urlscan.io logo urlscan.io
SecurityTrails logo

it.younited-credit.com Open in urlscan Pro
40.115.45.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tr.clkdem.com/go/1565344862/1556272601/7aa88dbb4a8f671a316daf86b5f82c03/jismpnmn/12/100
Effective URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Submission: On August 30 via api from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 7 countries across 26 domains to perform 64 HTTP transactions. The main IP is 40.115.45.129, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is it.younited-credit.com.
TLS certificate: Issued by Sectigo ECC Organization Validation S... on February 28th 2019. Valid for: 2 years.
This is the only time it.younited-credit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.249.183.232 34081 (SERVER24-...)
2 2 52.49.160.253 16509 (AMAZON-02)
2 6 109.232.194.94 50234 (EULERIAN-AS)
9 40.115.45.129 8075 (MICROSOFT...)
4 2606:2800:133... 15133 (EDGECAST)
4 13.35.253.71 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.229.233.4 15133 (EDGECAST)
1 152.199.19.160 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
1 109.232.194.248 50234 (EULERIAN-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.2 54113 (FASTLY)
1 13.35.253.25 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 109.232.197.99 50234 (EULERIAN-AS)
1 172.217.18.162 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 104.155.63.91 15169 (GOOGLE)
1 151.101.14.2 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 13.35.253.95 16509 (AMAZON-02)
1 40.118.73.208 8075 (MICROSOFT...)
2 6 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
64 26
1    185.249.183.232 (Italy)

ASN34081 (SERVER24-AS INCUBATEC GmbH - Srl, IT)
PTR: mta183-232.maildome.com
tr.clkdem.com
2    52.49.160.253 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-160-253.eu-west-1.compute.amazonaws.com
trk.vrtrackdem.it
beverlyhillseditions.go2cloud.org
6    109.232.194.94 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: et1.eulerian.net
yoc.younited-credit.com
9    40.115.45.129 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
it.younited-credit.com
4    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
yuc-cdn.azureedge.net
4    13.35.253.71 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-71.fra6.r.cloudfront.net
widget.trustpilot.com
1    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    192.229.233.4 (Los Angeles, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
hhlwcyg0ce.kameleoon.eu
1    152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
5    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    109.232.194.248 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: gs.fr.eu.euleriancdn.net
spa56c.eolcdn.com
3    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
1    13.35.253.25 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-25.fra6.r.cloudfront.net
cdn.powerspace.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    109.232.197.99 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: e3rd.eulerian.net
ew3.io
1    172.217.18.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    104.155.63.91 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 91.63.155.104.bc.googleusercontent.com
an.pwspace.com
1    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
trc.taboola.com
4    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
6    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    13.35.253.95 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-95.fra6.r.cloudfront.net
t.contentsquare.net
1    40.118.73.208 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
insitez.blob.core.windows.net
6    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
9 it.younited-credit.com it.younited-credit.com
6 www.google-analytics.com 2 redirects yoc.younited-credit.com
www.google-analytics.com
www.googletagmanager.com
6 www.google.de it.younited-credit.com
6 www.google.com 2 redirects it.younited-credit.com
6 yoc.younited-credit.com 2 redirects it.younited-credit.com
yoc.younited-credit.com
5 fonts.gstatic.com it.younited-credit.com
4 googleads.g.doubleclick.net www.googleadservices.com
4 widget.trustpilot.com it.younited-credit.com
widget.trustpilot.com
az416426.vo.msecnd.net
4 yuc-cdn.azureedge.net it.younited-credit.com
3 www.googletagmanager.com yoc.younited-credit.com
2 stats.g.doubleclick.net 2 redirects
2 www.facebook.com it.younited-credit.com
2 connect.facebook.net yoc.younited-credit.com
connect.facebook.net
1 insitez.blob.core.windows.net yoc.younited-credit.com
1 t.contentsquare.net yoc.younited-credit.com
1 trc.taboola.com cdn.taboola.com
1 an.pwspace.com cdn.powerspace.com
1 www.googleadservices.com www.googletagmanager.com
1 ew3.io yoc.younited-credit.com
1 cdn.powerspace.com it.younited-credit.com
1 cdn.taboola.com it.younited-credit.com
1 spa56c.eolcdn.com yoc.younited-credit.com
1 az416426.vo.msecnd.net it.younited-credit.com
1 hhlwcyg0ce.kameleoon.eu it.younited-credit.com
1 fonts.googleapis.com it.younited-credit.com
1 cdnjs.cloudflare.com it.younited-credit.com
1 beverlyhillseditions.go2cloud.org 1 redirects
1 trk.vrtrackdem.it 1 redirects
1 tr.clkdem.com 1 redirects
64 29

This site contains no links.

Subject Issuer Validity Valid
*.younited-credit.com
Sectigo ECC Organization Validation Secure Server CA		 2019-02-28 -
2021-02-27		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
yoc.younited-credit.com
Let's Encrypt Authority X3		 2019-08-12 -
2019-11-10		 3 months crt.sh
*.trustpilot.com
Amazon		 2019-05-29 -
2020-06-29		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
*.storage.kameleoon.com
DigiCert SHA2 Secure Server CA		 2017-10-24 -
2020-09-01		 3 years crt.sh
*.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
spa56c.eolcdn.com
Let's Encrypt Authority X3		 2019-08-27 -
2019-11-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
cdn.powerspace.com
Amazon		 2019-01-15 -
2020-02-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
ew3.io
COMODO RSA Domain Validation Secure Server CA		 2018-02-07 -
2020-05-07		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
an.pwspace.com
Let's Encrypt Authority X3		 2019-07-23 -
2019-10-21		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
*.contentsquare.net
Amazon		 2019-03-14 -
2020-04-14		 a year crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 1		 2019-05-01 -
2021-05-01		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Frame ID: 318F321B810C1D9B8ADEAF15D0AC623A
Requests: 59 HTTP requests in this frame

Frame: https://hhlwcyg0ce.kameleoon.eu/
Frame ID: 8FF450DAF759BFCF77A7C3761A59FDA1
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=56fcd41d0000ff00058ad9bc
Frame ID: 4CFF7D44BEA2B46648EC450E9E947174
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/unip/1150270/tfa.js
Frame ID: 731810B81EBCC9938266099F53AEBE81
Requests: 2 HTTP requests in this frame

