pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_...
Submission: On June 06 via api (June 6th 2023, 2:06:29 am UTC) from TR — Scanned from DE

Summary HTTP 406 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 12 countries across 51 domains to perform 406 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
40	185.102.219.172 185.102.219.172	60068 (CDN77 ^_^) (CDN77 ^_^)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2 2	2a03:2880:f08... 2a03:2880:f084:a:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	2606:4700:10:... 2606:4700:10::6814:f25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
3	34.117.159.110 34.117.159.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
62	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2 4	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
4	34.111.136.72 34.111.136.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	2a02:26f0:480... 2a02:26f0:480:195::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	23.212.89.35 23.212.89.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
46	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	35.157.179.180 35.157.179.180	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
12 33	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
10 16	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 10	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
12	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 4	2a05:d018:d29... 2a05:d018:d29:3601:78d2:f403:256d:1a22	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
4 4	34.249.110.120 34.249.110.120	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2600:9000:20c... 2600:9000:20c3:1200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	141.101.90.98 141.101.90.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.165.10 172.64.165.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	192.229.233.53 192.229.233.53	15133 (EDGECAST) (EDGECAST)
1	8.43.72.97 8.43.72.97	() ()
1 2	52.95.118.179 52.95.118.179	() ()
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.222.214.69 52.222.214.69	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	() ()
406	66

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com

onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-s3.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-s1.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:a:face:b00c:0:2 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6814:f25 (United States)

ASN13335 (CLOUDFLARENET, US)

srv-cdn.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-onedio-production.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.159.110 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.159.117.34.bc.googleusercontent.com

event-collector.analytics.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.136.72 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.136.111.34.bc.googleusercontent.com

recommendation-api.analytics.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:195::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.89.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-35.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.179.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com

tpx.tesseradigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.185.162 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.80.39.216 (Canada) 10 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.53 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.46 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3601:78d2:f403:256d:1a22 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.249.110.120 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-110-120.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:1200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.165.10 (United States)

ASN13335 (CLOUDFLARENET, US)

metrics.getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.53 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (None, )

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.118.179 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-69.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 950 pm-widget.taboola.com — Cisco Umbrella Rank: 4963 trc.taboola.com — Cisco Umbrella Rank: 650 trc-events.taboola.com — Cisco Umbrella Rank: 1867 vidstat.taboola.com — Cisco Umbrella Rank: 2834 am-trc-events.taboola.com — Cisco Umbrella Rank: 12936 images.taboola.com — Cisco Umbrella Rank: 2011 imprammp.taboola.com — Cisco Umbrella Rank: 12256 am-match.taboola.com — Cisco Umbrella Rank: 12293 wf.taboola.com — Cisco Umbrella Rank: 2971 am-vid-events.taboola.com — Cisco Umbrella Rank: 11485 sync.taboola.com — Cisco Umbrella Rank: 1032 vidstatb.taboola.com — Cisco Umbrella Rank: 5359 pips.taboola.com cds.taboola.com	5 MB
70	googlesyndication.com a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	399 KB
62	onedio.com onedio.com — Cisco Umbrella Rank: 60161 static.onedio.com — Cisco Umbrella Rank: 296414 img-s3.onedio.com — Cisco Umbrella Rank: 264342 srv-cdn.onedio.com — Cisco Umbrella Rank: 253329 img-s1.onedio.com — Cisco Umbrella Rank: 221177 event-collector.analytics.onedio.com — Cisco Umbrella Rank: 336817 services.onedio.com — Cisco Umbrella Rank: 295892 recommendation-api.analytics.onedio.com — Cisco Umbrella Rank: 337976 api-onedio-production.onedio.com — Cisco Umbrella Rank: 285564	1 MB
58	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	310 KB
32	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	1 MB
18	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2331 dis.criteo.com — Cisco Umbrella Rank: 587	11 KB
16	casalemedia.com 10 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475	11 KB
10	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	11 KB
10	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1450 s8t.teads.tv — Cisco Umbrella Rank: 5564 t.teads.tv — Cisco Umbrella Rank: 2686 sync.teads.tv — Cisco Umbrella Rank: 1314	138 KB
9	rubiconproject.com 1 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 614 token.rubiconproject.com — Cisco Umbrella Rank: 605 pixel-us-east.rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 362	13 KB
9	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 3099 s2.adform.net — Cisco Umbrella Rank: 6353 adx.adform.net — Cisco Umbrella Rank: 4102	10 KB
7	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 2277 adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	43 KB
6	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452 ups.analytics.yahoo.com — Cisco Umbrella Rank: 315	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 366	110 KB
5	facebook.com 2 redirects graph.facebook.com — Cisco Umbrella Rank: 124 www.facebook.com — Cisco Umbrella Rank: 101	976 B
4	360yield.com 4 redirects match.360yield.com — Cisco Umbrella Rank: 2279	2 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 365	1 KB
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6521	689 B
4	windows.net pcloak.blob.core.windows.net	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	163 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	223 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	1 KB
2	o2online.de portal.o2online.de — Cisco Umbrella Rank: 68686	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1588	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5220	651 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 518	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 773	795 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 952 r.turn.com — Cisco Umbrella Rank: 3464	869 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
2	tesseradigital.com tpx.tesseradigital.com — Cisco Umbrella Rank: 212125	26 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8155 ampcid.google.de — Cisco Umbrella Rank: 56497	895 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	22 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 429	1 KB
2	fbsbx.com platform-lookaside.fbsbx.com — Cisco Umbrella Rank: 3997	24 KB
2	cloakan.co www.cloakan.co	773 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1219
1	w55c.net cti.w55c.net — Cisco Umbrella Rank: 3710	13 KB
1	getrockerbox.com metrics.getrockerbox.com — Cisco Umbrella Rank: 5547	555 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 764	441 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 382	774 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 826	336 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 870	716 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1040	1021 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1176	245 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3164	104 B
1	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3870	2 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1092	397 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1078	64 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	1 KB
406	51

	Domain	Requested by
46	pagead2.googlesyndication.com	onedio.com a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com pagead2.googlesyndication.com pcloak.blob.core.windows.net tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
38	images.taboola.com
33	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com eus.rubiconproject.com
32	s0.2mdn.net	onedio.com pcloak.blob.core.windows.net s0.2mdn.net
31	onedio.com	www.cloakan.co onedio.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com onedio.com tpc.googlesyndication.com pcloak.blob.core.windows.net s0.2mdn.net
15	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
13	cdn.taboola.com	onedio.com cdn.taboola.com
12	bidder.criteo.com	onedio.com static.criteo.net
11	securepubads.g.doubleclick.net	onedio.com securepubads.g.doubleclick.net
10	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	srv-cdn.onedio.com	onedio.com
8	googleads.g.doubleclick.net	a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com onedio.com pagead2.googlesyndication.com
7	static.criteo.net	onedio.com
6	googleads4.g.doubleclick.net	pcloak.blob.core.windows.net
6	static.onedio.com	onedio.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	1 redirects a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com onedio.com tpc.googlesyndication.com
4	am-trc-events.taboola.com	onedio.com
4	match.360yield.com	4 redirects
4	pr-bh.ybp.yahoo.com	4 redirects
4	match.adsrvr.org	a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com imprammp.taboola.com am-match.taboola.com
4	a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adx.adform.net	onedio.com
4	prebid-eu.creativecdn.com	onedio.com
4	api-onedio-production.onedio.com	onedio.com
4	recommendation-api.analytics.onedio.com	onedio.com
4	dmp.adform.net	2 redirects onedio.com
4	a.teads.tv	onedio.com a.teads.tv
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	pixel.rubiconproject.com	eus.rubiconproject.com
3	token.rubiconproject.com	1 redirects eus.rubiconproject.com
3	sync.taboola.com	imprammp.taboola.com am-match.taboola.com
3	www.googletagservices.com	a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
3	www.facebook.com	onedio.com pcloak.blob.core.windows.net
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	t.teads.tv	onedio.com
3	event-collector.analytics.onedio.com	onedio.com
3	www.googletagmanager.com	onedio.com www.googletagmanager.com
2	aax-eu.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
2	ups.analytics.yahoo.com	imprammp.taboola.com am-match.taboola.com
2	am-vid-events.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	portal.o2online.de
2	sync.teads.tv	1 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	d5p.de17a.com	2 redirects
2	dis.criteo.com	1 redirects a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
2	sync.mathtag.com	2 redirects
2	cms.quantserve.com	1 redirects a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
2	trc.taboola.com	onedio.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	tpx.tesseradigital.com	www.googletagmanager.com pcloak.blob.core.windows.net
2	connect.facebook.net	pcloak.blob.core.windows.net connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	id5-sync.com	onedio.com
2	platform-lookaside.fbsbx.com	onedio.com
2	graph.facebook.com	2 redirects
2	img-s3.onedio.com	onedio.com
2	www.cloakan.co	pcloak.blob.core.windows.net
1	cds.taboola.com	onedio.com
1	pips.taboola.com	onedio.com
1	sync.intentiq.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	cti.w55c.net	eus.rubiconproject.com
1	vidstatb.taboola.com
1	wf.taboola.com	onedio.com
1	imprammp.taboola.com	vidstat.taboola.com
1	metrics.getrockerbox.com
1	s.ad.smaato.net	1 redirects
1	px.ads.linkedin.com	1 redirects
1	onetag-sys.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	um.simpli.fi	1 redirects
1	tg.socdm.com	1 redirects
1	rtb.openx.net	a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
1	r.turn.com	a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	trc-events.taboola.com	onedio.com
1	mug.criteo.com	pcloak.blob.core.windows.net
1	pm-widget.taboola.com	widget.perfectmarket.com
1	ampcid.google.de	onedio.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ampcid.google.com	onedio.com
1	widget.perfectmarket.com	cdn.taboola.com
1	s8t.teads.tv	onedio.com
1	lb.eu-1-id5-sync.com	onedio.com
1	s2.adform.net	onedio.com
1	www.googleoptimize.com	www.googletagmanager.com
1	cdn.jsdelivr.net	onedio.com
1	services.onedio.com	onedio.com
1	img-s1.onedio.com	onedio.com
406	96

