it.younited-credit.com Open in urlscan Pro
2620:1ec:bdf::44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://echo7.bluehornet.com/ct/58894866:JkdVyg2NP:m:1:3293110514:49E57A71226CED23F2AA938C40D2DBA2:r
Effective URL:
https://it.younited-credit.com/tasso-promozionale
Submission: On November 30 via api (November 30th 2021, 6:34:36 am UTC) from BE — Scanned from DE

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 23 domains to perform 66 HTTP transactions. The main IP is 2620:1ec:bdf::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is it.younited-credit.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 22nd 2021. Valid for: a year.

This is the only time it.younited-credit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.241.231.49 44.241.231.49	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	18.66.112.7 18.66.112.7	16509 (AMAZON-02) (AMAZON-02)
1	188.165.150.177 188.165.150.177	16276 (OVH) (OVH)
6	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	109.232.194.94 109.232.194.94	50234 (EULERIAN-AS) (EULERIAN-AS)
2	52.222.236.94 52.222.236.94	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.54 13.32.121.54	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	188.40.65.103 188.40.65.103	24940 (HETZNER-AS) (HETZNER-AS)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1	52.30.255.69 52.30.255.69	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	52.222.206.19 52.222.206.19	16509 (AMAZON-02) (AMAZON-02)
1	18.195.248.35 18.195.248.35	16509 (AMAZON-02) (AMAZON-02)
66	28

1 44.241.231.49 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-231-49.us-west-2.compute.amazonaws.com

echo7.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.7 (United States)

ASN16509 (AMAZON-02, US)

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

it.younited-credit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

yuc-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 109.232.194.94 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: et1.eulerian.net

yoc.younited-credit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4832 (United States)

ASN13335 (CLOUDFLARENET, US)

hhlwcyg0ce.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-54.fra60.r.cloudfront.net

cdn.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.40.65.103 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu-log-parser04.kameleoon.net

eu-tlp04.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.255.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-255-69.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-19.fra56.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.248.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-248-35.eu-central-1.compute.amazonaws.com

collection.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	younited-credit.com it.younited-credit.com yoc.younited-credit.com	115 KB
6	google.de www.google.de	1 KB
6	google.com 1 redirects www.google.com	1 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
5	google-analytics.com www.google-analytics.com	21 KB
5	kameleoon.eu hhlwcyg0ce.kameleoon.eu eu-tlp04.kameleoon.eu	49 KB
4	quantserve.com secure.quantserve.com pixel.quantserve.com	21 KB
4	tradedoubler.com 1 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	6 KB
3	googletagmanager.com www.googletagmanager.com	116 KB
3	azureedge.net yuc-cdn.azureedge.net	67 KB
2	facebook.com www.facebook.com	396 B
2	quantcount.com rules.quantcount.com	1 KB
2	facebook.net connect.facebook.net	37 KB
2	decibelinsight.net cdn.decibelinsight.net collection.decibelinsight.net	71 KB
2	trustpilot.com widget.trustpilot.com	9 KB
1	cloudfront.net d6tizftlrpuof.cloudfront.net	8 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	usabilla.com w.usabilla.com	11 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	googleapis.com fonts.googleapis.com	1010 B
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	bluehornet.com 1 redirects echo7.bluehornet.com	621 B
66	23

	Domain	Requested by
6	www.google.de	it.younited-credit.com
6	www.google.com	1 redirects it.younited-credit.com
6	it.younited-credit.com	it.younited-credit.com
5	www.google-analytics.com	yoc.younited-credit.com www.google-analytics.com az416426.vo.msecnd.net it.younited-credit.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
4	eu-tlp04.kameleoon.eu	hhlwcyg0ce.kameleoon.eu
4	yoc.younited-credit.com	it.younited-credit.com yoc.younited-credit.com
3	www.googletagmanager.com	yoc.younited-credit.com
3	yuc-cdn.azureedge.net	it.younited-credit.com yuc-cdn.azureedge.net
2	stats.g.doubleclick.net	az416426.vo.msecnd.net
2	www.facebook.com	it.younited-credit.com
2	pixel.quantserve.com	it.younited-credit.com
2	rules.quantcount.com	secure.quantserve.com
2	secure.quantserve.com	yoc.younited-credit.com clk.tradedoubler.com
2	connect.facebook.net	yoc.younited-credit.com connect.facebook.net
2	widget.trustpilot.com	it.younited-credit.com widget.trustpilot.com
2	clk.tradedoubler.com	1 redirects
1	collection.decibelinsight.net	az416426.vo.msecnd.net
1	d6tizftlrpuof.cloudfront.net	it.younited-credit.com
1	www.googleadservices.com	yoc.younited-credit.com
1	w.usabilla.com	it.younited-credit.com
1	fonts.gstatic.com	fonts.googleapis.com
1	az416426.vo.msecnd.net	it.younited-credit.com
1	cdn.decibelinsight.net	it.younited-credit.com
1	hhlwcyg0ce.kameleoon.eu	it.younited-credit.com
1	fonts.googleapis.com	yuc-cdn.azureedge.net
1	cdnjs.cloudflare.com	it.younited-credit.com
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	echo7.bluehornet.com	1 redirects
66	30

This site contains links to these domains. Also see Links.

Domain
umbraco-vnext-yuc.azurewebsites.net
careers.younited-credit.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
*.tradedoubler.com R3	`2021-09-18` - `2021-12-17`	3 months	crt.sh
it.younited-credit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-22` - `2022-06-16`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
yoc.younited-credit.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.trustpilot.com Amazon	`2021-04-03` - `2022-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.decibelinsight.net Amazon	`2021-03-15` - `2022-04-13`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
kameleoon.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-24` - `2022-04-23`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
w.usabilla.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://it.younited-credit.com/tasso-promozionale
Frame ID: 4994DDF1862ABB679D8EF747FFDAF84C
Requests: 61 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: E00E54F49579E970FD67C231F62BF0F4
Requests: 3 HTTP requests in this frame

Frame: https://w.usabilla.com/6a78217cc121.js?lv=1
Frame ID: BD1D96FD7A9D80AD3D9E75F3260797C2
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/younitedcredit-button-0951fccc0ca45c130aebb6b463f9cc63.png
Frame ID: 09B2C3944B730A7D013D5C81C3D1C6C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chi può ottenere un prestito a tasso promozionale?

