ef1f131fbfcd380-FRA access-control-allow-origin * server cloudflare x-amz-server-side-encryption AES256
GET H2	200	iubenda_cs.js Show response cdn.iubenda.com/cs/	2 KB 1 KB	138ms 44ms	Script application/javascript	2400:52e0:1e07::1161:1 BunnyCDN BUNNYWAY
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cs/iubenda_cs.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF5KQ9M Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e07::1161:1 , Belgium, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI), Reverse DNS Software BunnyCDN-BE1-1161 / Resource Hash c1298025e88c2999e70ae41ed8b0316faf947046b7121efb1444bc2214350f9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cdn-status 200 content-encoding br etag "6752afb2-2c4" expires Sat, 07 Dec 2024 18:51:43 GMT p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" date Mon, 09 Dec 2024 03:34:55 GMT last-modified Fri, 06 Dec 2024 08:02:58 GMT content-type application/javascript vary Accept-Encoding cdn-cache HIT cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains cdn-cachedat 12/07/2024 17:51:43 cache-control public, must-revalidate, proxy-revalidate, max-age=3600 cdn-requestpullsuccess True cdn-requesttime 0 cdn-uid a7bd0c3f-43db-400a-80e2-073f933f3c99 cdn-requestid 43722bc47a44c17d6b96761f7a04586f cdn-pullzone 954456 cdn-proxyver 1.06 access-control-allow-origin * cdn-edgestorageid 1161 server BunnyCDN-BE1-1161 cdn-requestcountrycode IT
GET H2	200	js Show response www.googletagmanager.com/gtag/	385 KB 126 KB	66ms 64ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XXDJEBQ2SP&l=dataLayer&cx=c&gtm=45He4c40v842765148za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF5KQ9M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 769111e03d21fcc6a8bee8538bdcb6ba9f53487d188f774a7810d0f97bdafd47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 09 Dec 2024 03:34:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 03:34:55 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 128619 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	296 KB 101 KB	54ms 53ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QT32G62CZ9&l=dataLayer&cx=c&gtm=45He4c40v842765148za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF5KQ9M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8489cb9c4d20f6c30f95856f549077b76d3ab2f9d1c9b5582149caf0b7eaa61b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 09 Dec 2024 03:34:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 03:34:55 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 103186 x-xss-protection 0 server Google Tag Manager
POST H3	200	collect pagead2.googlesyndication.com/ccm/	0 0	108ms 41ms	Ping text/plain	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.cleafy.com%2Fcleafy-labs%2Fdroidbot-insights-from-a-new-turkish-maas-fraud-operation&scrsrc=www.googletagmanager.com&frm=0&rnd=1281610566.1733715295&npa=1&gtm=45He4c40v842765148za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1733715295071&tfd=636&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF5KQ9M Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers
GET H3	200	v8.js Show response stapecdn.com/dtag/	19 KB 8 KB	87ms 47ms	Script text/javascript	172.67.72.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stapecdn.com/dtag/v8.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF5KQ9M Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99f2d8044a24b9817bc31c4e3f6c34c24ff4e05557ca70dcd2631f790785d8a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers x-goog-metageneration 1 x-goog-hash crc32c=3FX0EQ==, md5=Q2N3pg683cW38pmbAJQgGQ== cf-cache-status HIT etag W/"436377a60ebcddc5b7f2999b00942019" age 243749 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JkRhvX9sybIUOsecFFtxynC1LTvVAMNDCXUX%2Bg8FeEFoOWMREj%2FGezFFUvT1YWkY0TbX0x%2FCWCCSV0hNFysNcP%2FUKBfJqL5xEm3qZNRODGhQbwm9stxNU72b6W%2FlIQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-goog-stored-content-encoding identity expires Fri, 06 Dec 2024 08:52:26 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 18978 server-timing cfL4;desc="?proto=QUIC&rtt=32296&min_rtt=32127&rtt_var=12168&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4270&recv_bytes=4229&delivery_rate=98415&cwnd=12000&unsent_bytes=0&cid=78efba9b7b2be327&ts=52&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 09 Dec 2024 03:34:55 GMT content-type text/javascript last-modified Tue, 09 Apr 2024 12:29:35 GMT vary Accept-Encoding priority u=3,i=?0 x-guploader-uploadid AHmUCY2EVvKXXe9sI1ek0Yrf5phKtuxWmo6iBWY2abk32aMWlNFBgPZO5BfRZulLxEFkkNcGQQ x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class STANDARD referrer-policy same-origin cf-ray 8ef1f1329df75d87-FRA x-goog-generation 1712665775294960 x-xss-protection 1; mode=block server cloudflare