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
*.onedio.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-29` - `2023-09-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
srv-cdn.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
event-collector.analytics.onedio.com GTS CA 1D4	`2023-05-31` - `2023-08-29`	3 months	crt.sh
services.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
recommendation-api.analytics.onedio.com GTS CA 1D4	`2023-04-14` - `2023-07-13`	3 months	crt.sh
api-onedio-production.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpx.tesseradigital.com R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
portal.o2online.de E1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
getrockerbox.com E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
ads.w55c.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-30` - `2024-06-29`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Frame ID: D3FDA88863EFD9C88BC096A62EF8EA7A
Requests: 6 HTTP requests in this frame

Frame: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Frame ID: 89F6B2A9C13E089D27D3834EA796AC68
Requests: 208 HTTP requests in this frame

Frame: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 91AA16D84A24AEEFA984F1DE4427788C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 9A9E98D3814BA70B110CA7C1FDEE61F5
Requests: 2 HTTP requests in this frame

Frame: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 03644847C79C3D6DF97D30A13A0E6265
Requests: 20 HTTP requests in this frame

Frame: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 352465F04A0A4C4458F1320377BAFF22
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXEekT3OpF0SRCjrN5NSpOgTyS_D-gxfdpaPOOD8l6TjwhnkM5wqQBNlsSVQIh77vukOyc2wttWKt-xgMUSogK_cy8B2EwKZXuJwKLT8OpjpTJ_RbqjdyzS3XlHfMaspxkdvUih4LsMamwGq7Dfuvr-NS7BJaUK6VtTGrR7lpvQ0pCf-8wqYL0LP9xVaQzb6n5-1mVWZDCKQ9GTdKRmPSgC9odtuQ
Frame ID: 32A5D424F8088341AC57D6344FA75753
Requests: 5 HTTP requests in this frame

Frame: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A3C9F691E35E2894AC1D64FA3BE2493C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNUBvbNjlCPa4oRzawFQ5hZsSBpgG8giXmdVrO5U7ThgWrx4k-c8KL9zZqfmVcDNAItkhdIRc4Ho-Amez7GT1BEpJW5ggdW2o9RCVR1RSkFw7aWvBxvmDxcHVVC5afmPPn_t4GkD6_T-I8j2emze6X1gbza9G5PZ1KOBjZ4TPqmtoT7k1sj__UfXYaTP4kGntByKNfYM_ucnnPOufqBC0K2RQZzcSA
Frame ID: 447C75BF7BBA44F08D895FDE58C4CB7B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARihoLXcATAB&v=APEucNVgrBOPT6pBu-rWy8G3aV8Gmu2fvURNr3wcQtTKS_xdDnHtedOQ9-1kqoOWIxpcIsjYV_c7OpCGo87Z7wW9ucTDSTW2ocrRNLp7U2sKgD_U6472V81wYgP7Ti1Ish1nrQMYzO7dLJ9VNMW_GA5ysZB5zsBEfPzfibuCFkaKyNp2jnLM4DEDPfMAatzeKHf8E9mI_XyM
Frame ID: A57631548DAD479F5818055B649B2024
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: A0692732B4181434AC802DD1580F281A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87C4660D1FD82233C71D9642C87E29E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 953B46774F8FFF822DD61A99CF309ADC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E29DE71699CCA06294AEEB8B9C71B009
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB105F4121BF3D0E93695C2E2464CAE6
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A585BE1816033B6C036058F53F6DEF1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92D0A532BAAA140CF3ED0D47415D7518
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250
Frame ID: 2FDB099E94899262CA46A78967EA3DF4
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D49C217AB57E5FB048E57CC246BCC14A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
Frame ID: 1D9F1A7DFF5D948F3051F165E72D2459
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
Frame ID: 839CF6B6553CAFCF5135B4ECE5C30BB6
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 74EACAAEAE9FC9A08660D4B49AEDA349
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1A26DDDF17D08DA3BED30338D40F830C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Frame ID: F155CDECCE4015CED2F5DEEED0F7E921
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Frame ID: 1F7B04735532B80E49939CF5CA531FA9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Frame ID: 502F413BA5E3D1115CD8BF411D5DE043
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1686017186911&uv=3288&tms=1686017186911&abt=esv_vB!nonrv_vA!ntvc_vA!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6b9a6671-d51a-4856-a3ef-72e2ef68e509&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 84849BDEAA47166BCEA99E03ACA31738
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 5903162023426E25AB769A6B4242330D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 2CB47C22FCEE7A7A62E20E5BE060817A
Requests: 11 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F8EAA724F5606DE22B1F094CBDB9FBA6
Requests: 4 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=1&us_privacy=1---
Frame ID: 61CE673A5876FCFE9AAAABB659152B3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

406
Requests

90 %
HTTPS

42 %
IPv6

51
Domains

96
Subdomains

66
IPs

12
Countries

9156 kB
Transfer

18471 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://graph.facebook.com/10221116671685687/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1688609183&hash=AeTDO2zYGOhEDuNauMY

Request Chain 44

https://graph.facebook.com/10204851241823419/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1688609183&hash=AeQEZ7Cx1MEqDm4spAU

Request Chain 64

https://dmp.adform.net/dmp/profile/?pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1686017184181 HTTP 302
https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1686017184181

Request Chain 77

https://dmp.adform.net/audiencetag/adformat.js HTTP 301
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

Request Chain 143

https://gum.criteo.com/sid/json?origin=publishertag&domain=onedio.com&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=qBdDH3x3UzNMNXNUeW1PWVNvUzhYWkhKOGlHK2RSd1Ixd2xCdEl6THZCRmNuWE5rNFBNeHlpQ3BiTzVoMGd4RXF2S2tGL3dYakM1UVU0Q3NwdS84ZmlXLy9tcS9idWJUemtONE9PNXFNeDJURXN4MDB1K0F1S1VaYzNVZitOcUlXalFES1FjelF5MEsyZFVCUUhTdm9HemsrRkF2VEtoOVFqajY1SDhSd0tsVVEyZkJsOG9LMExrYUVCMnhsMXBrZSt4OXN3R3kvUmpDdWZXUGRScDdtSTFoa09yRGp3SEVUcFd5S2lMNXk5MEpLVmRjQmRCREoyeFNTK29DMHJqRGx6OVJ2bnQ4KzBBZVFkYVRLQWN5akRQNFA2dnZ0cWVhQ1Q2cmZ3N2NCWlpia0FEMD18&cppv=2

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1

Request Chain 186

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH6UoeDdER2x98G1RlSWzgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1

Request Chain 188

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1

Request Chain 190

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH6UoeDdER2x98G1RlSWzgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1