Frame: https://cdn.powerspace.com/bt.js
Frame ID: AFA4960913B6B033CD47D0D2F408C1DF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tr.clkdem.com/go/1565344862/1556272601/7aa88dbb4a8f671a316daf86b5f82c03/jismpnmn/12/100 HTTP 302
    http://trk.vrtrackdem.it/aff_c?offer_id=3538&aff_id=1489&url_id=6070&file_id=23438 HTTP 302
    https://beverlyhillseditions.go2cloud.org/aff_c?offer_id=3538&aff_id=1489&url_id=6070&file_id=23438 HTTP 302
    http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNW3N8rLaDmom.rJM2CiYmUQGWsgjkw--/?e... HTTP 302
    https://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNW3N8rLaDmom.rJM2CiYmUQGWsgjkw--/?e... HTTP 302
    https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

64
Requests

100 %
HTTPS

43 %
IPv6

26
Domains

29
Subdomains

26
IPs

7
Countries

722 kB
Transfer

2301 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tr.clkdem.com/go/1565344862/1556272601/7aa88dbb4a8f671a316daf86b5f82c03/jismpnmn/12/100 HTTP 302
    http://trk.vrtrackdem.it/aff_c?offer_id=3538&aff_id=1489&url_id=6070&file_id=23438 HTTP 302
    https://beverlyhillseditions.go2cloud.org/aff_c?offer_id=3538&aff_id=1489&url_id=6070&file_id=23438 HTTP 302
    http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNW3N8rLaDmom.rJM2CiYmUQGWsgjkw--/?eemail= HTTP 302
    https://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNW3N8rLaDmom.rJM2CiYmUQGWsgjkw--/?eemail= HTTP 302
    https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1659441622&t=pageview&_s=1&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&dp=desktop%2F%2F%2F%2FNew_Landing_Page-Tass0&ul=en-us&de=UTF-8&dt=Younited%20Credit%20-%20Prestiti%20Personali%20Online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aKBAAAIRE~&jid=560644818&gjid=1535484759&cid=18444228507258704255&tid=UA-137580775-2&_gid=109227843.1567176547&_r=1&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cm1=NaN&cm2=NaN&cm3=NaN&z=736412938 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_gid=109227843.1567176547&gjid=1535484759&_v=j79&z=736412938 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_v=j79&z=736412938 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_v=j79&z=736412938&slf_rd=1&random=440943833
Request Chain 61
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1659441622&t=event&ni=1&_s=1&dr=&dp=desktop%2F%2F%2F%2FNew_Landing_Page-Tass0&ul=en-us&de=UTF-8&dt=Younited%20Credit%20-%20Prestiti%20Personali%20Online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&cn=none&cs=none&cm=none&ec=none&ea=hit_event&el=none&_u=aKDAAUIRE~&jid=263822827&gjid=284907110&cid=18444228507258704255&tid=UA-128244744-2&_gid=109227843.1567176547&_r=1&gtm=2oa8l2&z=1449309407 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_gid=109227843.1567176547&gjid=284907110&_v=j79&z=1449309407 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_v=j79&z=1449309407 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_v=j79&z=1449309407&slf_rd=1&random=1994880644

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set landing-page_promo_maggio
it.younited-credit.com/lp/
Redirect Chain
  • https://tr.clkdem.com/go/1565344862/1556272601/7aa88dbb4a8f671a316daf86b5f82c03/jismpnmn/12/100
  • http://trk.vrtrackdem.it/aff_c?offer_id=3538&aff_id=1489&url_id=6070&file_id=23438
  • https://beverlyhillseditions.go2cloud.org/aff_c?offer_id=3538&aff_id=1489&url_id=6070&file_id=23438
  • http://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNW3N8rLaDmom.rJM2CiYmUQGWsgjkw--/?eemail=
  • https://yoc.younited-credit.com/click/pret-dunion-it/DEQwyRwgEDJm_8YpRfjMNW3N8rLaDmom.rJM2CiYmUQGWsgjkw--/?eemail=
  • https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
144 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
e9570ecabc8f6eda0a93a4bb38d414762e0b94079f9cd3baac44116e5425063c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
it.younited-credit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Cookie
etuix=xfYg0NHGLm3z2mDemcmNXxgQ2XY2OwTzLA_4j8rYPnjg0IKoqX9qYQ--
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
nginx
Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Access-Control-Expose-Headers
Request-Context
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=10886400; preload
X-XSS-Protection
1; mode=block
Set-Cookie
ARRAffinity=aee85f43b95bd7f90348f74d6e5f1d52a06f1ae97c8142d6867d05cdadd93219;Path=/;HttpOnly;Domain=it.younited-credit.com
X-Proxy-Cache
HIT
Content-Encoding
gzip