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4c30/ Frame 448B	0 0	136ms 44ms	Document text/html	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.cleafy.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF5KQ9M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 408612 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Wed, 04 Dec 2024 10:04:43 GMT expires Thu, 04 Dec 2025 10:04:43 GMT last-modified Tue, 03 Dec 2024 10:18:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 879 B	179ms 142ms	Image image/gif	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers x-robots-tag none x-request-id 59fbc520-12cc-46f5-ac40-dbe131a32f40 access-control-expose-headers X-Origin-Hublet cf-cache-status DYNAMIC x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-evy-trace-listener listener_https server-timing cfExtPri date Mon, 09 Dec 2024 03:34:55 GMT x-hubspot-correlation-id 59fbc520-12cc-46f5-ac40-dbe131a32f40 content-type image/gif vary origin priority u=3,i strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator cache-control max-age=0, no-cache, no-store x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-b967ccf5d-kf895 x-envoy-upstream-service-time 1 access-control-allow-credentials false cf-ray 8ef1f1332dd41c9f-FRA x-evy-trace-route-configuration listener_https/all content-length 35 server cloudflare x-evy-trace-virtual-host all
GET H3	200	enterprise.js Show response www.google.com/recaptcha/	2 KB 1 KB	124ms 54ms	Script text/javascript	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_a201a1a3_df26_4c08_b3f4_83464c26ca14&render=explicit&hl=en Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software ESF / Resource Hash c5d2b9182a1e5ff8216c2e2f3efa84bf2be5e63df68000f6cc5a305360eba667 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Mon, 09 Dec 2024 03:34:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Mon, 09 Dec 2024 03:34:55 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 915 B	152ms 140ms	Image image/gif	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: www.cleafy.com URL: https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers x-robots-tag none x-request-id 2eb24023-5f79-4a9a-9d23-71f86623f66b access-control-expose-headers X-Origin-Hublet cf-cache-status DYNAMIC x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-evy-trace-listener listener_https server-timing cfExtPri date Mon, 09 Dec 2024 03:34:55 GMT x-hubspot-correlation-id 2eb24023-5f79-4a9a-9d23-71f86623f66b content-type image/gif vary origin priority u=3,i strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator cache-control max-age=0, no-cache, no-store x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-b967ccf5d-pdcc5 x-envoy-upstream-service-time 1 access-control-allow-credentials false cf-ray 8ef1f1332dd51c9f-FRA x-evy-trace-route-configuration listener_https/all content-length 35 server cloudflare x-evy-trace-virtual-host all
POST H2	200	collect sgtm.cleafy.com/g/	0 0	419ms 322ms	Fetch	2001:bc8:1210:6c:: AS12876 SCALEWAY ...
General Check archive.org Show headers Download Go to Full URL https://sgtm.cleafy.com/g/collect?v=2&tid=G-QT32G62CZ9&gtm=45je4c40v9199135146z8842765148za200zb842765148&_p=1733715294813&gcs=G100&gcd=13p3p3p2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1547043720.1733715295&ul=it-it&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ngs=1&_s=1&sid=1733715295&sct=1&seg=0&dl=https%3A%2F%2Fwww.cleafy.com%2Fcleafy-labs%2Fdroidbot-insights-from-a-new-turkish-maas-fraud-operation&dt=DroidBot%3A%20Insights%20from%20a%20new%20Turkish%20MaaS%20fraud%20operation%20%7C%20Cleafy%20Labs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allow_interest_groups=false&ep.event_id=1733715294813_1_gtm.js&ep.gtm_page_path=%2Fcleafy-labs%2Fdroidbot-insights-from-a-new-turkish-maas-fraud-operation&ep.gtm_container_info=GTM-WF5KQ9M%7C26%7C&ep.gtm_hit_timestamp=2024-12-09T04%3A34%3A55.73%2B01%3A00&epn.gtm_date_now=1733715295073&ep.gtm_utm_source=&ep.gtm_utm_medium=&ep.gtm_utm_campaign=&ep.gtm_utm_content=&ep.gtm_utm_term=&ep.ga_session_consent_mode=%7C%7C&ep.request_type=server&ep.event_generation_type=gtm&ep.gtm_referrer=&ep.gtm_gclid=&ep.local_timezone_date=20241209&ep.local_timezone_hour=04%3A34&epn.pageview_action_times=0.26&up.user_possible_bot=normal%20user&tfd=779 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QT32G62CZ9&l=dataLayer&cx=c&gtm=45He4c40v842765148za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:bc8:1210:6c:: , France, ASN12876 (AS12876 SCALEWAY S.A.S., FR), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers x-robots-tag noindex, nofollow content-length 0 date Mon, 09 Dec 2024 03:34:55 GMT trace-id 0e07aa5e-9c7e-4b2a-b131-85944b464da6
POST H2	200	data Show response sgtm.cleafy.com/	68 B 460 B	218ms 129ms	XHR application/json	2001:bc8:1210:6c:: AS12876 SCALEWAY ...