Page URL History Show full URLs

https://echo7.bluehornet.com/ct/58894866:JkdVyg2NP:m:1:3293110514:49E57A71226CED23F2AA938C40D2DBA2:r HTTP 302
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso... Page URL
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso... HTTP 302
https://it.younited-credit.com/tasso-promozionale Page URL

Page Statistics

66
Requests

98 %
HTTPS

59 %
IPv6

23
Domains

30
Subdomains

28
IPs

5
Countries

630 kB
Transfer

1932 kB
Size

26
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://umbraco-vnext-yuc.azurewebsites.net/it/glossario/merito-creditizio
Title: merito creditizio

Search URL Search Domain Scan URL

URL: https://careers.younited-credit.com/it
Title: Lavora con noi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/younitedcreditit

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcTWXG6NUgdsXJEG6i73LRw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://echo7.bluehornet.com/ct/58894866:JkdVyg2NP:m:1:3293110514:49E57A71226CED23F2AA938C40D2DBA2:r HTTP 302
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale Page URL
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale HTTP 302
https://it.younited-credit.com/tasso-promozionale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://echo7.bluehornet.com/ct/58894866:JkdVyg2NP:m:1:3293110514:49E57A71226CED23F2AA938C40D2DBA2:r HTTP 302
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale

Request Chain 44

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638254072316&cv=9&fst=1638254072316&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&is_vtc=1&random=4232220849&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&is_vtc=1&random=4232220849&resp=GooglemKTybQhCsO&ipr=y

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

https://echo7.bluehornet.com/ct/58894866:JkdVyg2NP:m:1:3293110514:49E57A71226CED23F2AA938C40D2DBA2:r
https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale

978 B
1 KB

24ms
9ms

Document
text/html

35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 32a1ad4bb38e36c96a05741c90c3c04c9b0ce3c8b8b6f452fb191118c89bde10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Tue, 30 Nov 2021 06:34:31 GMT
content-length: 978
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Tue, 30 Nov 2021 06:34:31 GMT
content-type: text/html; charset=utf-8
content-length: 235
location: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale
server: Apache
vary: X-Forwarded-Proto,Accept-Encoding
amfplus-ver: 1.4.0.0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
4 KB 22ms
6ms Script
application/javascript 18.66.112.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 09:17:39 GMT
Content-Encoding: gzip
Age: 335812
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
ETag: W/"2509-57841106334e6"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 fb49d852ca52c03c834ce98098b51517.cloudfront.net (CloudFront)
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: c274Nxk-wxp8DQxdhmdAbCdv-gzirX8y2nWyg8gCF79TLF7obuqY9Q==
Expires: Fri, 03 Dec 2021 09:17:39 GMT

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 80ms
23ms Ping
text/html 188.165.150.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS: lb01.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clk.tradedoubler.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 06:34:31 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request tasso-promozionale Show response
it.younited-credit.com/
Redirect Chain

https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale
https://it.younited-credit.com/tasso-promozionale

38 KB
12 KB

154ms
134ms

Document
text/html

2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5eca3d29cdbbfcdfdd28b25ed9e0ff57c66cd536a840c2e83ce796ce025f2aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://clk.tradedoubler.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.tradedoubler.com/

Response headers

cache-control: private
content-length: 11149
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-cache: PRIVATE_NOSTORE
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; preload
x-xss-protection: 1; mode=block
x-azure-ref-originshield: 098WlYQAAAADu/c8eVmL8QrqkSY8ryqu3QU1TMDRFREdFMTkxMwAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
x-azure-ref: 098WlYQAAAABno+iC6VUGSrKVPxeYLw+2RlJBRURHRTEwMTgAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
date: Tue, 30 Nov 2021 06:34:31 GMT

Redirect headers

location: https://it.younited-credit.com/tasso-promozionale
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Tue, 30 Nov 2021 06:34:31 GMT
content-length: 254
content-type: text/html; charset=ISO-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 design-pattern-build.css
yuc-cdn.azureedge.net/cdn-public/design-pattern/css/ 459 KB
51 KB 143ms
36ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CCB) /
Resource Hash: 5a1ff7b6d0d393da16cdf1618110d47f5966581810db2471616a5a46f0f14f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 06:34:31 GMT
content-encoding: gzip
content-md5: BU46NM48c93mjVSFtOogww==
age: 540
x-cache: HIT
content-length: 51794
x-ms-lease-status: unlocked
last-modified: Thu, 25 Nov 2021 13:28:40 GMT
server: ECAcc (mil/6CCB)
etag: 0x8D9B0177EC7F941
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f8f7c5ed-901e-005a-79b3-e52932000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=1200
x-ms-version: 2009-09-19
expires: Tue, 30 Nov 2021 06:54:31 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 41ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1577391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDu1ZPBJ2z%2Bfcj7P3O%2FB%2FkrcUh1bc677zARtgCDjw%2FXRGTqzC6ywq%2FMVwSyNmifxn2Yh650hyWOyRFdL7vYJB%2BKd9eh76ssYS%2FP%2Bjd7%2BO%2BqMEAS7R4lCLiWXBb1LnolCqnvpLTVAxgwzw7GGBsSdrH5n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b620cec6e4e5b26-FRA
expires: Sun, 20 Nov 2022 06:34:31 GMT

GET
H2 200 jquery.min.js Show response
it.younited-credit.com/Contents/js/ 84 KB
30 KB 15ms
14ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://it.younited-credit.com/Contents/js/jquery.min.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62bbf148389344b6f69d013ba66a870f4abcea2e08f8a4b0d5bc94756fca999c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/tasso-promozionale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 0DbClYQAAAACg5pnAK9a3RqX433G+h7vBQU1TMDRFREdFMTkwOQAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 30103
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
last-modified: Wed, 10 Nov 2021 17:48:20 GMT
date: Tue, 30 Nov 2021 06:34:31 GMT
x-azure-ref: 098WlYQAAAAAFi57CNW5CTIwgNtz9/k8CRlJBRURHRTEwMTgAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
etag: "0a15265bd6d71:0"
accept-ranges: bytes