Redirect headers

Date
Fri, 30 Aug 2019 14:49:05 GMT
Server
EWS
Accept-Ranges
none
Content-Length
0
P3P
policyref="http://yoc.younited-credit.com/w3c/p3p.xml",CP="NOI DSP COR NID ADMa DEVa OUR IND UNI"
Connection
Close
Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control
max-age=0, private
Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
X-XSS-Protection
0
Set-Cookie
etuix=xfYg0NHGLm3z2mDemcmNXxgQ2XY2OwTzLA_4j8rYPnjg0IKoqX9qYQ--; expires=Sat, 26 Sep 2020 14:49:05 GMT; domain=.younited-credit.com; path=/; secure; HttpOnly etuix=; domain=yoc.younited-credit.com; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT
Location
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
design-pattern-build.css
yuc-cdn.azureedge.net/cdn-public/design-pattern/css/ 		287 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F07) /
Resource Hash
60ea5becec426701f1a5ce2108b289079d3d95c04a2dac0ecc501119936e4b7b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
content-md5
C+Zx0iGK1iIRb2e+FWbnQg==
x-cache
HIT
status
200
content-length
30210
x-ms-lease-status
unlocked
last-modified
Tue, 30 Jul 2019 14:42:20 GMT
server
ECAcc (frc/8F07)
etag
0x8D714FC20317BFF
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
27b9f1bd-101e-0019-0a40-5fcf6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=1200
x-ms-version
2009-09-19
expires
Fri, 30 Aug 2019 15:09:06 GMT
/
yoc.younited-credit.com/info/pret-dunion/ 		662 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yoc.younited-credit.com/info/pret-dunion/?eul_media={media}&eul_publisher={publisher}&eul_ope={ope}&eul_slkeyword={slkeyword}&eul_location={location}&eul_creative={creative}&eul_date={date}&eul_via={via}&eul_keyword={keyword}&eul_searchengine={searchengine}&eul_slpublisher={slpublisher}&eul_publisherurl={publisherurl}&eul_email={email}&eul_refererdomain={refererdomain}
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
et1.eulerian.net
Software
EWS /
Resource Hash
7585b5b69bc0e1118f49f2614ede4eefa8167a2d2c28104c8f6cd5db65dc333b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Content-Type
application/javascript
Cache-Control
max-age=0, private
Connection
Keep-Alive
Accept-Ranges
none
Vary
User-Agent
Content-Length
218
X-XSS-Protection
0
Keep-Alive
timeout=4
logo-white.svg
it.younited-credit.com/Contents/img/brand/ 		18 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.younited-credit.com/Contents/img/brand/logo-white.svg
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Jun 2019 15:04:18 GMT
Server
nginx
ETag
W/"085731b3021d51:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
image/svg+xml
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Access-Control-Expose-Headers
Request-Context
Cache-Control
public,max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
logo.svg
it.younited-credit.com/media/1242/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.younited-credit.com/media/1242/logo.svg
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
2b7be7a5e1f0db7846d6086dbc9cd793697b3758bc683ee840c04d6a4daedf1e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Expires
Sun, 29 Sep 2019 14:49:06 GMT
Last-Modified
Tue, 30 Apr 2019 16:34:38 GMT
Server
nginx
ETag
W/"0a3429a72ffd41:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
image/svg+xml
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=2592000
X-Proxy-Cache
HIT
affiliation-mailing-tn.png
it.younited-credit.com/media/192179/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.younited-credit.com/media/192179/affiliation-mailing-tn.png
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
c19d3f7bcbfb3865c39cf46850275aa2df4cb7caca7484ec3a0b4428df0bde3c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3854
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Expires
Sun, 29 Sep 2019 14:49:06 GMT
Last-Modified
Tue, 13 Mar 2018 15:45:20 GMT
Server
nginx
ETag
"0e88c4ae2bad31:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=2592000
Accept-Ranges
bytes
X-Proxy-Cache
HIT
logo-white.svg
it.younited-credit.com/media/1225/ 		18 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.younited-credit.com/media/1225/logo-white.svg
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Expires
Sun, 29 Sep 2019 14:49:06 GMT
Last-Modified
Tue, 30 Apr 2019 16:34:54 GMT
Server
nginx
ETag
W/"0bcca372ffd41:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
image/svg+xml
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=2592000
X-Proxy-Cache
HIT
app-3d8bdf3490.js
it.younited-credit.com/Contents/js/ 		529 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.younited-credit.com/Contents/js/app-3d8bdf3490.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
8f80c0263c7f6e7dc65bf856bf6a403c2a99abe23b691629abc197f895735415
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 26 Jul 2019 16:46:08 GMT
Server
nginx
ETag
W/"088789fd143d51:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
application/x-javascript
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Access-Control-Expose-Headers
Request-Context
Cache-Control
public,max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
tp.widget.sync.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7aae82e508713d1efb40168d67332514e0a69f5239a935cb6a827feb1c7eda6f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 07:15:41 GMT
content-encoding
gzip
age
27304
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
758
last-modified
Wed, 24 Jul 2019 07:13:53 GMT
server
AmazonS3
etag
"ccb36128b27324c33874315b703464bf"
content-type
application/x-javascript
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
bvlu4aPh2Y2veIQCxna97BYHYAgglpG3MgWU_wG5G8R2-0QfKMzDQA==
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11810488
status
200
served-in-seconds
0.025
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
50e791c639e5cbac-VIE
expires
Wed, 19 Aug 2020 14:49:06 GMT
css
fonts.googleapis.com/ 		9 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Work+Sans:400,600,700
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
38a7cd5849a5bd78103865c86e5eafc40793fe3e5cc8819095aac71e77586548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 30 Aug 2019 14:49:06 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 30 Aug 2019 14:49:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 30 Aug 2019 14:49:06 GMT
tedc6086.js
yoc.younited-credit.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yoc.younited-credit.com/tedc6086.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
et1.eulerian.net
Software
EWS /
Resource Hash
53d8d93785d75370fcb2e75556c5b73ab8f24b3bd0fcdde8bba7025a6fd4a11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
EWS
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3600, private
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=4
Content-Length
11851
X-XSS-Protection
0
Expires
Fri, 30 Aug 2019 15:49:06 GMT
/
hhlwcyg0ce.kameleoon.eu/ Frame 8FF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hhlwcyg0ce.kameleoon.eu/
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.4 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DC) /
Resource Hash

Request headers

:method
GET
:authority
hhlwcyg0ce.kameleoon.eu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1