Request Chain 192

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH6UoeDdER2x98G1RlSWzgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBHvEXwsLtHXfY6Q2e2tjw0%26google_cver%3D1

Request Chain 196

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

Request Chain 221

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 233

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMuTcvOd5_bkteiFbz49CrI&google_cver=1&google_push=ATf1kGPwPIRMfeeKvs3xdsxM-hoqCpMsNm5IckhHRcHJcV5Tr9ijnFjzH-Vzl24ogDXIakyKJTsR5vtpkz-uSm6QssMDMix5IyP8Zw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMyOTc2NzAyMjczNDUwNTM1Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHKChs0im2wV0eUIITbTNJg&google_cver=1

Request Chain 236

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKrs4yN9wPywgbwJCgP92p4&google_cver=1&google_push=ATf1kGOxarzN9WVGk0xQgjkC0FP0OnGwc2MsXRxx9NLcekROXQQYLWZcad714Npy_clCd2Jiq1FORMpfpC1-hlWTfUmoJWcQQ6AWjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOxarzN9WVGk0xQgjkC0FP0OnGwc2MsXRxx9NLcekROXQQYLWZcad714Npy_clCd2Jiq1FORMpfpC1-hlWTfUmoJWcQQ6AWjA

Request Chain 237

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEKm34Ul6QB3e0MP24fpqC_Q&google_cver=1&google_push=ATf1kGO1x8cNDhMhF_oNOBvAGpJXbGvYpEmUcEw8P-XWHUCZLV6SVUOH2C8ajKklzIIS18yrALVk5wcgMaNnr-7naEaMrg4n_QIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-chuRMQuTR8sj22c8iOVB1rkZ_lZrSFddM9LOnQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 239

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFL04czfYQHfvOa1YzPzhu0&google_cver=1&google_push=ATf1kGMAmVEDiN9NNFEmWEmUwYSE9bgNkO5fdHh2PQD7Qbnh59uTNrG2AuqauKKtMFwxiaQ5HRtYZj4g3wQa3wWX4MpCCx9n-nvtjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMAmVEDiN9NNFEmWEmUwYSE9bgNkO5fdHh2PQD7Qbnh59uTNrG2AuqauKKtMFwxiaQ5HRtYZj4g3wQa3wWX4MpCCx9n-nvtjg&google_hm=Wkg2VW9zQ284WVVBQUViLnlWY0FBQUFB

Request Chain 246

https://um.simpli.fi/gp_match?google_gid=CAESEJc-wwym2oHfshns1ywl3jM&google_cver=1&google_push=ATf1kGPniav2a2Hd74_FpQu0nkuMiSamOQdZwZ5mkrV9kXy2YBYM_nFRN8Pe7aBRNRUtLUEl70JyGY_PVX8kd43QdWVUje1bSbPJJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FD85C7178444EDF8AADA5843046D51F&google_push=ATf1kGPniav2a2Hd74_FpQu0nkuMiSamOQdZwZ5mkrV9kXy2YBYM_nFRN8Pe7aBRNRUtLUEl70JyGY_PVX8kd43QdWVUje1bSbPJJg

Request Chain 248

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELtW6zHU5aCFjy4dAzBRGgA&google_cver=1&google_push=ATf1kGNeYrFPdFMnV-lG98urdxtST2FLdOHP4m4hCORAH22LvbCs-bS5Jd9M7rsqpJLSmEoO6mnO9y2dYMvDl2-XO3QmksldDQ8YlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNeYrFPdFMnV-lG98urdxtST2FLdOHP4m4hCORAH22LvbCs-bS5Jd9M7rsqpJLSmEoO6mnO9y2dYMvDl2-XO3QmksldDQ8YlA&google_hm=eS1GUXp4M1dWRTJwSFBzRkdrclExNnBVVGt5Zk1nTmpyQX5B

Request Chain 249

https://d5p.de17a.com/cookies/google?google_gid=CAESENyMsZOyAj_jxw6TtA5qBCU&google_cver=1&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSawLFRSPlkA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENyMsZOyAj_jxw6TtA5qBCU&google_cver=1&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSawLFRSPlkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSawLFRSPlkA

Request Chain 250

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBLm3bTfbqniMpObwX2bQiM&google_cver=1&google_push=ATf1kGORgTD_J8JseYc8tBqibwK0utFVX2h0kZgrObGmdoQdW7hlTTTe7s0CyG83V_teBXD2-LnII3qzTV0Dq0DJa1Vze8kPdwdfiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBLm3bTfbqniMpObwX2bQiM&google_hm=ZH6UoeDdER2x98G1RlSWzgAADFoAAAIB&google_nid=index&google_push=ATf1kGORgTD_J8JseYc8tBqibwK0utFVX2h0kZgrObGmdoQdW7hlTTTe7s0CyG83V_teBXD2-LnII3qzTV0Dq0DJa1Vze8kPdwdfiw

Request Chain 251

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKPEWu58uxSPCLNbSZXqrhI&google_cver=1&google_push=ATf1kGMBFb1najOAIarfNJbtIzeiD83cJGdranpgcKD0UTP2TeEo06A1PgEYApwCpsb8s_epIKpbdaHWoam9BS80AoEtLdb--i4F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMBFb1najOAIarfNJbtIzeiD83cJGdranpgcKD0UTP2TeEo06A1PgEYApwCpsb8s_epIKpbdaHWoam9BS80AoEtLdb--i4F

Request Chain 252

https://match.360yield.com/match/ebda?google_gid=CAESEM7yW6ljb3SdNSD7IHTmcIE&google_cver=1&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmcuMgFdlGwCyn1YsA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM7yW6ljb3SdNSD7IHTmcIE&google_cver=1&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmcuMgFdlGwCyn1YsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmcuMgFdlGwCyn1YsA

Request Chain 261

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPUuMx_mqws1fRuo2MS6xbc&google_cver=1&google_push=ATf1kGNqu-LVYLAUnQlIrnUlpJzrbmJKp1EO3dACEHmAjY4O1pyZC6yz3kILfUTaUEmy5WfeB2-UHuV0JEm01QVGpK0Hj3f0yqo HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNqu-LVYLAUnQlIrnUlpJzrbmJKp1EO3dACEHmAjY4O1pyZC6yz3kILfUTaUEmy5WfeB2-UHuV0JEm01QVGpK0Hj3f0yqo&google_hm=YFzGBT3NFB9FF6L01loY4w

Request Chain 262

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMGME1LFdfsN-PqdkpOAhPw&google_cver=1&google_push=ATf1kGNMBQsigO6qr44G1pEiBgC4fEV-u9_0SorTqvjhvy79FjEKQoisHZWfbf7bWvAnFd_lrVIpzwyUF7w5odvcjJEI2nK9bRKv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNMBQsigO6qr44G1pEiBgC4fEV-u9_0SorTqvjhvy79FjEKQoisHZWfbf7bWvAnFd_lrVIpzwyUF7w5odvcjJEI2nK9bRKv

Request Chain 263

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENG3Se1XskIBcd78B5-ihhQ&google_cver=1&google_push=ATf1kGM83vV2EAjk91MHhvK_dUOew_ud9Qi8bRbhZR8Jjh9CF4XzkIarqmF6KDjRGZnN4Y90fP4DWUxY5WzmI4QubVSv5Nn_HgNe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGM83vV2EAjk91MHhvK_dUOew_ud9Qi8bRbhZR8Jjh9CF4XzkIarqmF6KDjRGZnN4Y90fP4DWUxY5WzmI4QubVSv5Nn_HgNe

Request Chain 264

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGTfYg7pLYETEamF_NXyiLw&google_cver=1&google_push=ATf1kGNfXNi-l7Qz_VGqFBKcJJdY89TadSfuHBSPXQeLzQ_LEHpJUMatHi58A7rVlmGILCGwzgHXqlMn5-QzuTynW7Lf34dn9mYD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM4ODY3MDA4NTU2MDQ2OQ%3D%3D&google_push=ATf1kGNfXNi-l7Qz_VGqFBKcJJdY89TadSfuHBSPXQeLzQ_LEHpJUMatHi58A7rVlmGILCGwzgHXqlMn5-QzuTynW7Lf34dn9mYD