GET
H/1.1 200
OK / Show response
yoc.younited-credit.com/info/pret-dunion/ 662 B
994 B 81ms
18ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/info/pret-dunion/?eul_media={media}&eul_publisher={publisher}&eul_ope={ope}&eul_slkeyword={slkeyword}&eul_location={location}&eul_creative={creative}&eul_date={date}&eul_via={via}&eul_keyword={keyword}&eul_searchengine={searchengine}&eul_slpublisher={slpublisher}&eul_publisherurl={publisherurl}&eul_email={email}&eul_refererdomain={refererdomain}

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

bc08240f58be2031b7dd44a1aee5c5461c2174d01ebfe57f9882471d552641b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Tue, 30 Nov 2021 06:34:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
Content-Type: application/javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Vary: User-Agent
Content-Length: 218
X-XSS-Protection: 0
Keep-Alive: timeout=4

GET
H2 200 logo-white.svg
it.younited-credit.com/media/1225/ 18 KB
18 KB 45ms
45ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/1225/logo-white.svg

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/tasso-promozionale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 16:34:54 GMT
x-azure-ref-originshield: 0Y5elYQAAAAA7OYJQBZLNQaG6pYq/AVp8QU1TMDRFREdFMTkwNwAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "0bcca372ffd41:0"
x-azure-ref: 098WlYQAAAACVVB71DZ/aT7ea/ZWDy3gdRlJBRURHRTEwMTgAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 06:34:31 GMT
accept-ranges: bytes
content-length: 18229
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 logo.svg
it.younited-credit.com/media/1242/ 10 KB
10 KB 15ms
15ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/1242/logo.svg

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b7be7a5e1f0db7846d6086dbc9cd793697b3758bc683ee840c04d6a4daedf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/tasso-promozionale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 16:34:38 GMT
x-azure-ref-originshield: 0DbClYQAAAABwFvslKA8FTZYimtlqrnwHQU1TMDRFREdFMTkwOQAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "0a3429a72ffd41:0"
x-azure-ref: 098WlYQAAAAAIGz/HyG7UQpum1LT7Gf2fRlJBRURHRTEwMTgAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 06:34:31 GMT
accept-ranges: bytes
content-length: 9748
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 logo-small.svg
yuc-cdn.azureedge.net/cdn-public/design-pattern/img/ 1 KB
874 B 40ms
39ms Image
image/svg+xml 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/img/logo-small.svg
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C99) /
Resource Hash: faa8abf94e7f4a79062d9878434ba480195e531f1954f4b44e942d2dbf94cde1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 06:34:31 GMT
content-encoding: gzip
content-md5: yCIzDSeZPafgJdqDRsBS2g==
age: 453
x-cache: HIT
content-length: 700
x-ms-lease-status: unlocked
last-modified: Thu, 25 Nov 2021 13:28:40 GMT
server: ECAcc (mil/6C99)
etag: 0x8D9B0177EC4C539
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 778ca617-301e-0088-60b3-e5aadc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Wed, 30 Nov 2022 06:34:31 GMT

GET
H2 200 juste.png
it.younited-credit.com/media/194302/ 11 KB
11 KB 54ms
54ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it.younited-credit.com/media/194302/juste.png

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3f851ec61654b79685430d1157fa715d03ea4249e58f3ebc035d3bd733f48ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/tasso-promozionale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
last-modified: Wed, 24 Apr 2019 13:32:50 GMT
x-azure-ref-originshield: 098WlYQAAAAAgyzLVr7KXSrE6t71mNETtQU1TMDRFREdFMTkxNQAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
etag: "06d1b36a2fad41:0"
x-azure-ref: 098WlYQAAAAABk36u/RusQIAARNwZAaqRRlJBRURHRTEwMTgAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
x-cache: TCP_REMOTE_HIT
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
date: Tue, 30 Nov 2021 06:34:31 GMT
accept-ranges: bytes
content-length: 11093
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9

GET
H2 200 app-80ec458b95.js Show response
it.younited-credit.com/Contents/js/ 33 KB
12 KB 14ms
14ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://it.younited-credit.com/Contents/js/app-80ec458b95.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

81592355fbcd77f55c410975e614c28aed5c374de385ea98eba8c8ac654b5fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/tasso-promozionale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; preload
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 0DbClYQAAAADQPmlZVI8FTp/apx5AAkHIQU1TMDRFREdFMTgxMAAyMmJjNjJmMC03OWYyLTQyYzEtYjRiMC01ZmU2OGRhYzY1YWM=
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 11922
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
last-modified: Wed, 10 Nov 2021 17:48:20 GMT
date: Tue, 30 Nov 2021 06:34:31 GMT
x-azure-ref: 098WlYQAAAACAe8BFkPjrRpqHobCEzM1sRlJBRURHRTEwMTgAMjJiYzYyZjAtNzlmMi00MmMxLWI0YjAtNWZlNjhkYWM2NWFj
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
etag: "0a15265bd6d71:0"
accept-ranges: bytes

GET
H2 200 tp.widget.sync.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 1 KB
1 KB 23ms
6ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2ae052d5fd6e01daee9b546c30e182308a083261ee6a1920c30625a2d81c5a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 2703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 30 Nov 2021 05:49:29 GMT
content-length: 725
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 12:14:13 GMT
server: AmazonS3
etag: "a8b627afb958156461c3c99288acacf5"
content-type: application/x-javascript
via: 1.1 8a6f67a9421de326f43e9107751b580f.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 4XHmkwdgqhsH2T_fGFeFX3wEU5UyH7pJWGKtsg2-orpzskmqIyPvbA==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1010 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,&display=swap

Requested by

Host: yuc-cdn.azureedge.net
URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4da10e43a814d869169a6105d1ded3f864d6e502372a50bf1453c6e2e5141d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yuc-cdn.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 05:49:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 06:34:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 06:34:31 GMT

GET
H2 200 kameleoon.js Show response
hhlwcyg0ce.kameleoon.eu/ 194 KB
48 KB 37ms
18ms Script
application/javascript 2606:4700:20::ac43:4832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba719b6366028770cae8f983921755cbcf0a383a4ae8ffa0c0896ba7e767e142