Response headers

status
200
content-encoding
br
accept-ranges
bytes
cache-control
max-age=5400
content-type
text/html; charset=utf-8
date
Fri, 30 Aug 2019 14:49:18 GMT
etag
"5d5198a8-44b4e"
expires
Fri, 30 Aug 2019 16:19:18 GMT
last-modified
Mon, 12 Aug 2019 16:49:44 GMT
server
ECS (fcn/40DC)
vary
Accept-Encoding
x-cache
HIT
content-length
56307
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jun 2019 21:34:18 GMT
server
ECAcc (frc/8FA5)
etag
0x8D6EEB48F61B4AC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aded621b-001e-0095-321c-5f85d7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, immutable
x-ms-version
2009-09-19
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
wave-bottom-grey.svg
yuc-cdn.azureedge.net/cdn-public/design-pattern/img/ 		809 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yuc-cdn.azureedge.net/cdn-public/design-pattern/img/wave-bottom-grey.svg
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F08) /
Resource Hash
3b2668e035d74099f90fe3e6aa91166e561dcbf36ba4859048f8959fa2371ff8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
content-md5
ZSLvaSYthhg/sZ8aVjBSGQ==
x-cache
HIT
status
200
content-length
467
x-ms-lease-status
unlocked
last-modified
Mon, 29 Jul 2019 09:06:07 GMT
server
ECAcc (frc/8F08)
etag
0x8D71403FDF8784C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
40c655a7-501e-008e-7041-5f9963000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
expires
Sat, 29 Aug 2020 14:49:06 GMT
QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Work+Sans:400,600,700
Origin
https://it.younited-credit.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 03:06:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:40 GMT
server
sffe
age
646933
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
16608
x-xss-protection
0
expires
Sat, 22 Aug 2020 03:06:53 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Work+Sans:400,600,700
Origin
https://it.younited-credit.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 24 Aug 2019 06:30:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
548301
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Sun, 23 Aug 2020 06:30:45 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Work+Sans:400,600,700
Origin
https://it.younited-credit.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 12:30:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
8341
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9080
x-xss-protection
0
expires
Sat, 29 Aug 2020 12:30:05 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v5/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Work+Sans:400,600,700
Origin
https://it.younited-credit.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 21:41:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:14 GMT
server
sffe
age
234471
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
15112
x-xss-protection
0
expires
Wed, 26 Aug 2020 21:41:15 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Work+Sans:400,600,700
Origin
https://it.younited-credit.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 22 Aug 2019 16:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
686729
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9180
x-xss-protection
0
expires
Fri, 21 Aug 2020 16:03:37 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58dbae5bdf2b5e9ac2518952762a7d601120590b706c13577ae102c5cabeef73

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 29 Aug 2019 21:21:33 GMT
content-encoding
gzip
age
62853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
6405
last-modified
Wed, 24 Jul 2019 07:13:52 GMT
server
AmazonS3
etag
"46836a70570cb9d1b7d22070fd761a91"
content-type
application/x-javascript
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
RLsVdLM59qvM4SFpOmBd6Z6VPO_Yco5pFoYP4S2tyXEVQ0WKg64UZg==
889272060
yoc.younited-credit.com/col157a/-/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yoc.younited-credit.com/col157a/-/889272060?fra=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&ss=1600x1200&urlp=desktop%2F%2F%2F%2FNew_Landing_Page-Tass0&sd=24&
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
et1.eulerian.net
Software
EWS /
Resource Hash
f23fa5700491355d2c8c221dd24813b64f0cf4a3deff3b73b9386dbb21d1bd9c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Content-Type
application/javascript
Cache-Control
max-age=0, private
Connection
Keep-Alive
Accept-Ranges
none
Vary
User-Agent
Content-Length
5237
X-XSS-Protection
0
Keep-Alive
timeout=4
juste-2.png
it.younited-credit.com/media/193421/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.younited-credit.com/media/193421/juste-2.png
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
18ad86902c285b6fd658a1a4ddd44caff74e55cf8d603eed43e285650d80465a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3848
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Expires
Sun, 29 Sep 2019 14:49:06 GMT
Last-Modified
Thu, 23 May 2019 21:21:52 GMT
Server
nginx
ETag
"09868aad11d51:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=2592000
Accept-Ranges
bytes
X-Proxy-Cache
HIT
sign-2-8.png
it.younited-credit.com/media/194113/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.younited-credit.com/media/194113/sign-2-8.png
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
bd9bd9fe33dc24ba3b4d4bb9455294b46d4b9b0bbf4d8977106c3774c6d9eac8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3045
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Expires
Sun, 29 Sep 2019 14:49:06 GMT
Last-Modified
Tue, 02 Apr 2019 16:27:20 GMT
Server
nginx
ETag
"024a0f170e9d41:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=2592000
Accept-Ranges
bytes
X-Proxy-Cache
HIT
hardware.png
it.younited-credit.com/media/191877/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.younited-credit.com/media/191877/hardware.png
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.115.45.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
4662ac70109fe61c3eeb8af0be398e9660f90bf62cd46e52f4733f7e68ec871f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 14:49:06 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2037
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:9e931d37-0e4c-41f6-b76c-76711e730ca9
Expires
Sun, 29 Sep 2019 14:49:06 GMT
Last-Modified
Thu, 23 May 2019 21:07:42 GMT
Server
nginx
ETag
"0e3628fab11d51:0"
Strict-Transport-Security
max-age=10886400; preload
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=2592000
Accept-Ranges
bytes
X-Proxy-Cache
HIT
56fcd41d0000ff00058ad9bc
widget.trustpilot.com/data/jsonld/business-unit/ 		683 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/data/jsonld/business-unit/56fcd41d0000ff00058ad9bc?type=Organization&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&templateId=54ad5defc6454f065c28af8b&locale=it-IT
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
88bdf87f4e6ee57960d9e621fc5b55cc6eb6e9b847d2f28f40122a1a8650be7f

Request headers

Sec-Fetch-Mode
cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Aug 2019 14:35:57 GMT
content-encoding
gzip
age
1048
x-cache
Hit from cloudfront
status
200
content-length
435
access-control-allow-origin
*
x-skip-cache-cookie
0
etag
"f22243a3ad4f5583d0f925ab851ee0c0"
vary
Accept-Encoding
x-fallback-status
BYPASS
content-type
application/json; charset=utf-8
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
cache-control
public,max-age=1800
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
XgnlxieHNDn5n-kyJq7qoM-0N8CkiqOrxP1UJP5I5sAAeLJc8OgPng==
index.html
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/ Frame 4CFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=56fcd41d0000ff00058ad9bc
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
widget.trustpilot.com
:scheme
https
:path
/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=56fcd41d0000ff00058ad9bc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1