Request Chain 265

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJiJdmiYePDN9wJ2WxgS3oE&google_cver=1&google_push=ATf1kGMLocqUsENDvg1CgiJEIOS8DSlBgPlFzAPOTcAcqR_bKYo-FZfYcWWPdiO_5ZmD_i0GBlFIqLpLs-vjOE0gSQx6Oxzeqg3a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMLocqUsENDvg1CgiJEIOS8DSlBgPlFzAPOTcAcqR_bKYo-FZfYcWWPdiO_5ZmD_i0GBlFIqLpLs-vjOE0gSQx6Oxzeqg3a

Request Chain 266

https://match.360yield.com/match/ebda?google_gid=CAESEDqIzYXQiUrAeMOPUQxFMWE&google_cver=1&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREMf8Y13bo3xW8I HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDqIzYXQiUrAeMOPUQxFMWE&google_cver=1&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREMf8Y13bo3xW8I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREMf8Y13bo3xW8I

Request Chain 267

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM7KVz0N6msTsB2JjMQVL8E&google_cver=1&google_push=ATf1kGPTaKK3q__Vs2-TpdlaZxa1KcjOMRkK7TS8rT1Up6aqWZJZGlqXZ1zToYFqmk61-jzROGbuc3qmaFQiwWXID2_6UxrYUHTHaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPTaKK3q__Vs2-TpdlaZxa1KcjOMRkK7TS8rT1Up6aqWZJZGlqXZ1zToYFqmk61-jzROGbuc3qmaFQiwWXID2_6UxrYUHTHaA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 377

https://pr-bh.ybp.yahoo.com/sync/taboola/0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A

Request Chain 382

https://pr-bh.ybp.yahoo.com/sync/taboola/0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A

Request Chain 396

https://pr-bh.ybp.yahoo.com/sync/taboola/0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A

Request Chain 399

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 401

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---

Request Chain 405

https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7241388670085560469&expires=730&gdpr=1

406 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6y592zf1gbg.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 482ms
116ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 52e537502f71005147165cfb8c67081bcbd6580b86fb92c891dcfabdfac1ffac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: phA55yVw0gHyoxDHiNsKtQ==
Content-Type: text/html
Date: Tue, 06 Jun 2023 02:06:21 GMT
ETag: 0x8DB5ED0A53C8096
Last-Modified: Sat, 27 May 2023 16:37:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 0aa07dc2-001e-004c-321b-98d23d000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 119ms
119ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-request-id: 0aa07e23-001e-004c-0d1b-98d23d000000
Date: Tue, 06 Jun 2023 02:06:21 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 342ms
111ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 06 Jun 2023 02:06:21 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 0aa07f35-001e-004c-051b-98d23d000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 230ms
111ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 06 Jun 2023 02:06:21 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 0aa07ea8-001e-004c-011b-98d23d000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 55 B
321 B 355ms
153ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6y592zf1gbg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:22 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 45

GET
H2 200 nv.php Show response
www.cloakan.co/ 338 B
452 B 330ms
171ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6y592zf1gbg-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: cb217d0e8ae247684c0dd02ff520bf734a39ad6ea5ec1124286bf47e0f42ec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 178

GET
H2 200 kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Show response
onedio.com/haber/ Frame 89F6 346 KB
65 KB 77ms
20ms Document
text/html 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6y592zf1gbg-m
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 3c8f980d25529cac4e331e6cb3357bc3c26614679ee04ecc579f5e7bb385bec5

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5183
allow: GET, HEAD, POST
cache-control: public, max-age=60
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 06 Jun 2023 02:06:23 GMT
etag: W/"5685e-bUBwZSq7Jfpp+7CyKrBX4TuHfuQ"
server: MerlinCDN
vary: Accept-Encoding
via: HTTP/2.0 Merlin CDN
x-amz-cf-id: 3n60ofCOXNUr1nnobvLNNGiu492DYaNcfumbmfCEqiKOFSTbIwYwLA==
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-cache-status: STALE
x-edge: de-fra-dp-s03
x-midtier: nl-naw-ws-s08
x-varnish: 760709760

GET
H2 200 Inter-Light.woff2
static.onedio.com/fonts/Inter/ Frame 89F6 35 KB
35 KB 173ms
94ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Light.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 41dd65e5d60b12bfae966238332a9260800d9faa4d6b2dd96c1d04050fbaed02

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-lea-s01
x-cache-status: EXPIRED
x-cache: Hit from cloudfront
content-length: 35440
last-modified: Fri, 07 Jan 2022 12:12:27 GMT
server: MerlinCDN
etag: "ded6cc07e59d818372f76b530e7c7aaf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: i-s31ZCUNCZb3lOsPBrWb2ee7xtigBRn3R8nF-NjmKYA8lf1boKA8g==

GET
H2 200 Inter-Regular.woff2
static.onedio.com/fonts/Inter/ Frame 89F6 33 KB
33 KB 162ms
83ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Regular.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-lea-s01
x-cache-status: EXPIRED
x-cache: Hit from cloudfront
content-length: 33580
last-modified: Fri, 07 Jan 2022 12:12:29 GMT
server: MerlinCDN
etag: "e423db9dfdab27cbe7e6d5d1905c001b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: 7_Y_Qj4XCPL7fosaQv7ja6qRkenyqiwOwNmczuLl4MA0Xb6huCYf0w==

GET
H2 200 Inter-Italic.woff2
static.onedio.com/fonts/Inter/ Frame 89F6 104 KB
105 KB 170ms
92ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Italic.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: AMS50-C1
age: 0
x-midtier: nl-naw-ws-s08
x-cache-status: EXPIRED
x-cache: Hit from cloudfront
content-length: 106876
last-modified: Fri, 07 Jan 2022 12:12:26 GMT
server: MerlinCDN
etag: "fd26ff23f831db9ae85a805386529385"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: uTysHvBpg-0qSv2I_byfRwbDM17huHHeHnXnh97IT5iCBoGJS1qEkg==

GET
H2 200 Inter-Medium.woff2
static.onedio.com/fonts/Inter/ Frame 89F6 35 KB
36 KB 110ms
32ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Medium.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: AMS50-C1
age: 0
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 36304
last-modified: Fri, 07 Jan 2022 12:12:28 GMT
server: MerlinCDN
etag: "209c34a0fe25256a1d61f4b87f0bdf41"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: LwcKv5tSOpj1FZ6nKaagbHfxkUKpYBeqU2n0Q3REcxTEh5waFlhaKw==

GET
H2 200 Inter-Semi-bold.woff2
static.onedio.com/fonts/Inter/ Frame 89F6 36 KB
36 KB 153ms
75ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Semi-bold.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 36488
last-modified: Fri, 07 Jan 2022 12:12:30 GMT
server: MerlinCDN
etag: "4d3237c6955b3611432f2cf951990f8b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: rizxac-38K_Ea7L8sFVbx7l3mh4h-VxNAl09kc5b-_MLBKw3S9gdjg==

GET
H2 200 Inter-Bold.woff2
static.onedio.com/fonts/Inter/ Frame 89F6 36 KB
36 KB 138ms
60ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Bold.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-dp-s02
x-cache-status: EXPIRED
x-cache: Hit from cloudfront
content-length: 36520
last-modified: Fri, 07 Jan 2022 12:12:24 GMT
server: MerlinCDN
etag: "86ec6e568f088fdabcca077caa60f99c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: EhkCvldsaJIv1Yw-jJdDMbAy5V9w4bkD271-3SyBtbz0FxCkQdTvAg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 89F6 75 KB
25 KB 96ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517b19e0b5b21597c149cdd3e802ac4680df295b26a394e73921e2d8f0ad5033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25223
x-xss-protection: 0
server: cafe
etag: 41 / 19514 / m202306010101 / config-hash: 435238587681776568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:23 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 89F6 126 KB
41 KB 140ms
59ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Jun 2023 02:06:23 GMT

GET
H2 200 pbd7.47.0.js Show response
onedio.com/scripts/ Frame 89F6 232 KB
74 KB 83ms
83ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/scripts/pbd7.47.0.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: fee5feedcf117324972d35126e99e4d11d098c6437293d2bbd04c7d6153af2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 2584
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 01 Jun 2023 07:24:00 GMT
server: MerlinCDN
etag: W/"39fef-18875d78a80"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 762234868 763786578
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=3600
x-amz-cf-id: lY2p6NbWNLtRzmbzd00s60gWrEZ12vLWzD2JvOwEQgVEDimgSQj16g==