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 15:29:38 GMT
server: cloudflare
age: 4472
etag: W/"60bf8ce2-30836"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE9M68HEhAfD0swIgZynjNBLG%2F7%2Fc%2Bo2OzsokdzX2HFb93kMuRuhLwbnPWSl4pN%2BN6QkgsQ7tRzXAbT2Y3J2l6eaYkQpIA5UK%2FPiH1jWGVa5csUTjzzWfOC431mlFlPi1j4k5ABdLshzU%2FCmKb9EOzJXDhYA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b620ceddbbc4aa4-FRA
expires: Tue, 30 Nov 2021 06:49:59 GMT

GET
H2 200 di.js Show response
cdn.decibelinsight.net/i/13934/308885/ 174 KB
68 KB 28ms
10ms Script
text/javascript 13.32.121.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.decibelinsight.net/i/13934/308885/di.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-54.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

82279adb1e8eedf4b67db88608f6ec98c7e57603d95bdc9bc1716486a8e7c53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:31 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/000076220-17D6C14BFA2
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
cache-control: private, max-age=5400
access-control-allow-credentials: true
x-cache: Hit from cloudfront
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id: BEfWxP8NNDKkJrRbU86RhW8aFv-1DDPXnV6eNemNOpeDVrjnTKIXSA==

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 117ms
29ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1606
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (mil/6C34)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 853d6d1b-901e-009c-2db0-e54513000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 30 Nov 2021 07:04:32 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ 47 KB
48 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.younited-credit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:36:22 GMT
x-content-type-options: nosniff
age: 521889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 05:36:22 GMT

GET
H2 200 icomoon.ttf
yuc-cdn.azureedge.net/cdn-public/design-pattern/fonts/ 15 KB
15 KB 142ms
38ms Font
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/fonts/icomoon.ttf?baw927
Requested by: Host: yuc-cdn.azureedge.net
URL: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C11) /
Resource Hash: 19755018177b924e15d7e49f6d6684957f2a00cbf6b60f879a641bd3aedc4e2d

Request headers

Referer: https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Origin: https://it.younited-credit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 06:34:32 GMT
content-md5: Vq6RRhztCBLhyGT4NGnS/Q==
age: 541
x-cache: HIT
content-length: 15040
x-ms-lease-status: unlocked
last-modified: Thu, 25 Nov 2021 13:28:40 GMT
server: ECAcc (mil/6C11)
etag: 0x8D9B0177EC51351
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: acf5a21d-201e-004f-6eb3-e53e81000000
access-control-expose-headers: *
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 30 Nov 2022 06:34:32 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 22 KB
8 KB 7ms
7ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a9ddd05afc7b255840510e1d40fda6304d6dc5695fa2ef4c40424d1507d2cfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 10336
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 30 Nov 2021 03:42:16 GMT
content-length: 7358
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 12:14:12 GMT
server: AmazonS3
etag: "158ca99a1f63568e56a39abb980c9aa7"
content-type: application/x-javascript
via: 1.1 8a6f67a9421de326f43e9107751b580f.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: iJD8-fFVBY2U4RuIU-q3fg69JyLNfV2XArDNDdaQoTAIVOpeTz6edw==

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp04.kameleoon.eu/ 0
142 B 50ms
10ms XHR
text/plain 188.40.65.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp04.kameleoon.eu/visit.gif?lp=0&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT1vZW83d3N3NDN0YmIyYzU2JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9MTY3M0U1RjE5RjkwM0NEMyZldmVudFR5cGU9cGFnZSZ0aW1lPTE2MzgyNTQwNzIwMTcmaHJlZj1odHRwcyUzQSUyRiUyRml0LnlvdW5pdGVkLWNyZWRpdC5jb20lMkZ0YXNzby1wcm9tb3ppb25hbGUmdGl0bGU9Q2hpJTIwcHUlQzMlQjIlMjBvdHRlbmVyZSUyMHVuJTIwcHJlc3RpdG8lMjBhJTIwdGFzc28lMjBwcm9tb3ppb25hbGUlM0Yma2V5UGFnZXM9JTVCbnVsbCU1RCZyZWZlcnJlcnM9JTVCbnVsbCU1RA%3D%3D
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.65.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser04.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 06:34:32 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp04.kameleoon.eu/ 0
142 B 50ms
11ms XHR
text/plain 188.40.65.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp04.kameleoon.eu/visit.gif?lp=0&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT1vZW83d3N3NDN0YmIyYzU2JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9NkExNTlEOEJCMDhBRjI1OSZldmVudFR5cGU9c3RhdGljRGF0YSZ0aW1lPTE2MzgyNTQwNzIwMTkmdGltZVNpbmNlUHJldmlvdXNWaXNpdD0wJmxhbmRpbmdQYWdlSHJlZj1odHRwcyUzQSUyRiUyRml0LnlvdW5pdGVkLWNyZWRpdC5jb20lMkZ0YXNzby1wcm9tb3ppb25hbGUmbGFuZGluZ1BhZ2VUaXRsZT1DaGklMjBwdSVDMyVCMiUyMG90dGVuZXJlJTIwdW4lMjBwcmVzdGl0byUyMGElMjB0YXNzbyUyMHByb21vemlvbmFsZSUzRiZsYW5kaW5nUGFnZXM9JTVCbnVsbCU1RCZmaXJzdFJlZmVycmVySHJlZj1odHRwcyUzQSUyRiUyRmNsay50cmFkZWRvdWJsZXIuY29tJTJGJmZpcnN0UmVmZXJyZXJzPSU1Qm51bGwlNUQmbGFuZ3VhZ2U9bnVsbCZicm93c2VyPTAmYnJvd3NlclZlcnNpb249OTYmbW9iaWxlQnJvd3Nlcj1mYWxzZSZvcz0wJndpbmRvd1dpZHRoPTE2MDAmd2luZG93SGVpZ2h0PTEyMDAmc2NyZWVuV2lkdGg9MTYwMCZzY3JlZW5IZWlnaHQ9MTIwMCZqYXZhRW5hYmxlZD1mYWxzZSZ0aW1lWm9uZUlkPUV0YyUyRlVua25vd24mbG9jYWxlTGFuZ3VhZ2VUYWc9ZW4tVVMmZGV2aWNlVHlwZT1ERVNLVE9QJmJyb3dzZXJOYW1lPUNocm9tZSZvc05hbWU9V2luZG93cyZ0aW1lWm9uZUdyb3Vwcz0lNUJudWxsJTVEJnZpc2l0TnVtYmVyPTA%3D
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.65.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser04.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 06:34:32 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp04.kameleoon.eu/ 0
142 B 49ms
11ms XHR
text/plain 188.40.65.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp04.kameleoon.eu/visit.gif?lp=0&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT1vZW83d3N3NDN0YmIyYzU2JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9NzdCMEMyN0FBOEQxNjk1QiZldmVudFR5cGU9YWN0aXZpdHkmdGltZT0xNjM4MjU0MDcyMDIwJmFjdGl2ZT10cnVlJm51bWJlckNsaWNrcz0wJnRhYkNvdW50PTA%3D
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.65.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser04.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 06:34:32 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp04.kameleoon.eu/ 0
142 B 46ms
11ms XHR
text/plain 188.40.65.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp04.kameleoon.eu/visit.gif?lp=0&spt=1623166177792&p=c2l0ZUNvZGU9aGhsd2N5ZzBjZSZ2aXNpdG9yQ29kZT1vZW83d3N3NDN0YmIyYzU2JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9MDZFMjFEM0JDOEJBMUJFNSZldmVudFR5cGU9Y29udGFpbmVycyZ0aW1lPTE2MzgyNTQwNzIwMjMmaWQwPTEzMzA3NiZtZW50YWxpc3REZWNpc2lvbjA9ZmFsc2UmdHJhaW4wPXRydWUmdHlwZTA9RVhQRVJJTUVOVCZ2YXJpYXRpb25JZDA9NTg5MjIyJm51bWJlcj0x
Requested by: Host: hhlwcyg0ce.kameleoon.eu
URL: https://hhlwcyg0ce.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.65.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser04.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 06:34:32 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 200
OK o8310.js Show response
yoc.younited-credit.com/ 35 KB
13 KB 19ms
18ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/o8310.js