General Check archive.org Show headers Download Go to Full URL https://sgtm.cleafy.com/data?v=2&event_name=page_view Requested by Host: stapecdn.com URL: https://stapecdn.com/dtag/v8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:bc8:1210:6c:: , France, ASN12876 (AS12876 SCALEWAY S.A.S., FR), Reverse DNS Software / Resource Hash 9498bb9ce160de21cc710691c66a47329274cb7ce861a71cd67006a4d7ae3a75 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type text/plain Referer https://www.cleafy.com/ Response headers x-robots-tag noindex, nofollow access-control-max-age 600 trace-id 2ae4cad2-88d2-46f4-8044-333607c805b4 access-control-allow-credentials true access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS access-control-allow-origin https://www.cleafy.com content-length 68 date Mon, 09 Dec 2024 03:34:55 GMT content-type application/json access-control-allow-headers content-type,set-cookie,x-robots-tag,x-gtm-server-preview,x-stape-preview
POST H2	204	collect region1.google-analytics.com/g/	0 0	107ms 41ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-XXDJEBQ2SP&gtm=45je4c40v877794303z8842765148za200zb842765148&_p=1733715294813&gcs=G100&gcd=13p3pPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1547043720.1733715295&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ngs=1&_s=1&sid=1733715295&sct=1&seg=0&dl=https%3A%2F%2Fwww.cleafy.com%2Fcleafy-labs%2Fdroidbot-insights-from-a-new-turkish-maas-fraud-operation&dt=DroidBot%3A%20Insights%20from%20a%20new%20Turkish%20MaaS%20fraud%20operation%20%7C%20Cleafy%20Labs&en=page_view&_fv=1&_ss=1&ep.allow_interest_groups=false&ep.gtm_page_path=%2Fcleafy-labs%2Fdroidbot-insights-from-a-new-turkish-maas-fraud-operation&ep.gtm_container_info=GTM-WF5KQ9M%7C26%7C&ep.gtm_hit_timestamp=2024-12-09T04%3A34%3A55.72%2B01%3A00&epn.gtm_date_now=1733715295072&ep.gtm_utm_source=&ep.gtm_utm_medium=&ep.gtm_utm_campaign=&ep.gtm_utm_content=&ep.gtm_utm_term=&ep.ga_session_consent_mode=%7C%7C&ep.request_type=client&ep.event_generation_type=gtm&ep.gtm_referrer=&ep.gtm_gclid=&ep.local_timezone_date=20241209&ep.local_timezone_hour=04%3A34&epn.pageview_action_times=0.26&up.user_possible_bot=normal%20user&tfd=810 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XXDJEBQ2SP&l=dataLayer&cx=c&gtm=45He4c40v842765148za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.cleafy.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 03:34:55 GMT content-type text/plain server Golfe2
GET H2	200	core-en.js Show response cdn.iubenda.com/cookie_solution/iubenda_cs/1.70.0/	345 KB 68 KB	62ms 62ms	Script application/javascript	2400:52e0:1e07::1161:1 BunnyCDN BUNNYWAY
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.70.0/core-en.js Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cs/iubenda_cs.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e07::1161:1 , Belgium, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI), Reverse DNS Software BunnyCDN-BE1-1161 / Resource Hash 379ef066604a519d28e30104ed26325d937f7482f5ae17fe9cf11c2f9e529724 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cdn-status 200 content-encoding br etag "6752afb1-10cd7" expires Sat, 06 Dec 2025 08:29:21 GMT p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" date Mon, 09 Dec 2024 03:34:55 GMT last-modified Fri, 06 Dec 2024 08:02:57 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains cdn-cachedat 12/06/2024 08:29:21 cache-control public, must-revalidate, proxy-revalidate, max-age=31536000 cdn-requestpullsuccess True cdn-requesttime 0 cdn-uid a7bd0c3f-43db-400a-80e2-073f933f3c99 cdn-requestid b5e5df8fab1c5016161581d25737cc73 cdn-pullzone 954456 cdn-proxyver 1.06 access-control-allow-origin * cdn-edgestorageid 1161 server BunnyCDN-BE1-1161 cdn-requestcountrycode IT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/	547 KB 216 KB	108ms 33ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_a201a1a3_df26_4c08_b3f4_83464c26ca14&render=explicit&hl=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.cleafy.com Referer https://www.cleafy.com/ Response headers content-encoding gzip age 21592 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Mon, 08 Dec 2025 21:35:03 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 08 Dec 2024 21:35:03 GMT last-modified Mon, 11 Nov 2024 05:00:22 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 220753 x-xss-protection 0 server sffe