GET
H2 200 48e10af.js Show response
onedio.com/_nuxt/ Frame 89F6 4 KB
3 KB 21ms
20ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/48e10af.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 5ba3e29b36392ab475d33c81fcb6a9d266e4edae0429534e64263624c693f92c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 412188
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Thu, 01 Jun 2023 07:29:37 GMT
server: MerlinCDN
etag: W/"10ce-18875dcaee8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 721812653
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: cs4LLgbpyG441h5vG0ljPtRCXep4Wcml_HEP0FTq0YdsWtJMXY2bLg==

GET
H2 200 a0c28f8.js Show response
onedio.com/_nuxt/ Frame 89F6 271 KB
91 KB 32ms
30ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/a0c28f8.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: f17743453ad59cf73ecb4045e0fee5bda7df08c33c56cfa3354232630e6c9293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 906326
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"43cda-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 714875640 713220041
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: JCGBWALEUmPZkl773YLge96gBiqhESg8N1j3Rfb42ECPEUu5gyOx0w==

GET
H2 200 9d6c279.js Show response
onedio.com/_nuxt/ Frame 89F6 438 KB
131 KB 58ms
57ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/9d6c279.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: e86af19d7a5ad8c41b4bc3e7c9d831c035881994f142751b65c209e0724eeed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 564347
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"6d8d3-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 714871048
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: k82IACpeaAhZFGOD2tJqqr6WMqhugCSiezS3xC908lAFKphxT1tbVg==

GET
H2 200 fb39ab4.js Show response
onedio.com/_nuxt/ Frame 89F6 792 KB
196 KB 75ms
74ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/fb39ab4.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: a65e55dfb49fe7156c315e93e5667af83fa0dac3ceb915b5b7aa2a0d3855b79b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 564347
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"c6139-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 715164563
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 8kMBtEsX35En7wLz1hbsO1h6OJVnukgDslySHRK2ag865RzwmK-eGw==

GET
H2 200 2b610c9.js Show response
onedio.com/_nuxt/ Frame 89F6 316 KB
71 KB 93ms
91ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/2b610c9.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 4a28bc0c0e49152ae29f9dcf2415a5b3d661c063d0572d94ad7d55a9aecacd32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 412167
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 01 Jun 2023 07:29:37 GMT
server: MerlinCDN
etag: W/"4efc3-18875dcaee8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 723825817 724571997
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 0sh5IWi39QL2MsAYfKeEIWtmplwfoc3eKD725kRS2tOwrs7xjP9JHQ==

GET
H2 200 8ed095c.js Show response
onedio.com/_nuxt/ Frame 89F6 5 KB
2 KB 96ms
94ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/8ed095c.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: c5bf067b111e2875dd3d9167e96f1c5b3f20f232dbbec4442ecf475b899c6178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 906314
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"143e-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 679536092
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: SH4WMD4vn4oGXcz0XjO5j9V-u_ogfvElcyvQSZZLVgX-m3kQQZNYVw==

GET
H2 200 f3a7980.js Show response
onedio.com/_nuxt/ Frame 89F6 23 KB
10 KB 96ms
94ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/f3a7980.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: bb3ffb51fc3d56eaeba14b8c1ca19565d05599818497ea43c1ca701e17ce3069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 906343
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"5df7-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 684265198 684003455
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: hBTw7B7IRuQzB28Woy_7iQtD5NqUdxrJScMl8Y0tj2Ogp7QUbokQQA==

GET
H2 200 cf38017.js Show response
onedio.com/_nuxt/ Frame 89F6 95 KB
33 KB 98ms
95ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/cf38017.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 568e73f4e5ff891a68adfceabbac7018a12989540e635365942323cee7b0f87a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-P2
age: 906085
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"17d85-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 683392204
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: Brs1Mu3rd9Ci7chlXsj7urOheMK34i85FVqvrtfkq1MlAUMHnLzcew==

GET
H2 200 dfff877.js Show response
onedio.com/_nuxt/ Frame 89F6 17 KB
6 KB 98ms
96ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/dfff877.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: d19dca040e74cd8fc30291933896f5efb2183715484442e5160e8a5a149426fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 906085
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"4359-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 682900342
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: XY8O4B4WvhJ9OPCKV_F-n81K_ltg1zf2vn5TGPOCS4HXwdElwzG_1Q==

GET
H2 200 8558f81.js Show response
onedio.com/_nuxt/ Frame 89F6 6 KB
3 KB 99ms
97ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/8558f81.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: e8c08b32be0c804ec39bfa769a7a23ab79171928b014e183b90aec02859c5019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 564347
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"199e-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 744309098 742826736
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: M9uQNT4lboFIIPrxkFXBZHK0mwT79dYUcXZUxVulH7qbmS7A6-Jm7g==

GET
H2 200 e6ec54c.js Show response
onedio.com/_nuxt/ Frame 89F6 102 KB
24 KB 99ms
97ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/e6ec54c.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 906689198d18ef241996366383efbd6bacd658fd71406049e6dbd5a38895424b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 564347
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"1965f-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 740390151 743071067
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: CS4p9NQ8MBSHrFLrQFdnpgoxP_4jI6AjOTOOIdGYleskjJN1VzZaEQ==

GET
H2 200 9d5bc48.js Show response
onedio.com/_nuxt/ Frame 89F6 68 KB
21 KB 100ms
98ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/9d5bc48.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 1e23091d05fedcc8b4984193c46b9bcdf59f03a5df63990137d4cc5b2e366ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-P2
age: 906314
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"111a4-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 679536076
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 1ZUgJ-8riP3f2DsQxM24MSdg7yhHHnDU-sjSg1LDPwnUxfRBl97T_Q==

GET
H2 200 3e6557f.js Show response
onedio.com/_nuxt/ Frame 89F6 15 KB
5 KB 101ms
99ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/3e6557f.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: f35bb208aad1cf9096b29ad0f89f891f4446f6d7e69618d6d032604f9bd27208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 906358
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"3d1a-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 682834570 683943092
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 5m31U7cxhRNFgooQT41poitC-PCf2wTM7vR1kjyzbsMFxX5LdiG-ig==

GET
H2 200 9459693.js Show response
onedio.com/_nuxt/ Frame 89F6 1 KB
1020 B 101ms
99ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/9459693.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: ac502088daf7b9e78258dfbbd2e0e809ca66c08513607d1814cb6f092bac1ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 906343
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"456-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 713433770
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: idQl3CVZhiAwVtYvrxfOjkZvAeWPsZ3MqZ3foVUnNabuDg3RiOobew==

GET
H2 200 254a38e.js Show response
onedio.com/_nuxt/ Frame 89F6 14 KB
5 KB 102ms
100ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/254a38e.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 869930390522ace791b79ef5f83ecbaca7e619e0fe8e40c9a0f1b37b4174f57b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 564347
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"37ae-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 740390181
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 7O-8l5wtXNhd5IY2YPgbFEb6i1fQaAW3NAckKcblkbNzMBFUPCL5WA==

GET
H2 200 93a9bfb.js Show response
onedio.com/_nuxt/ Frame 89F6 33 KB
7 KB 102ms
100ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/93a9bfb.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: dc24629ff95d21d65ec3ea91be7f037fd59f694a218fe9d4bada1ddef05fbb4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 412189
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 01 Jun 2023 07:29:37 GMT
server: MerlinCDN
etag: W/"8217-18875dcaee8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 720068855
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: Gaff6sr_TrKm1d5iDpQFjh854TfPrHlB1GOQmjPHRgoM5XkThdcJHQ==

GET
H2 200 dd1cad6.js Show response
onedio.com/_nuxt/ Frame 89F6 2 KB
1 KB 102ms
101ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/dd1cad6.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 45884c00a9b638d52f6cd0b22b3ad6bcacf6e727b6e83d9390ed16a5c0d1fd79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 564347
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"87b-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 743071168
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: PDEq2tD3e_EUBG_DILrhK1T9_jRTfDC1NbrqmNYLEqYHdqnaAPE4cg==

GET
H2 200 4aa7bd1.js Show response
onedio.com/_nuxt/ Frame 89F6 1 KB
1 KB 103ms
101ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/4aa7bd1.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: ee193f3fbcab1daf0584e6e6f8ba661fb5be4812280d635a439b0c10664f1839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: HAM50-P1
age: 564279
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"4e6-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 714057097 714739022
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: gzIYSIpxumSJYOAL9gxwvWe9iDVN_WhGFdyfQuHzkUU2r8S_8ZPeSg==