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

77fd3d8f24f22d189394898b078cabbbd0eccf555ef1361d29ab5d650495c45d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 06:34:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 12458
X-XSS-Protection: 0
Expires: Tue, 30 Nov 2021 07:34:32 GMT

GET
H/1.1 200
OK 342429321 Show response
yoc.younited-credit.com/col980a/-/ 19 KB
6 KB 112ms
112ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/col980a/-/342429321?rf=https%3A%2F%2Fclk.tradedoubler.com%2F&ss=1600x1200&abTest=t&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&sd=24&urlp=desktop%2F%2F%2F%2Ftasso_promozionale&fra=0&

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/o8310.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

1eb6070a552c4f68bccfaaf126b59b873742c8723c42e2ddca807dfe9b3ec070

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Tue, 30 Nov 2021 06:34:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Strict-Transport-Security: max-age=604800
Content-Type: application/javascript
Cache-Control: max-age=0, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Vary: User-Agent
Content-Length: 5739
X-XSS-Protection: 0
Keep-Alive: timeout=4

GET
H/1.1 200
OK w.js Show response
yoc.younited-credit.com/ 9 KB
4 KB 16ms
16ms Script
application/javascript 109.232.194.94
EULERIAN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yoc.younited-credit.com/w.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/o8310.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

et1.eulerian.net

Software

EWS /

Resource Hash

56f4201510afb724858564187afde49d779f0d0e52534e463e6661f563de20af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 06:34:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: EWS
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Keep-Alive
Accept-Ranges: none
X-Robots-Tag: noindex
Keep-Alive: timeout=4
Content-Length: 3340
X-XSS-Protection: 0
Expires: Tue, 30 Nov 2021 07:34:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/o8310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: B6P/3AUmh3cBMZGUvGq7UdatsdyuFjOD1hESAzJMf3NaVb7gFytPMnyqZDawgyOBy4BUFFEnRpaTAL+4DsPFOg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Nov 2021 06:34:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 40ms
18ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963354740

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/o8310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

086e42b4b645d2eb42d8d7489cec7ba67017d427cea2bd8630c4adc41b23a689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50848
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 06:34:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
31 KB 38ms
28ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M254Q6Q&l=gtmDataLayer

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/col980a/-/342429321?rf=https%3A%2F%2Fclk.tradedoubler.com%2F&ss=1600x1200&abTest=t&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&sd=24&urlp=desktop%2F%2F%2F%2Ftasso_promozionale&fra=0&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18e2d7aa25407638018b47983b4e11a06c5143881da3219e1551cfa37d32ee07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31287
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 06:34:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 41ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128244744-2

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/o8310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c52c125658636eadf7e4b5b57bfbc680ac4d8ef9ee29385b975a767e66f68934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36140
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 06:34:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/o8310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5605
date: Tue, 30 Nov 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 07:01:07 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/col980a/-/342429321?rf=https%3A%2F%2Fclk.tradedoubler.com%2F&ss=1600x1200&abTest=t&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&sd=24&urlp=desktop%2F%2F%2F%2Ftasso_promozionale&fra=0&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 07 Dec 2021 06:34:32 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame E00E 24 KB
10 KB 23ms
13ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=302276&a=3178553&g=25130214&url=https://it.younited-credit.com/tasso-promozionale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 07 Dec 2021 06:34:32 GMT

GET
H2 200 6a78217cc121.js Show response
w.usabilla.com/ Frame BD1D 35 KB
11 KB 94ms
31ms Script
text/javascript 52.30.255.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/6a78217cc121.js?lv=1
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.255.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-255-69.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 37e1982df9bce5df65ae02e0801849c50ada16450ea97fb1508e1d014a016f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "543f38339eebf411ad46d2361734b65f"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 10967

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 48ms
25ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/o8310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 06:34:32 GMT

GET
H3 200 1289765604402216 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 58ms
49ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1289765604402216?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