GET H2	200	31282315.js Show response cs.iubenda.com/cookie-solution/confs/js/	251 B 773 B	401ms 132ms	Script application/javascript	2400:52e0:1a00::1206:2 BunnyCDN BUNNYWAY
General Check archive.org Show headers Download Go to Full URL https://cs.iubenda.com/cookie-solution/confs/js/31282315.js Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.70.0/core-en.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI), Reverse DNS Software BunnyCDN-IL1-1206 / Resource Hash 86b96efd3989e90aa30c56f5ad7442a2e76b79bb5b5ac741cc070193073970f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cdn-status 200 content-encoding br etag "673b5cc8-fb" expires Mon, 18 Nov 2024 18:21:45 GMT date Mon, 09 Dec 2024 03:34:55 GMT last-modified Mon, 18 Nov 2024 15:27:04 GMT content-type application/javascript vary Accept-Encoding cdn-cache HIT cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains cdn-cachedat 11/18/2024 17:21:45 cache-control public, max-age=3600 cdn-requestpullsuccess True cdn-requesttime 0 cdn-uid a7bd0c3f-43db-400a-80e2-073f933f3c99 cdn-requestid c9670e0090ef9218d5edbb037b32a010 access-control-allow-credentials true cdn-pullzone 1019485 cdn-proxyver 1.06 access-control-allow-origin * cdn-edgestorageid 1206 server BunnyCDN-IL1-1206 cdn-requestcountrycode IT
GET H3	200	anchor www.google.com/recaptcha/enterprise/ Frame 3FA7	0 0	130ms 66ms	Document text/html	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuY2xlYWZ5LmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&badge=inline&cb=ilr3iq5lwkgv Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--dF9S3sLJEkNHvchdyFLyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cleafy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce--dF9S3sLJEkNHvchdyFLyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Mon, 09 Dec 2024 03:34:55 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	tcf-v2-0.27.3.js Show response cdn.iubenda.com/cs/tcf/versions/	119 KB 24 KB	52ms 51ms	Script application/javascript	2400:52e0:1e07::1161:1 BunnyCDN BUNNYWAY
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.27.3.js Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.70.0/core-en.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e07::1161:1 , Belgium, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI), Reverse DNS Software BunnyCDN-BE1-1161 / Resource Hash 4a17046d6b7352731033f95c978991ba168ec7ccefc240ac4c55044f2bb6469c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cdn-status 200 content-encoding br etag "6752afb2-5de1" expires Sat, 06 Dec 2025 08:29:12 GMT p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" date Mon, 09 Dec 2024 03:34:55 GMT last-modified Fri, 06 Dec 2024 08:02:58 GMT content-type application/javascript vary Accept-Encoding cdn-cache HIT cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains cdn-cachedat 12/06/2024 08:29:12 cache-control public, must-revalidate, proxy-revalidate, max-age=31536000 cdn-requestpullsuccess True cdn-requesttime 0 cdn-uid a7bd0c3f-43db-400a-80e2-073f933f3c99 cdn-requestid 8ceaba8b369e9e5699df2c46db8ef673 cdn-pullzone 954456 cdn-proxyver 1.06 access-control-allow-origin * cdn-edgestorageid 1161 server BunnyCDN-BE1-1161 cdn-requestcountrycode IT
GET H2	200	vendorlist.83.json Show response cdn.iubenda.com/cs/tcf/v3-versioned/	610 KB 55 KB	155ms 63ms	XHR application/json	2400:52e0:1e07::1161:1 BunnyCDN BUNNYWAY
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cs/tcf/v3-versioned/vendorlist.83.json Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.27.3.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e07::1161:1 , Belgium, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI), Reverse DNS Software BunnyCDN-BE1-1161 / Resource Hash ebf9979781ac6f999b45cda33b6d5e216167216de4ca9d994e5f5bf898845e9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cdn-status 200 content-encoding br etag "6752afb2-d7fa" expires Sat, 07 Dec 2024 08:29:13 GMT p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" date Mon, 09 Dec 2024 03:34:55 GMT last-modified Fri, 06 Dec 2024 08:02:58 GMT content-type application/json vary Accept-Encoding cdn-cache HIT cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains cdn-cachedat 12/06/2024 08:29:13 cache-control public, must-revalidate, proxy-revalidate, max-age=86400 cdn-requestpullsuccess True cdn-requesttime 0 cdn-uid a7bd0c3f-43db-400a-80e2-073f933f3c99 cdn-requestid 400e4e5a0d69652109950ed07fc7dd49 cdn-pullzone 954456 cdn-proxyver 1.06 access-control-allow-origin * cdn-edgestorageid 1161 server BunnyCDN-BE1-1161 cdn-requestcountrycode IT