Response headers

status
200
content-type
text/html
content-length
2932
date
Tue, 27 Aug 2019 13:03:37 GMT
last-modified
Tue, 27 Aug 2019 13:03:17 GMT
etag
"6d38433be1c24f90e7420b253445c3c7"
x-amz-server-side-encryption
AES256
cache-control
max-age=86400
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
age
6159
x-cache
Hit from cloudfront
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
LaOlcp-XMBPE_bNdbDZu6VBbQN716eYD3mT55YIrY7ksUdlHrH-mpg==
app-simulator.1.19.182.1.js
yuc-cdn.azureedge.net/cdn-public/simulator/ 		406 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yuc-cdn.azureedge.net/cdn-public/simulator/app-simulator.1.19.182.1.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FC3) /
Resource Hash
4118d1edbb976e2bbc47da968834db81c7698939cc4ae46fbe2d11322f5fa1db

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
content-md5
mIzOHZDNwEuEpt9mgKvjRg==
x-cache
HIT
status
200
content-length
115321
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jul 2019 08:39:44 GMT
server
ECAcc (frc/8FC3)
etag
0x8D7005B2A5C371B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1a52cc02-601e-003c-3b41-5f6612000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=1200
x-ms-version
2009-09-19
expires
Fri, 30 Aug 2019 15:09:06 GMT
w.js
spa56c.eolcdn.com/ea-misc/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spa56c.eolcdn.com/ea-misc/js/w.js
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.232.194.248 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
gs.fr.eu.euleriancdn.net
Software
nginx /
Resource Hash
56f4201510afb724858564187afde49d779f0d0e52534e463e6661f563de20af

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2016 15:54:38 GMT
server
nginx
etag
"56c497be-d11"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
content-length
3345
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-963354740
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de7c79e6c1fadaaa9777a0fdc2b57ff3a3a06208f74ac23808e8ad19df2d1a90
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
br
last-modified
Fri, 30 Aug 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26610
x-xss-protection
0
expires
Fri, 30 Aug 2019 14:49:06 GMT
gtm.js
www.googletagmanager.com/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M254Q6Q&l=gtmDataLayer
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/col157a/-/889272060?fra=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&ss=1600x1200&urlp=desktop%2F%2F%2F%2FNew_Landing_Page-Tass0&sd=24&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a376b51e80f99661ccee85a6af9b50346b32c53244694e4540661035cc0d68d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
br
last-modified
Fri, 30 Aug 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
19238
x-xss-protection
0
expires
Fri, 30 Aug 2019 14:49:06 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1150270/ Frame 7318 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1150270/tfa.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e41406a028a021e3f26a20067d89185f69a2b901b341162904bca62d86ea82d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
DO1pr8LmMHSh8e7CnaT3fzUoTXNbdt3K
content-encoding
gzip
etag
"4f0b565124b63b5acd09affd77139322"
age
0
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
12346
x-amz-id-2
XfoZvq5c1QHyn87TCUCWkYQfq68o51aZHQK1L2r5bVHqd8BL8lvodZSzyhGPF60T+uxXOQLDYsE=
x-served-by
cache-hhn4067-HHN
last-modified
Tue, 20 Aug 2019 04:05:28 GMT
server
AmazonS3
x-timer
S1567176546.381944,VS0,VE128
date
Fri, 30 Aug 2019 14:49:06 GMT
vary
Accept-Encoding
x-amz-request-id
8510440A775F4D02
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
67
x-cache-hits
1
bt.js
cdn.powerspace.com/ Frame AFA4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.powerspace.com/bt.js
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1877d816f1218da9732e9a20fe82959beb17697b0c752b4e8cc987fc8bf9bdd8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 10:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Aug 2019 08:36:48 GMT
Server
AmazonS3
Age
22209
Vary
Accept-Encoding
x-amz-meta-version
2.4.2
Content-Type
application/javascript
Via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
Q6ZS3juP4_hb4WgVEG0LmpEo3SoUIm27PTMQlsOWwzsOTrUXSa-kHQ==
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23404
x-xss-protection
0
pragma
public
x-fb-debug
/W9nxIYp85PSVIKOSBClNIMNgP7xFEP9Dn2SRy4GfKWvb8q8njhQ78Y0rao0M6eTabF3NhoVdWKSf+k3pRaerQ==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Fri, 30 Aug 2019 14:49:06 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ew3.io/consent/78.cqhA0YQu0lXvnvmIeye4jOCMW84938nOk1Y9tYDTp4MpIbitW.vwmbFDY4_syMSIe/ 		114 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ew3.io/consent/78.cqhA0YQu0lXvnvmIeye4jOCMW84938nOk1Y9tYDTp4MpIbitW.vwmbFDY4_syMSIe/?r=&u=
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.197.99 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
e3rd.eulerian.net
Software
EWS /
Resource Hash
d3f666a79854da2c10aca00497137cf7687d9a7520672fd114e3621b66f1506a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Fri, 30 Aug 2019 14:49:06 GMT
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
P3P
policyref="http://ew3.io/w3c/p3p.xml",CP="NOI DSP COR NID ADMa DEVa OUR IND UNI"
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
Content-Type
application/x-javascript
Content-Length
114
X-XSS-Protection
0
1289765604402216
connect.facebook.net/signals/config/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1289765604402216?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
005b3947f6f3931bd20dd9766796fb7ce6dd597500442f83cffdbb2cf5d366be
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10164
x-xss-protection
0
pragma
public
x-fb-debug
ZJWYQsmsgvjPjgSk02Xwsajz9xe7b6enT6YtQZdo5SqHfdbyKMljfjvRS7mIUlb3eAVlHEcTA4BEy2nNK3IyUQ==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Fri, 30 Aug 2019 14:49:06 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
icomoon.ttf
yuc-cdn.azureedge.net/cdn-public/design-pattern/fonts/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yuc-cdn.azureedge.net/cdn-public/design-pattern/fonts/icomoon.ttf
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FB6) /
Resource Hash
bc5d28ba753f0deecd42be7e79f9380ee1bbc7bc19c440f25a946f20ccc901cd