970ab41ea61ecc43401a41a75248fce304c95ecbb8b24a2652dbc488ebc099e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: L5I6uOFFEfbrjSthcZIa/7xRZPd8E3yBQ8ESvJcwng7ghKSNj8wQWJ4SQcD3jbVznF5O3Vas1TJzZJ+ERT/RwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Nov 2021 06:34:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-gsJG0w14zfeQ6.js Show response
rules.quantcount.com/ 209 B
671 B 25ms
8ms Script
application/javascript 2600:9000:223c:c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gsJG0w14zfeQ6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f3c77a6e5c32429b02f2aee787967f77badd448b3d61159b4f2f2c9198181cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:27 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f9.cloudfront.net (CloudFront)
age: 816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Wed, 22 Apr 2020 08:21:36 GMT
server: AmazonS3
etag: "d97b9b4c24d2d301892e64003b1640fb"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: pQgEmu1bEqHbtf9N4mcQ6ZeZme6ghmpb_zommTq58AUQKsh37LRMaQ==

GET
H2 200 rules-p-gsJG0w14zfeQ6.js Show response
rules.quantcount.com/ Frame E00E 209 B
673 B 18ms
8ms Script
application/javascript 2600:9000:223c:c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gsJG0w14zfeQ6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f3c77a6e5c32429b02f2aee787967f77badd448b3d61159b4f2f2c9198181cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:27 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f9.cloudfront.net (CloudFront)
age: 816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Wed, 22 Apr 2020 08:21:36 GMT
server: AmazonS3
etag: "d97b9b4c24d2d301892e64003b1640fb"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: WOAU_Mrgqb4DCZnzoC6Rh6I3x6hx1EUja1RKFbNcChrORjVJPZkulg==

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 21ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Nov 2021 06:48:28 GMT

GET
H2 200 pixel;r=1521396614;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale;uht=2;fpan=1;fpa=P0-1137044560-1638254072305;pbc=;ns=1;ce=1;qjs=1;qv...
pixel.quantserve.com/ Frame E00E 35 B
475 B 12ms
11ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1521396614;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale;uht=2;fpan=1;fpa=P0-1137044560-1638254072305;pbc=;ns=1;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=younited-credit.com;je=0;sr=1600x1200x24;dst=0;et=1638254072305;tzo=0;ogl=

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1161656745;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale;ref=https%3A%2F%2Fclk.tradedoubler.com%2F;uht=2;fpan=1;fpa=P0-527817...
pixel.quantserve.com/ 35 B
475 B 11ms
10ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1161656745;labels=_fp.event.Default;rf=0;a=p-gsJG0w14zfeQ6;url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale;ref=https%3A%2F%2Fclk.tradedoubler.com%2F;uht=2;fpan=1;fpa=P0-527817923-1638254072307;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;d=younited-credit.com;je=0;sr=1600x1200x24;dst=0;et=1638254072307;tzo=0;ogl=title.Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F%2Curl.https%3A%2F%2Fit%252Eyounited-credit%252Ecom%2Ftasso-promozionale%2Cimage.https%3A%2F%2Fit%252Eyounited-credit%252Ecom%2Ftasso-promozionale%2Fmedia%2F1242%2Flogo%252Esvg%2Clocale.it-IT%2Csite_name.Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 2 KB
2 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638254072313&cv=9&fst=1638254072313&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2e23a1180434827c9e708d2b67e1875811383b74f4f76fa758279b7785841ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 2 KB
1 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638254072316&cv=9&fst=1638254072316&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3587a91fd5e831f6bc26085f2a79bb5b30edd3dda08216bfb50a778c79d2956b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/963354740/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638254072316&cv=9&fst=1638254072316&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

39ms
22ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&is_vtc=1&random=4232220849&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&is_vtc=1&random=4232220849&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 2 KB
1 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1638254072317&cv=9&fst=1638254072317&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1d919faf068c568aa1d67bdbaf57c6c9a97ebdb83fc508fbddc1153fa49901b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1287844608&t=pageview&_s=1&dl=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dp=desktop%2F%2F%2F%2Ftasso_promozionale&ul=en-us&de=UTF-8&dt=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aKBAAAIREAAAAC~&jid=2040897262&gjid=1849820026&cid=4825841517271253403&tid=UA-137580775-2&_gid=132413260.1638254072&_r=1&_slc=1&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=&cm1=NaN&cm2=NaN&cm3=NaN&z=1914588069

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1287844608&t=event&ni=1&_s=1&dr=&dp=desktop%2F%2F%2F%2Ftasso_promozionale&ul=en-us&de=UTF-8&dt=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=none&cs=none&cm=none&ec=none&ea=hit_event&el=none&_u=aKDAAUIREAAAAC~&jid=1918748581&gjid=1646923748&cid=4825841517271253403&tid=UA-128244744-2&_gid=132413260.1638254072&_r=1&gtm=2ouba1&z=174169416

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1287844608&t=pageview&_s=2&dl=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dp=desktop%2F%2F%2F%2Ftasso_promozionale&ul=en-us&de=UTF-8&dt=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aKBAAAIREAAAAC~&jid=&gjid=&cid=4825841517271253403&tid=UA-137580775-2&_gid=132413260.1638254072&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=&cm1=NaN&cm2=NaN&cm3=NaN&z=994358356

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 08:17:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80230
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 25ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1289765604402216&ev=PageView&dl=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&rl=https%3A%2F%2Fclk.tradedoubler.com%2F&if=false&ts=1638254072339&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=28&fbp=fb.1.1638254072336.1154517303&it=1638254072241&coo=false&rqm=GET

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 06:34:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 25ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1289765604402216&ev=ViewContent&dl=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&rl=https%3A%2F%2Fclk.tradedoubler.com%2F&if=false&ts=1638254072340&cd[currency]=EUR&cd[value]=0&cd[content_type]=product&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=28&fbp=fb.1.1638254072336.1154517303&it=1638254072241&coo=false&rqm=GET

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:34:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 06:34:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137580775-2&cid=4825841517271253403&jid=2040897262&gjid=1849820026&_gid=132413260.1638254072&_u=aKBAAAIQEAAAAC~&z=1294268085