GET
H2 200 72baecf.js Show response
onedio.com/_nuxt/ Frame 89F6 8 KB
3 KB 103ms
102ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/72baecf.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: a9995395bf24161ca74c6155395eb9f8f6c62bda4015030125647e9471942e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 564279
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"1f41-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 713828667
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: uU0-Si7tp2M82xF3_V-mhMD7IO6U6SEIirqeoXl6Y0WlDjTYrNb2YQ==

GET
H2 200 672a56a.js Show response
onedio.com/_nuxt/ Frame 89F6 559 B
799 B 104ms
102ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/672a56a.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 0d54fd601aa07edc6f327638d8e60abe8d98db96a590b05f287af7f3dbf1cdbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 564279
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"22f-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 735307849
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: kIp75rznAYlV2lAe9fUEdI4dmOZnDsMiOU2gbTX69QL2RMZWYllu7w==

GET
H2 200 b9d452f.js Show response
onedio.com/_nuxt/ Frame 89F6 4 KB
2 KB 104ms
103ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/b9d452f.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: a60956365a6a6311ee46c7086f4f9ed805a7b4666b11f38f7d92ec4fa453543d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: HAM50-P1
age: 564279
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"1146-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 743282893 738663718
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: nhOlZfPhSRN4pqfQaKuw-zE7Te1okXe4GNB4bnqV7IrP3V_nYCg7Ew==

GET
H2 200 47f13ff.js Show response
onedio.com/_nuxt/ Frame 89F6 31 KB
9 KB 104ms
103ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/47f13ff.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 4a0101e8babb477e69a0a018919b7124102ef84bd46bd51c1af97bd56fe06141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 906085
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"7a3a-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 683392242
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: ZE1XpY8eI2JSuW-RGa8UHZhjPmItck6jKZYZ3InOcEVW9cLm2aCrzQ==

GET
H2 200 3849698.js Show response
onedio.com/_nuxt/ Frame 89F6 2 KB
1 KB 105ms
104ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/3849698.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 0056bc13c2920133603b6bcbbaa252a8adb38251388ecefe5a7ccd05b2b39ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 564279
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"71c-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 715391216
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: ZaGYcqq7fuoJ-SHATzj_K0ltaw_tsjW3rRt4pOYsX7qlgwznVXDo5g==

GET
H2 200 faa4793.js Show response
onedio.com/_nuxt/ Frame 89F6 6 KB
2 KB 106ms
105ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/faa4793.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 63d5873b4e52d074791d9c3902e91e2b742f2588df93469aca4bafc8f06525f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 564279
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"161e-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 731281883
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: nBYnC0h_czkX5xX-qdpeYhuWu_UBOm30XePrK6de0T2MFOUmQOVXPQ==

GET
H2 200 d5204a7.js Show response
onedio.com/_nuxt/ Frame 89F6 3 KB
2 KB 106ms
105ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/d5204a7.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 329fca3d8ee333b8541f4f893d62d9f644917ca3efb585985dbea543e7ecfb84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: HAM50-P1
age: 564347
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"cd0-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 712506669 714317388
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: JsTRg-F43uPxyxyNn0F658SHUeeghhbBwuMByGvdjr6G1Dqh625zyw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 89F6 325 KB
104 KB 99ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71e6e5d40b1ffb1785865f7e717587b63172e606f2ceb045b045543dee4ba8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106159
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jun 2023 02:06:23 GMT

GET
H2 200 s-4de8fff2b24096cdd84cee5c1967660d9a1ee555.jpg
img-s3.onedio.com/id-6124df1c620bb90314d7c362/rev-0/w-50/f-jpg/ Frame 89F6 920 B
1 KB 74ms
52ms Image
image/webp 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s3.onedio.com/id-6124df1c620bb90314d7c362/rev-0/w-50/f-jpg/s-4de8fff2b24096cdd84cee5c1967660d9a1ee555.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN / Express
Resource Hash: be77d7730a869cb3e7f47175ccef5a7e92c95cde385080e283003379153e497b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: DUS51-P1
age: 2192921
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: de-fra-dp-s02
content-length: 920
server: MerlinCDN
etag: W/"5a9-uJK5dDmbFbimVLs+jsrQSErI2lM"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kXxDtMMcEu9EdBBw0caV_AypivjgmMLWoiLH-RHzedPlsxsmLczY3w==

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/ Frame 89F6
Redirect Chain

https://graph.facebook.com/10221116671685687/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1688609183&hash=AeTDO2zYGOhEDuNauMY

12 KB
12 KB

182ms
176ms

Image
image/jpeg

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1688609183&hash=AeTDO2zYGOhEDuNauMY
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3ffee9c0bd9411def1f88e476cfc072629841a536edc0abf2927b35ebcaff4d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum: 2656044498
date: Tue, 06 Jun 2023 02:06:24 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 22 Feb 2022 13:27:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=217840935
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2401581218
content-disposition: attachment
accept-ranges: bytes
content-length: 12616

Redirect headers

strict-transport-security: max-age=15552000; preload
date: Tue, 06 Jun 2023 02:06:23 GMT
x-fb-rev: 1007620760
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3wF/E/bBAzi0dHRcmFcwbm1Lh8YwD/XnOGmCF9Km977ncraBCdPWnWTVFX2GHU3lF8GCzQZGvm+B3Bja0vZ/8A==
x-fb-trace-id: FgQvROqz3iy
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1688609183&hash=AeTDO2zYGOhEDuNauMY
access-control-allow-origin: *
x-fb-request-id: Acw_fyd9OWzdvnzXuWQo56-
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v10.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 s-2e6293689f5819cdc9c3beec4ca39eff0df32be0.jpg
img-s3.onedio.com/id-5b364aabf7db665011c756d5/rev-0/w-100/f-jpg/ Frame 89F6 2 KB
2 KB 73ms
52ms Image
image/webp 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s3.onedio.com/id-5b364aabf7db665011c756d5/rev-0/w-100/f-jpg/s-2e6293689f5819cdc9c3beec4ca39eff0df32be0.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN / Express
Resource Hash: 23c27462d7e512fbd1583c6312b51890b453fd8f48650da405e50bb84ba10c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P2
age: 1385661
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: de-fra-lea-s01
content-length: 1858
server: MerlinCDN
etag: W/"d23-mLbSSycwTXB0Qa6QgzrQY4pim+E"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TKh1NjX-nE4acMLQpWtgP_PIv4F63PL0hfqwCJF8okuYYKkyIOUj_w==

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/ Frame 89F6
Redirect Chain

https://graph.facebook.com/10204851241823419/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1688609183&hash=AeQEZ7Cx1MEqDm4spAU

11 KB
11 KB

134ms
85ms

Image
image/jpeg

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1688609183&hash=AeQEZ7Cx1MEqDm4spAU
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ca6445fe2a60e5dbc1e6d30032a038752d6cce4ecf48b49d328378c07e4ad584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum: 1761711066
date: Tue, 06 Jun 2023 02:06:24 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 23 Mar 2023 12:33:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1739259846
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1377588197
content-disposition: attachment
accept-ranges: bytes
content-length: 11412

Redirect headers

strict-transport-security: max-age=15552000; preload
date: Tue, 06 Jun 2023 02:06:23 GMT
x-fb-rev: 1007620760
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 5k8y94+V0SbYOUgquR8bz/vGAJw924jaG5HBM5u1AkkzvP0IHPr1IpBm83+6kANSQpCZm2Wem/0Wx69x8Nw0Rg==
x-fb-trace-id: EQlNRSBrlSA
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1688609183&hash=AeQEZ7Cx1MEqDm4spAU
access-control-allow-origin: *
x-fb-request-id: Ad_nDckK8Kt3WvKsK_xRBmL
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v10.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6f9eb6679895942cc2ab54858310142dba24a5e794a859cfbe9954f3c8905568.svg
srv-cdn.onedio.com/store/ Frame 89F6 9 KB
5 KB 120ms
37ms Image
image/svg+xml 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/6f9eb6679895942cc2ab54858310142dba24a5e794a859cfbe9954f3c8905568.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 300cebb7385554067020de3ea474625004ca74f5c6548d0fa274a40125464d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 c3d1477c634662ea1ca1ebf806ec9630.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: OTP50-C1
age: 906312
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"256b-AL0OuvrGs8FYdq25TLF+tCfUvFg"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d2d1886db80368c-FRA
x-amz-cf-id: Q_vIMrmZBOiMllossv291xP5NFmAx0PeMA0NMddxegSHP6Bu8iS-1Q==