Request headers

Sec-Fetch-Mode
cors
Referer
https://yuc-cdn.azureedge.net/cdn-public/design-pattern/css/design-pattern-build.css
Origin
https://it.younited-credit.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Aug 2019 14:49:06 GMT
content-md5
vZEKkftRTk4PJl7+GNy5mA==
x-cache
HIT
status
200
content-length
4780
x-ms-lease-status
unlocked
last-modified
Mon, 29 Jul 2019 09:06:07 GMT
server
ECAcc (frc/8FB6)
etag
0x8D71403FDEDC755
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
7befde35-801e-008d-4342-5f7807000000
access-control-expose-headers
*
cache-control
max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 29 Aug 2020 14:49:06 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-963354740
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
9166
x-xss-protection
0
server
cafe
etag
9427867564825067918
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Aug 2019 14:49:06 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1289765604402216&ev=PageView&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&rl=&if=false&ts=1567176546568&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=28&fbp=fb.1.1567176546568.398458540&it=1567176546382&coo=false&rqm=GET
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 30 Aug 2019 14:49:06 GMT
/
www.facebook.com/tr/ 		44 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1289765604402216&ev=ViewContent&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&rl=&if=false&ts=1567176546570&cd[currency]=EUR&cd[value]=0&cd[content_type]=product&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=28&fbp=fb.1.1567176546568.398458540&it=1567176546382&coo=false&rqm=GET
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 30 Aug 2019 14:49:06 GMT
0EMX1924
an.pwspace.com/ Frame AFA4 		50 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://an.pwspace.com/0EMX1924?si=8bacd2f8-b980-4a80-970b-a24db826fcd9&pai=02870ecc-deab-4309-abc4-38e7b64761e2&pstuid=8c9daf92-cc2d-412a-b9c3-1f38abfca40b&fpu=aHR0cHMlM0ElMkYlMkZpdC55b3VuaXRlZC1jcmVkaXQuY29tJTJGbHAlMkZsYW5kaW5nLXBhZ2VfcHJvbW9fbWFnZ2lvJTNGZWN0cmFucyUzRDE=&callback=__pwcb
Requested by
Host: cdn.powerspace.com
URL: https://cdn.powerspace.com/bt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.155.63.91 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
91.63.155.104.bc.googleusercontent.com
Software
openresty/1.15.8.1 /
Resource Hash
a45f8e5a721dfd5a7d9be584a02d030601771238f87f6d478eff9e1332fe306c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 30 Aug 2019 14:49:06 GMT
server
openresty/1.15.8.1
content-length
50
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
/
yoc.younited-credit.com/e3/pret-dunion-it/ 		163 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yoc.younited-credit.com/e3/pret-dunion-it/?u=VjUfxxE4lkfzm6HDG7gDppRiytKObMcils_qZfNguxTmcbUibD876g--
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
et1.eulerian.net
Software
EWS /
Resource Hash
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Fri, 30 Aug 2019 14:49:06 GMT
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Content-Type
image/png
Cache-Control
max-age=0, private
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=4
Content-Length
163
X-XSS-Protection
0
unip
trc.taboola.com/1150270/log/3/ Frame 7318 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1150270/log/3/unip?en=page_view&tim=1567176546593&ref=N%2FA
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1150270/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1567176547.598508,VS0,VE9
x-served-by
cache-fra19175-FRA
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://it.younited-credit.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1567176546597&cv=9&fst=1567176546597&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b816f98d1d614e146263bdc985345dbbf336fe021647e041bc865ea04876c098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
994
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1567176546600&cv=9&fst=1567176546600&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f3eb75cfa2afd579a436ab31c1a18fe819ac4b310a6d6a39797283085f14eb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1010
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1567176546601&cv=9&fst=1567176546601&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&ig=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9a89b8441cf8316dd773730d4416c165cade2dd4a3e3570024b2a8f622203606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1004
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963354740/?random=1567176546597&cv=9&fst=1567173600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=1566172065&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963354740/?random=1567176546597&cv=9&fst=1567173600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=1566172065&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963354740/?random=1567176546601&cv=9&fst=1567173600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=4106318985&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963354740/?random=1567176546601&cv=9&fst=1567173600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&data=event%3D%20&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=4106318985&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963354740/?random=1567176546600&cv=9&fst=1567173600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=2043886747&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963354740/?random=1567176546600&cv=9&fst=1567173600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=2043886747&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: it.younited-credit.com
URL: https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e2d4d78aa8279.js
t.contentsquare.net/uxa/ 		134 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/e2d4d78aa8279.js
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/col157a/-/889272060?fra=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&ss=1600x1200&urlp=desktop%2F%2F%2F%2FNew_Landing_Page-Tass0&sd=24&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.95 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-95.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0205d6622b93ece9661df63177d9358976db41395c181481f953e7e530da43d1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 12:55:31 GMT
Content-Encoding
gzip
Age
92917
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
31218
Last-Modified
Mon, 26 Aug 2019 12:54:24 GMT
Server
AmazonS3
ETag
"c49fb7efb7bc9392aec9c5aaa5e11ed1"
Content-Type
application/javascript;charset=utf-8
Via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
Cache-Control
max-age=900
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
DJrlX13xdeZYsPiCWRWU1OCmeQSLgxdVUHpkjfX7ksVjbUIlhyhhtw==
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128244744-2
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f6ccab2558d0d026a4bced9ee248193b1f0738b96681daf114c3371a86b60fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
br
last-modified
Fri, 30 Aug 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26611
x-xss-protection
0
expires
Fri, 30 Aug 2019 14:49:06 GMT
70b4c357-13c7-4f07-a141-dfd9a11d4af4.js
insitez.blob.core.windows.net/site/ 		0
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insitez.blob.core.windows.net/site/70b4c357-13c7-4f07-a141-dfd9a11d4af4.js
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.73.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 30 Aug 2019 14:49:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jul 2019 09:19:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1B2M2Y8AsgTpgAmY7PhCfg==
ETag
0x8D7090593E87DDE
Content-Type
application/javascript; charset=utf-8
x-ms-request-id