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 06:34:32 GMT
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128244744-2&cid=4825841517271253403&jid=1918748581&gjid=1646923748&_gid=132413260.1638254072&_u=aKDAAUIREAAAAC~&z=1040660316

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://it.younited-credit.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 06:34:32 GMT
content-type: text/plain
access-control-allow-origin: https://it.younited-credit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963354740/ 42 B
108 B 45ms
21ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963354740/?random=1638254072317&cv=9&fst=1638252000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&fmt=3&is_vtc=1&random=3346346543&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963354740/ 42 B
108 B 42ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638254072317&cv=9&fst=1638252000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&fmt=3&is_vtc=1&random=3346346543&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963354740/ 42 B
108 B 43ms
20ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963354740/?random=1638254072313&cv=9&fst=1638252000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&fmt=3&is_vtc=1&random=3981836775&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963354740/ 42 B
108 B 41ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638254072313&cv=9&fst=1638252000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&fmt=3&is_vtc=1&random=3981836775&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963354740/ 42 B
108 B 43ms
20ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&fmt=3&is_vtc=1&random=4024491837&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963354740/ 42 B
548 B 40ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963354740/?random=1638254072316&cv=9&fst=1638252000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Ftasso-promozionale&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Chi%20pu%C3%B2%20ottenere%20un%20prestito%20a%20tasso%20promozionale%3F&async=1&fmt=3&is_vtc=1&random=4024491837&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137580775-2&cid=4825841517271253403&jid=2040897262&_u=aKBAAAIQEAAAAC~&z=1130912192

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137580775-2&cid=4825841517271253403&jid=2040897262&_u=aKBAAAIQEAAAAC~&z=1130912192

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128244744-2&cid=4825841517271253403&jid=1918748581&_u=aKDAAUIREAAAAC~&z=323895711

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128244744-2&cid=4825841517271253403&jid=1918748581&_u=aKDAAUIREAAAAC~&z=323895711

Requested by

Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK younitedcredit-button-0951fccc0ca45c130aebb6b463f9cc63.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 09B2 7 KB
8 KB 23ms
7ms Image
image/png 52.222.206.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/younitedcredit-button-0951fccc0ca45c130aebb6b463f9cc63.png
Requested by: Host: it.younited-credit.com
URL: https://it.younited-credit.com/tasso-promozionale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87395fad36f313213d546112a618dc37dfa856289c5e28b3eb2ec59f2aec380c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 14:51:21 GMT
Via: 1.1 920a6dce56a0ee957dbaa3bf4429f8ff.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 01 Jun 2021 07:19:36 GMT
Server: AmazonS3
Age: 6882192
ETag: "0951fccc0ca45c130aebb6b463f9cc63"
X-Cache: Hit from cloudfront
x-amz-version-id: bXvzrgJcCJ04yfBGApnVGdjmaeS8Yb7I
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 7458
X-Amz-Cf-Id: 10ie5lVYBYMdTv5geKffLrrJIE2Xl1_QDyJ9PkTfNjVGu9Pm413NjA==

GET
H/1.1 200
OK c.json Show response
collection.decibelinsight.net/i/13934/308885/ 5 KB
3 KB 26ms
7ms XHR
application/json 18.195.248.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.decibelinsight.net/i/13934/308885/c.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.248.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-248-35.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