GET
H2 200 254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png
srv-cdn.onedio.com/store/ Frame 89F6 986 B
1 KB 126ms
44ms Image
image/webp 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4445041a5221550830f31fa42e138f881676a468e4fedb939c1e0ab0a07eae17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 f4d51e15043614df5b1100d2964816a8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 906055
cf-polished: origFmt=png, origSize=1953
x-powered-by: Express
x-cache: Miss from cloudfront
content-disposition: inline; filename="254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.webp"
content-length: 986
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"7a1-sa6tAltsWoc5wA5UpY0Z1rF27aQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d2d1886db81368c-FRA
x-amz-cf-id: oZVOcdfsCatlRdbJ5ZYU_KOPUQVrqz-66D2Iso3oPhGQGLPMtO0uZg==

GET
H2 200 5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg
srv-cdn.onedio.com/store/ Frame 89F6 5 KB
2 KB 122ms
39ms Image
image/svg+xml 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c28e62ec408f34ca18b76298f690009e78700af3010365f6a6e7226e924416e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 69bd99223bbe7be5d36f0fa13d71bf84.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 906055
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"1567-Gf2hzU325PtbOomKigrNqYY2reY"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d2d1886db82368c-FRA
x-amz-cf-id: H4VgMESF_hMswHIa22XLp9IYz4PBiC1BHoitruNOIdm65LC_YMGxkA==

GET
H2 200 6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png
srv-cdn.onedio.com/store/ Frame 89F6 878 B
1 KB 137ms
54ms Image
image/webp 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 36de549fa81b509bf426b8c57b5842e2857f1ac66456c567d552ac5a890dcd85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 6f5ac69c39e434663876b6bbf4ccb97e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: OTP50-C1
age: 906055
cf-polished: origFmt=png, origSize=1902
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.webp"
content-length: 878
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"76e-8ctQNEopR+fZIMwoSznLo2H5szA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d2d1886fb92368c-FRA
x-amz-cf-id: rvhaUnCsivDMeQ8p2_PNXqIRcQsktz2D-6KRF1gDfn0veKcYqqy8hg==

GET
H2 200 18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg
srv-cdn.onedio.com/store/ Frame 89F6 12 KB
5 KB 118ms
36ms Image
image/svg+xml 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 39dce9bed1229c0ea63b578fa41d43deedadad5a254d1c109a6b9befab766f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 7d1d59e1d7c17682b3d50dee49f3f96c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 906055
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"2f8e-DhNaZwN/38b45yAT1OpnoNY30CE"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d2d1886db83368c-FRA
x-amz-cf-id: nSF_u2JRnPs8WCq4G3lcouZQ-UgPFETltECk3KZ3Ss0SUtnTCQgVuA==

GET
H2 200 cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png
srv-cdn.onedio.com/store/ Frame 89F6 814 B
1 KB 89ms
35ms Image
image/webp 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 15726d6a6db473c829365e69e31d4e97604cd5cafe876d8597b3fbc869719b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 c3e62b5fb62dc34600994deeae6bb470.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 906055
cf-polished: origFmt=png, origSize=1578
x-powered-by: Express
x-cache: Miss from cloudfront
content-disposition: inline; filename="cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.webp"
content-length: 814
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"62a-Thg0vcfkZSwukYv6/Pk6DHGPLVU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d2d1886db84368c-FRA
x-amz-cf-id: FnoDZ0iaTQE61vEUKQyOuQ4SWJyO0ab7aIw5tPubgCfJYlAodvJc6w==

GET
H2 200 76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp
srv-cdn.onedio.com/store/ Frame 89F6 4 KB
5 KB 59ms
34ms Image
image/webp 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 944089b44ec5f876426cd30b5cd76e18a09d4178aa06f2acea7b50f9fd61e67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 77c9518ff58162b5acfe6c69f9a24ec8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 906055
x-powered-by: Express
x-cache: Miss from cloudfront
content-length: 4338
server: cloudflare
etag: W/"10f2-SvE1aR+U5T/v7oqvI4RKhTf5zFU"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d2d1886db7f368c-FRA
x-amz-cf-id: Me1jlPoJ7Hgg-1WlYW2y8jppRWepIW6yUqG2dJBtUornccNQD9eU1w==

GET
H2 200 a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png
srv-cdn.onedio.com/store/ Frame 89F6 2 KB
2 KB 62ms
38ms Image
image/webp 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dba49107edbd020f83668ba1c661b3d240621d37c01a6d3d4a8078300b9a4069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 d1059a03249ee23f5bc6527edaec7ed2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: BUD50-C1
age: 1085657
cf-polished: origFmt=png, origSize=4862
x-powered-by: Express
x-cache: Miss from cloudfront
content-disposition: inline; filename="a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.webp"
content-length: 2182
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"12fe-uBEf34GH694nTuxfI9tSHWFjr0Q"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d2d1886db7d368c-FRA
x-amz-cf-id: sTTnunzoOYurgFweRwZ1dRlUnTpCSUwfm9ebYSSmodsMUQkqKCNNYw==

GET
H2 200 f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png
srv-cdn.onedio.com/store/ Frame 89F6 3 KB
4 KB 63ms
39ms Image
image/webp 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 55fe4e70c417bb19b37d1824c282a9ec1804103d00436f3236c173a51a2f85b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: 1.1 6f35c519b101df1a1b9031120a6b276c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: OTP50-C1
age: 906055
cf-polished: origFmt=png, origSize=4340
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.webp"
content-length: 3480
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"10f4-gsbWFHWJPHVpHvoITTXJalPjJ6s"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d2d1886db7c368c-FRA
x-amz-cf-id: ToPscPXs8xoLj-NqdeCgRhtiU58DUZxuVFQbZ-MsJFk1KbDYfmDHRA==

GET
H2 200 s-6733f109504dec046a91ea51d989d1bef076ae35.jpg
img-s1.onedio.com/id-617049563479d0fc41763e90/rev-0/w-1200/h-800/f-jpg/ Frame 89F6 21 KB
21 KB 39ms
21ms Image
image/webp 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s1.onedio.com/id-617049563479d0fc41763e90/rev-0/w-1200/h-800/f-jpg/s-6733f109504dec046a91ea51d989d1bef076ae35.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN / Express
Resource Hash: c5c82cdaaf712ef3f60673aa1b1bbf882b328152bceb8ec69ba3814d33893802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: PMO50-C1
age: 354340
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: tr-ist-shy-s01
content-length: 21540
server: MerlinCDN
etag: W/"c43b-zUgjIWOquD0x3TVFmWyFKRDLisc"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jbGPLjolAVoVxVwcUrr9udzAq7Bwak6Qdu2q48Mm3HNNm7gDygt-ww==

GET
H2 200 a866ec0.js Show response
onedio.com/_nuxt/ Frame 89F6 5 KB
2 KB 21ms
21ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/a866ec0.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/48e10af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 6f51cb8afe19a4f45f3aa5e6f69364c423657b1eda95bcc68f4558c96d69ddf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 564316
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"1486-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 744760688 744142602
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: HY5RAl2ez5PqFalLtmBpQVLT5zI8cwIDycnMupcldbTHrB7-dgev6A==

GET
H2 200 21c8d44.js Show response
onedio.com/_nuxt/ Frame 89F6 1 KB
1 KB 21ms
21ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/21c8d44.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/48e10af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: bb3be51e62f2436e091b3efa33c5219773903979ef34100713f832c12e6633b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-P2
age: 906082
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"444-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 681666670
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: vItvmI3AuEVlfVAOyIDW5tC-OPZKsQ-PAMhwwdQ_8HYGD8f2eM8kHQ==

GET
H2 200 tag Show response
a.teads.tv/page/118539/ Frame 89F6 752 B
802 B 126ms
50ms Script
application/javascript 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/118539/tag
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 887a3a4f200a899e84097749a9412f749c61744b76f287de50a76cb532308166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 469
expires: Tue, 06 Jun 2023 03:06:24 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ Frame 89F6 11 KB
4 KB 98ms
22ms Script
text/javascript 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 7M143009WAXN3Q25
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=

GET
H2 200 status Show response
event-collector.analytics.onedio.com/ Frame 89F6 52 B
241 B 92ms
25ms Fetch
application/json 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/status
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/9d6c279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 56639c53fbc08d334e0001abb9cb4724cb57cb476150d64d7fc1211570d2bed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"34-LvmAuf9zCrGFmWivWzjtCzRpG+o"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52