7161576b-e01e-009c-7142-5fb553000000
Cache-Control
public, max-age=300
x-ms-version
2009-09-19
Content-Length
0
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: yoc.younited-credit.com
URL: https://yoc.younited-credit.com/tedc6086.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4989
date
Fri, 30 Aug 2019 13:25:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 30 Aug 2019 15:25:57 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 14:30:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1096
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
735
x-xss-protection
0
expires
Fri, 30 Aug 2019 15:30:50 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-963354740
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4989
date
Fri, 30 Aug 2019 13:25:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 30 Aug 2019 15:25:57 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963354740/?random=1567176546698&cv=9&fst=1567176546698&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&ig=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ebc8f01c0e8f1ddaed032294ac1ad5cd37101d6e6d92bb8d4b234d281c029601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1659441622&t=pageview&_s=1&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&dp=desktop%2F%2F%2F%2FNew_L...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_gid=109227843.1567176547&gjid=1535484759&_v=j79&z=736412938
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_v=j79&z=736412938
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_v=j79&z=736412938&slf_rd=1&random=440943833
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_v=j79&z=736412938&slf_rd=1&random=440943833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137580775-2&cid=18444228507258704255&jid=560644818&_v=j79&z=736412938&slf_rd=1&random=440943833
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1659441622&t=pageview&_s=2&dl=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&dp=desktop%2F%2F%2F%2FNew_Landing_Page-Tass0&ul=en-us&de=UTF-8&dt=Younited%20Credit%20-%20Prestiti%20Personali%20Online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aKBAAAIRE~&jid=&gjid=&cid=18444228507258704255&tid=UA-137580775-2&_gid=109227843.1567176547&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cm1=NaN&cm2=NaN&cm3=NaN&z=1874084909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 08:26:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
627785
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1659441622&t=event&ni=1&_s=1&dr=&dp=desktop%2F%2F%2F%2FNew_Landing_Page-Tass0&ul=en-us&de=UTF-8&dt=Younited%20Credit%20-%20Prestiti%20Persona...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_gid=109227843.1567176547&gjid=284907110&_v=j79&z=1449309407
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_v=j79&z=1449309407
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_v=j79&z=1449309407&slf_rd=1&random=1994880644
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_v=j79&z=1449309407&slf_rd=1&random=1994880644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128244744-2&cid=18444228507258704255&jid=263822827&_v=j79&z=1449309407&slf_rd=1&random=1994880644
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963354740/?random=1567176546698&cv=9&fst=1567173600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=3560011963&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963354740/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963354740/?random=1567176546698&cv=9&fst=1567173600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8l2&sendb=1&data=event%3Dhit_event%3Bevent_category%3Dnone%3Bevent_label%3Dnone%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fit.younited-credit.com%2Flp%2Flanding-page_promo_maggio%3Fectrans%3D1&tiba=Younited%20Credit%20-%20Prestiti%20Personali%20Online&async=1&fmt=3&is_vtc=1&random=3560011963&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://it.younited-credit.com/lp/landing-page_promo_maggio?ectrans=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 14:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| eul_slpublisher string| eul_ope string| eul_media string| eul_keyword string| eul_via string| eul_slkeyword string| eul_searchengine string| eul_refererdomain string| eul_date string| eul_creative string| eul_publisherurl string| eul_location string| eul_publisher string| eul_email object| tagService object| EA_data boolean| isAjaxRequest string| ysanceDomainId function| kameleoonDisplayPage number| kameleoonDisplayPageTimeOut object| appInsights object| simulator object| _oEa object| _oEaW object| _oEaXp function| EA_event function| EA_button function| EA_link function| EA_download function| EA_productevent function| EA_productbutton function| EA_productlink function| EA_productdownload function| EA_contextflag function| EA_tageventadd function| EA_tagisearchadd function| EA_taguparam function| EA_tagheatmap function| EA_heatmap function| EA_tagemail function| EA_tagproduct function| EA_tagerror function| EA_tagreferrer function| EA_referrer function| EA_tag function| EA_tagmulti function| EA_action_out_in function| EA_action_out function| EA_action_in function| EA_action_ref function| EA_shoppingcartestimate function| EA_shoppingcart function| EA_shoppingcartadd function| EA_shoppingcarthook function| EA_shoppingcartamount function| EA_estimate function| EA_newcustomer function| EA_blockpromo function| EA_view function| EA_tpclickposition function| EA_tpclickproduct function| EA_tpclick function| EA_dyntpclick function| EA_tpclickurl function| EA_dyntpclickurl function| EA_tpview function| EA_tpviewprd function| EA_dyntpview function| EA_tpviewurl function| EA_dyntpviewurl function| EA_click function| EA_clickoutposition function| EA_clickoutproduct function| EA_clickout function| EA_clickouturl function| EA_viewout function| EA_viewouturl function| EA_collectorurl function| EA_collector function| EA_merchandiser function| EA_jsversion number| eflash string| EA_param function| navSlide function| selectSlide function| showSlide function| startAutoSlide function| clearAutoslide function| sliderSwipe boolean| autoPlay boolean| stateScroll object| jwPlayer object| jwplayerParent object| btnJwplayerID string| currentUrl undefined| overlayPlayer function| initializePlayer function| loadBackground function| setEventListener object| helper object| kameleoonHelper object| emailQualityService object| digitalSignService function| checkHeader undefined| timerCheckHeader string| nameSlider object| slidersContainer undefined| slider object| tooltips object| body function| createModal function| showModal function| hideModal undefined| clickTrackerFn object| landingPage function| webpackJsonpjwplayer function| jwplayer object| lazySizes object| exitIntentService string| tooltipTitle object| partnersConfigs function| __extends object| Microsoft object| AI object| Trustpilot object| cookieconsent boolean| kameleoonExternalIFrameLoaded object| Kameleoon object| jstz object| bowser object| _EaCP object| dataLayer object| gtmDataLayer function| fbq function| _fbq object| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| ng object| google_tag_manager object| __zone_symbol__loadfalse object| __zone_symbol__popstatefalse object| __zone_symbol__scrollfalse object| __zone_symbol__resizefalse string| _oEa3rdu object| bezen object| _oEaDWR function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _uxa object| IzWidget object| google_tag_data function| ga object| gaplugins object| gaGlobal object| gaData string| GoogleAnalyticsObject object| CS_CONF object| CSPathComputation function| jQuery_cs function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