734d5f2730133280a781abff824e25e9aceb74460291918737a8a89ed128d8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://it.younited-credit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 06:34:32 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
ETag: W/000073230-17D6F8D52A8
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://it.younited-credit.com
Cache-Control: private, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/13934/	1970-01-20 07:49:50	Name: da_lid Value: -CAD7D6A09A73EA0B287BBB990B3BBF4B2F\|0\|0\|0
.decibelinsight.net/i/13934/	1970-01-19 23:04:15	Name: da_sid Value: F9E4E5938E33AE90BD2AAA134939F5409C\|3\|0\|3
echo7.bluehornet.com/	1970-01-19 23:14:18	Name: AWSALB Value: 0bClw4KIvd3z596oqxmeS49UglrKf8eXaB1BUewRc0Gz+DiFfk7Z1fiMd8yvVf6AJRPW6yPKh6yAZGBKcO+j/e2RmLnIQ6d7pOqEuzZBOYWvCiwz795IPuIR5MuO
echo7.bluehornet.com/	1970-01-19 23:14:18	Name: AWSALBCORS Value: 0bClw4KIvd3z596oqxmeS49UglrKf8eXaB1BUewRc0Gz+DiFfk7Z1fiMd8yvVf6AJRPW6yPKh6yAZGBKcO+j/e2RmLnIQ6d7pOqEuzZBOYWvCiwz795IPuIR5MuO
.tradedoubler.com/	1970-01-20 07:49:50	Name: EH_0 Value: 1z11z1zrMz18gDxTz1NvuyZGmTZPlyDn3nv5puHAD5YXl9WAIPrhQkCOrdHId8apsLfjJEtuYsj0a0GLojhAKZ
.tradedoubler.com/	1970-01-20 07:49:50	Name: GUID Value: 1z11zzrMz2ILLhdzc33a39435c948b3e0ee8c3933a208ec8
.tradedoubler.com/	1970-01-20 07:49:50	Name: TradeDoublerGUID Value: c33a39435c948b3e0ee8c3933a208ec8
.it.younited-credit.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 763b4504e4aa29abde68557c2e617068413ddf966f6a1ceb4c72fcd9647145b1
.it.younited-credit.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 763b4504e4aa29abde68557c2e617068413ddf966f6a1ceb4c72fcd9647145b1
.younited-credit.com/	1970-01-20 08:30:09	Name: etuix Value: SMHpfzdkhsuC_KHPms4F7wb35J8HPzFrkTVmh6nptqKCQJqoYk.CBg--
.younited-credit.com/	1970-01-20 08:11:26	Name: kameleoonVisitorCode Value: _js_oeo7wsw43tbb2c56
.it.younited-credit.com/	1970-01-20 16:35:26	Name: _ga Value: GA1.3.4825841517271253403
.it.younited-credit.com/	1970-01-19 23:05:40	Name: _gid Value: GA1.3.132413260.1638254072
.younited-credit.com/	1970-01-20 01:13:50	Name: _gcl_au Value: 1.1.993708783.1638254072
.quantserve.com/	1970-01-20 01:13:50	Name: d Value: EF0BBgHsJAIYlcHtBKrCgg0YwpSN
.quantserve.com/	1970-01-20 08:34:28	Name: mc Value: 61a5c5f8-4d284-a6f5d-64cf1
.it.younited-credit.com/	1970-01-19 23:04:14	Name: _gat Value: 1
.younited-credit.com/	1970-01-20 16:35:26	Name: _ga Value: GA1.2.4825841517271253403
.younited-credit.com/	1970-01-19 23:05:40	Name: _gid Value: GA1.2.132413260.1638254072
.younited-credit.com/	1970-01-19 23:04:14	Name: _gat_gtag_UA_128244744_2 Value: 1
.younited-credit.com/	1970-01-20 01:13:50	Name: _fbp Value: fb.1.1638254072336.1154517303
.younited-credit.com/	1970-01-20 08:28:42	Name: __qca Value: P0-1137044560-1638254072305
.doubleclick.net/	1970-01-19 23:04:14	Name: test_cookie Value: CheckForPermission
.younited-credit.com/	1970-01-19 23:04:15	Name: da_sid Value: F9E4E5938E33AE90BD2AAA134939F5409C\|3\|0\|3
.younited-credit.com/	1970-01-20 07:49:50	Name: da_lid Value: CAD7D6A09A73EA0B287BBB990B3BBF4B2F\|0\|0\|0
.younited-credit.com/	1970-01-19 23:04:15	Name: da_intState Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
az416426.vo.msecnd.net
cdn.decibelinsight.net
cdnjs.cloudflare.com
clk.tradedoubler.com
collection.decibelinsight.net
connect.facebook.net
d6tizftlrpuof.cloudfront.net
echo7.bluehornet.com
eu-tlp04.kameleoon.eu
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hhlwcyg0ce.kameleoon.eu
it.younited-credit.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
vht.tradedoubler.com
w.usabilla.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
yoc.younited-credit.com
yuc-cdn.azureedge.net
109.232.194.94
13.32.121.54
142.250.186.34
18.195.248.35
18.66.112.7
188.165.150.177
188.40.65.103
2600:9000:223c:c00:6:44e3:f8c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::ac43:4832
2606:4700::6810:135e
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:bdf::44
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.231.97
44.241.231.49
52.222.206.19
52.222.236.94
52.30.255.69
086e42b4b645d2eb42d8d7489cec7ba67017d427cea2bd8630c4adc41b23a689
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
18e2d7aa25407638018b47983b4e11a06c5143881da3219e1551cfa37d32ee07
19755018177b924e15d7e49f6d6684957f2a00cbf6b60f879a641bd3aedc4e2d
1eb6070a552c4f68bccfaaf126b59b873742c8723c42e2ddca807dfe9b3ec070
2ae052d5fd6e01daee9b546c30e182308a083261ee6a1920c30625a2d81c5a49
2b7be7a5e1f0db7846d6086dbc9cd793697b3758bc683ee840c04d6a4daedf1e
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
32a1ad4bb38e36c96a05741c90c3c04c9b0ce3c8b8b6f452fb191118c89bde10
3587a91fd5e831f6bc26085f2a79bb5b30edd3dda08216bfb50a778c79d2956b
37e1982df9bce5df65ae02e0801849c50ada16450ea97fb1508e1d014a016f04
3f3c77a6e5c32429b02f2aee787967f77badd448b3d61159b4f2f2c9198181cb
3f851ec61654b79685430d1157fa715d03ea4249e58f3ebc035d3bd733f48ef8
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4da10e43a814d869169a6105d1ded3f864d6e502372a50bf1453c6e2e5141d6a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
56f4201510afb724858564187afde49d779f0d0e52534e463e6661f563de20af
5a1ff7b6d0d393da16cdf1618110d47f5966581810db2471616a5a46f0f14f54
5eca3d29cdbbfcdfdd28b25ed9e0ff57c66cd536a840c2e83ce796ce025f2aaf
62bbf148389344b6f69d013ba66a870f4abcea2e08f8a4b0d5bc94756fca999c
6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412
734d5f2730133280a781abff824e25e9aceb74460291918737a8a89ed128d8ea
77fd3d8f24f22d189394898b078cabbbd0eccf555ef1361d29ab5d650495c45d
81592355fbcd77f55c410975e614c28aed5c374de385ea98eba8c8ac654b5fed
82279adb1e8eedf4b67db88608f6ec98c7e57603d95bdc9bc1716486a8e7c53c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87395fad36f313213d546112a618dc37dfa856289c5e28b3eb2ec59f2aec380c
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
970ab41ea61ecc43401a41a75248fce304c95ecbb8b24a2652dbc488ebc099e7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9ddd05afc7b255840510e1d40fda6304d6dc5695fa2ef4c40424d1507d2cfe3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
ba719b6366028770cae8f983921755cbcf0a383a4ae8ffa0c0896ba7e767e142
bc08240f58be2031b7dd44a1aee5c5461c2174d01ebfe57f9882471d552641b1
c2e23a1180434827c9e708d2b67e1875811383b74f4f76fa758279b7785841ba
c52c125658636eadf7e4b5b57bfbc680ac4d8ef9ee29385b975a767e66f68934
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1d919faf068c568aa1d67bdbaf57c6c9a97ebdb83fc508fbddc1153fa49901b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
faa8abf94e7f4a79062d9878434ba480195e531f1954f4b44e942d2dbf94cde1

it.younited-credit.com Open in urlscan Pro 2620:1ec:bdf::44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

66 Requests

98 %HTTPS

59 %IPv6

23 Domains

30 Subdomains

28 IPs

5 Countries

630 kBTransfer

1932 kBSize

26 Cookies

4 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

it.younited-credit.com Open in urlscan Pro
2620:1ec:bdf::44 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

59 %
IPv6

23
Domains

30
Subdomains

28
IPs

5
Countries

630 kB
Transfer

1932 kB
Size

26
Cookies

66 HTTP transactions
0 data transactions