GET H2	200	gac-vendors.json Show response cdn.iubenda.com/cs/tcf/	56 KB 13 KB	228ms 136ms	XHR application/json	2400:52e0:1e07::1161:1 BunnyCDN BUNNYWAY
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cs/tcf/gac-vendors.json Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cs/tcf/versions/tcf-v2-0.27.3.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e07::1161:1 , Belgium, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI), Reverse DNS Software BunnyCDN-BE1-1161 / Resource Hash 6f7de1629872d8e979f21bf9fd681433697a1e081dc9e4c0aa81d5c2aa46a0ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cdn-status 200 content-encoding br etag "6752afb2-2f82" expires Sat, 07 Dec 2024 08:29:13 GMT p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" date Mon, 09 Dec 2024 03:34:55 GMT last-modified Fri, 06 Dec 2024 08:02:58 GMT content-type application/json vary Accept-Encoding cdn-cache HIT cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains cdn-cachedat 12/06/2024 08:29:13 cache-control public, must-revalidate, proxy-revalidate, max-age=86400 cdn-requestpullsuccess True cdn-requesttime 0 cdn-uid a7bd0c3f-43db-400a-80e2-073f933f3c99 cdn-requestid 4651dde4b8d859b0631af2885a475c8b cdn-pullzone 954456 cdn-proxyver 1.06 access-control-allow-origin * cdn-edgestorageid 1161 server BunnyCDN-BE1-1161 cdn-requestcountrycode IT
POST H2	204	csdata Show response idb.iubenda.com/	0 607 B	125ms 53ms	XHR text/plain	2400:52e0:1e00::1081:1 CDN77 Datacamp Li...
General Check archive.org Show headers Download Go to Full URL https://idb.iubenda.com/csdata?db=hits1 Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.70.0/core-en.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://www.cleafy.com/ Response headers access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS date Mon, 09 Dec 2024 03:34:56 GMT cdn-cachedat 12/09/2024 03:34:56 access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization cdn-requestpullcode 204 strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=0 cdn-requestpullsuccess True cdn-requesttime 0 cdn-uid a7bd0c3f-43db-400a-80e2-073f933f3c99 x-influxdb-build OSS access-control-allow-credentials true cdn-pullzone 967785 cdn-proxyver 1.06 cdn-requestid e1b20f1a8e8d163a8c3d2885ff627a1d access-control-allow-origin * x-influxdb-version v2.7.5 cdn-edgestorageid 1081 server BunnyCDN-DE1-1081 cdn-requestcountrycode IT
GET H3	200	603d13d936ee41fe7a568f18_Crypto%20-%2032.png cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/	685 B 1 KB	140ms 140ms	Other image/png	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6020129a813fe0c8f1e8053e/603d13d936ee41fe7a568f18_Crypto%20-%2032.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac629c8e2f072a296ec88668e3571991fbadb346b7a9b0813cdac0f004c7207b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.cleafy.com/ Response headers cf-cache-status HIT etag "cba564c7fd9b7a57ba1917e8d68bfd78" x-amz-version-id I2Q6H10UxkZMMoCQwzld3sgAzsORcR_D alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 09 Dec 2024 03:34:56 GMT content-type image/png last-modified Mon, 01 Mar 2021 16:18:35 GMT vary Accept-Encoding priority u=1,i x-amz-id-2 sANZi2znksM0JZCzvQDTKeMdJLTyclCOyqooaWZGQEh09ZgGi107QXjgwZ3qnRSn4WkUgCI5Lw0dHvOsWPpcECrSumRooh8DNtIeevlfRBE= cache-control max-age=31536000, must-revalidate x-amz-request-id J7G730ZWYN36G4E7 cf-ray 8ef1f1384bdb3731-FRA accept-ranges bytes access-control-allow-origin * content-length 685 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	bframe www.google.com/recaptcha/enterprise/ Frame 6A34	0 0	56ms 56ms	Document text/html	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fN0AsbZfuLcFvOKg1mIHvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cleafy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-fN0AsbZfuLcFvOKg1mIHvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Mon, 09 Dec 2024 03:34:56 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s7.addthis.com

URL

https://s7.addthis.com/js/300/addthis_widget.js