7 Cookies

Domain/Path Name / Value
.younited-credit.com/ Name: __pwpv
Value: aHR0cHMlM0ElMkYlMkZhbi5wd3NwYWNlLmNvbSUyRjBFTVgxOTI0JTNGc2klM0Q4YmFjZDJmOC1iOTgwLTRhODAtOTcwYi1hMjRkYjgyNmZjZDklMjZwYWklM0QwMjg3MGVjYy1kZWFiLTQzMDktYWJjNC0zOGU3YjY0NzYxZTIlMjZwc3R1aWQlM0Q4YzlkYWY5Mi1jYzJkLTQxMmEtYjljMy0xZjM4YWJmY2E0MGIlMjZmcHUlM0RhSFIwY0hNbE0wRWxNa1lsTWtacGRDNTViM1Z1YVhSbFpDMWpjbVZrYVhRdVkyOXRKVEpHYkhBbE1rWnNZVzVrYVc1bkxYQmhaMlZmY0hKdmJXOWZiV0ZuWjJsdkpUTkdaV04wY21GdWN5VXpSREUlM0Q=
it.younited-credit.com/ Name: ai_user
Value: VMVtk|2019-08-30T14:49:06.313Z
.younited-credit.com/ Name: _fbp
Value: fb.1.1567176546568.398458540
.it.younited-credit.com/ Name: ARRAffinity
Value: aee85f43b95bd7f90348f74d6e5f1d52a06f1ae97c8142d6867d05cdadd93219
it.younited-credit.com/ Name: ai_session
Value: 1BVvO|1567176546370.215|1567176546370.215
.younited-credit.com/ Name: pstuid
Value: 8c9daf92-cc2d-412a-b9c3-1f38abfca40b
.younited-credit.com/ Name: etuix
Value: xfYg0NHGLm3z2mDemcmNXxgQ2XY2OwTzLA_4j8rYPnjg0IKoqX9qYQ--

1 Console Messages

Source Level URL
Text
console-api warning (Line 1)
Message:
Function Kameleoon.API.experiments will be deprecated, please use Kameleoon.API.Experiments.getAll

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

an.pwspace.com
az416426.vo.msecnd.net
beverlyhillseditions.go2cloud.org
cdn.powerspace.com
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
ew3.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hhlwcyg0ce.kameleoon.eu
insitez.blob.core.windows.net
it.younited-credit.com
spa56c.eolcdn.com
stats.g.doubleclick.net
t.contentsquare.net
tr.clkdem.com
trc.taboola.com
trk.vrtrackdem.it
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
yoc.younited-credit.com
yuc-cdn.azureedge.net
104.155.63.91
109.232.194.248
109.232.194.94
109.232.197.99
13.35.253.25
13.35.253.71
13.35.253.95
151.101.114.2
151.101.14.2
152.199.19.160
172.217.18.162
185.249.183.232
192.229.233.4
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6813:c797
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
40.115.45.129
40.118.73.208
52.49.160.253
005b3947f6f3931bd20dd9766796fb7ce6dd597500442f83cffdbb2cf5d366be
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
0205d6622b93ece9661df63177d9358976db41395c181481f953e7e530da43d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1877d816f1218da9732e9a20fe82959beb17697b0c752b4e8cc987fc8bf9bdd8
18ad86902c285b6fd658a1a4ddd44caff74e55cf8d603eed43e285650d80465a
2b7be7a5e1f0db7846d6086dbc9cd793697b3758bc683ee840c04d6a4daedf1e
38a7cd5849a5bd78103865c86e5eafc40793fe3e5cc8819095aac71e77586548
3b2668e035d74099f90fe3e6aa91166e561dcbf36ba4859048f8959fa2371ff8
4118d1edbb976e2bbc47da968834db81c7698939cc4ae46fbe2d11322f5fa1db
4662ac70109fe61c3eeb8af0be398e9660f90bf62cd46e52f4733f7e68ec871f
4a376b51e80f99661ccee85a6af9b50346b32c53244694e4540661035cc0d68d
53d8d93785d75370fcb2e75556c5b73ab8f24b3bd0fcdde8bba7025a6fd4a11e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56f4201510afb724858564187afde49d779f0d0e52534e463e6661f563de20af
58dbae5bdf2b5e9ac2518952762a7d601120590b706c13577ae102c5cabeef73
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
5f6ccab2558d0d026a4bced9ee248193b1f0738b96681daf114c3371a86b60fd
60ea5becec426701f1a5ce2108b289079d3d95c04a2dac0ecc501119936e4b7b
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
6fd51cc47332e7074c186af1ff865f474cff7c64136a5d7b7cec176f1bb63412
7585b5b69bc0e1118f49f2614ede4eefa8167a2d2c28104c8f6cd5db65dc333b
7aae82e508713d1efb40168d67332514e0a69f5239a935cb6a827feb1c7eda6f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88bdf87f4e6ee57960d9e621fc5b55cc6eb6e9b847d2f28f40122a1a8650be7f
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f80c0263c7f6e7dc65bf856bf6a403c2a99abe23b691629abc197f895735415
9a89b8441cf8316dd773730d4416c165cade2dd4a3e3570024b2a8f622203606
a45f8e5a721dfd5a7d9be584a02d030601771238f87f6d478eff9e1332fe306c
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b816f98d1d614e146263bdc985345dbbf336fe021647e041bc865ea04876c098
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bc5d28ba753f0deecd42be7e79f9380ee1bbc7bc19c440f25a946f20ccc901cd
bd9bd9fe33dc24ba3b4d4bb9455294b46d4b9b0bbf4d8977106c3774c6d9eac8
c19d3f7bcbfb3865c39cf46850275aa2df4cb7caca7484ec3a0b4428df0bde3c
d3f666a79854da2c10aca00497137cf7687d9a7520672fd114e3621b66f1506a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de7c79e6c1fadaaa9777a0fdc2b57ff3a3a06208f74ac23808e8ad19df2d1a90
e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41406a028a021e3f26a20067d89185f69a2b901b341162904bca62d86ea82d5
e9570ecabc8f6eda0a93a4bb38d414762e0b94079f9cd3baac44116e5425063c
ebc8f01c0e8f1ddaed032294ac1ad5cd37101d6e6d92bb8d4b234d281c029601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f23fa5700491355d2c8c221dd24813b64f0cf4a3deff3b73b9386dbb21d1bd9c
f3eb75cfa2afd579a436ab31c1a18fe819ac4b310a6d6a39797283085f14eb69