GET
H2 200 33c1330.js Show response
onedio.com/_nuxt/ Frame 89F6 141 KB
42 KB 25ms
25ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/33c1330.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/48e10af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 58c38e7517bf0e9345f24130c340442c8bee366ff6220bd1ab1415d757d241d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 564347
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"235da-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 745604821 742866100
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: T5D-pF3w0Cb9TPBSd_SSzeqRkcYB_sQyOohtSKK_-A9uOezQWyfthg==

GET
H2 200 hit Show response
services.onedio.com/prod/counters/ Frame 89F6 105 B
377 B 195ms
132ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.onedio.com/prod/counters/hit?key=article%3A61704b2b6e8a878b642c2aa3&referrer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51288e6605a34673f02bc455dbc96bddd1c4893f506f85b1ed74b06dd7f198a

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cf-ray: 7d2d18892f4130d6-FRA
apigw-requestid: GEwpFgejjoEEPNA=

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/onedio/ Frame 89F6 730 KB
58 KB 80ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/3849698.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52e0a6998548d6b1b01a6a4a60eb6314d5ef04022eb200ae5d5a02b59acd159d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: 6MkHM2.whn_u.MRtYYDeDidrJWsxZjHx
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Jun 2023 02:06:24 GMT
x-amz-request-id: 89W1RHBMR01MHM20
age: 27
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 58932
x-amz-id-2: 7OOfJKsJs2IDGltPf9MIMIphbG4gCfu3mNBp1ZJ9USABPB/Dtx41qbsULnky3vMfk9fSVgaUOII=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 13:06:49 GMT
server: AmazonS3
x-timer: S1686017184.247648,VS0,VE1
etag: "78b7446b8966ef4c3b475e73f7a5f9a7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 0f9a25d.js Show response
onedio.com/_nuxt/ Frame 89F6 43 KB
9 KB 21ms
21ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/0f9a25d.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/48e10af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: cb3c4c0b69349543c69be213f9b261cdbb3e09d801a90c5d2263e6cac07261c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 564338
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Tue, 30 May 2023 13:13:20 GMT
server: MerlinCDN
etag: W/"adfb-1886ccaa580"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 705068631 713314228
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: Cqga-d85p2vv72YG6CNt2BlW2OFTlmzpP9BBnzPHK5JfrzGSrUYiUQ==

GET
H2

200

/
dmp.adform.net/dmp/profile/ Frame 89F6
Redirect Chain

https://dmp.adform.net/dmp/profile/?pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1686017184181
https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1686017184181

35 B
230 B

38ms
38ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1686017184181

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

Redirect headers

location: https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1686017184181
date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0

GET
H2 200 recommendations Show response
recommendation-api.analytics.onedio.com/api/v1/ Frame 89F6 84 B
272 B 100ms
28ms XHR
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/recommendations?placementId=1&scopeId=1&organization=onedio&product=onedio&version=1.0.0&categories=Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F&page=1&limit=9&additionalFields=description%2Cauthor
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e3c5113869fed7cf5fbbb2fb64ba2e5c29fc9043e01e0d3a90b39024e0d0b20c

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"54-mjGPcqtI3tmtCT/QyDHmmCBl1DQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84

GET
H2 200 breaking-news Show response
api-onedio-production.onedio.com/v3.5/browse/ Frame 89F6 11 KB
4 KB 149ms
86ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/browse/breaking-news
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a947f88a7db682f66064f0e4cd1a3daf98f78e9145893a6d935071aa0ee21d

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 1ms
date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7d2d1889ec909000-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 89F6 2 KB
1 KB 80ms
22ms XHR
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230606

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25f3a1864ce02467f793769b7ed5315724faf63efe0d09a68fbfac1e7bf822bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Jun 2023 02:06:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 36336
x-jsd-version: 1.0.1712
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 841
x-served-by: cache-fra-etou8220118-FRA
x-jsd-version-type: version
etag: W/"642-4BEX+jJsdaDp2SpNVKF+KIMoCLY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ Frame 89F6 136 B
540 B 81ms
25ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

0322b00cb6bad591b726254678daf5a09db33b9f34db5fe69dbd4ae2095d2929

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ Frame 89F6 406 KB
126 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55084
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128351
x-xss-protection: 0
server: cafe
etag: 10410007902637205610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 10:48:20 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 89F6 43 B
365 B 35ms
34ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 31 May 2024 02:06:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 89F6 43 B
365 B 36ms
36ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 31 May 2024 02:06:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 89F6 119 KB
46 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26809107-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ec64a3732de734ca282a376b0b8048f50d246accf0d1367755166d08a5aef96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47325
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jun 2023 02:06:24 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 89F6 195 KB
64 KB 103ms
37ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PGQP2CC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0c330d0c4c97738afe87556fff6b2a3c644b91dbea8d9f86bd206f3d792e84c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 02:06:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 89F6 51 KB
21 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 01:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 06 Jun 2023 03:04:48 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 89F6 201 KB
72 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-7NQXL6GR3D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17933b47c80ca2931eed5507e2ea12a2005dba781ac2d69f91f413e1377734fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 02:06:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 89F6 106 KB
28 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Jun 2023 02:06:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bPUMtP820+CD5yqfmbYZBdjz4/zQqOjkXQERd6a32hzM/YeJZ3yZ/zIRBobKs6GzNX1hR+6HJxl7BGt4DFsaKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

adformat.js Show response
s2.adform.net/banners/scripts/audiencetag/ Frame 89F6
Redirect Chain

https://dmp.adform.net/audiencetag/adformat.js
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

7 KB
3 KB

191ms
41ms

Script
application/javascript

37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 422f44f37be3ad1dc211805c2f45188eb4a74e2bb9b6e4afe2379c8f0c239008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: gzip
last-modified: Fri, 19 May 2023 06:39:14 GMT
server: nginx
x-amz-request-id: tx000000e974a7822d73f4d-0064671b3f-32950a49-default
etag: W/"2a3ea2bbef52aa72db12b0bc03214445"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 89F6 264 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1034ccaed1f9dbb4c6c0d3895ee792b931e539ecad7d3e0491632dd4df068c65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 89F6 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c85ff0d2c0dba739701435b4ecd7ff4c4139528bef936a19f28ac4ac7cd26065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 89F6 33 B
397 B 71ms
21ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

08892af5a00aaf36bb2c095f4ae4758db3a72fb1aa1f15099ba5e6af0d9ac1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Tue, 06 Jun 2023 02:06:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ Frame 89F6 604 KB
132 KB 21ms
21ms Script
text/javascript 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/118539/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ac8f497789bafbe7a737ce673f789a3d7fea3b30efe9249424ffc0aaba6bce47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
last-modified: Mon, 05 Jun 2023 15:06:31 GMT
x-amz-request-id: NKN7XKYEGZMF9BFP
etag: "e6842314a5d6134c07ace3a2ed603ba6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 0
accept-ranges: bytes
content-length: 134979
x-amz-id-2: LbRYoN8773DKO6i10h4ACKF2pOwWwZ+/DC2Tky+MChwNwBEiZ+coXa/CFIf8Q7QO7Kfiix2CDyE=
expires: Tue, 06 Jun 2023 02:36:24 GMT

POST
H2 200 events Show response
event-collector.analytics.onedio.com/ Frame 89F6 32 B
124 B 27ms
27ms Fetch
application/json 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/events
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/9d6c279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash: adda67abf8e0f8731a86e3aefb53b93847656f20799f63d181ae0c9cd2638adb

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"20-LpvOmjUM2g6vtazb7wSJ11MN1rM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

OPTIONS
H2 204 events
event-collector.analytics.onedio.com/ Frame 0
0 26ms
25ms Preflight 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onedio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 06 Jun 2023 02:06:24 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H2 200 interface
s8t.teads.tv/logs/publishers/ Frame 89F6 0
0 217ms
67ms Image
text/plain 2a02:26f0:480:195::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/publishers/interface?%7B%22source%22%3A%22script-analytics-tag%22%2C%22errorMessage%22%3A%22not%20top%20window%22%2C%22exception%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22analyticsTagId%22%3A%22PUB_21080%22%2C%22scriptVersion%22%3A%228480ba3%22%7D
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:195::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame 89F6 17 KB
5 KB 90ms
90ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=530bd809764e7634c69c39c9&page=1&limit=8&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0284c1027d1504097ad8cba603f91a566ecbba1c0cc779c801f85d88238d5ad3

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 2ms
date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7d2d188b4d559000-FRA

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame 89F6 8 KB
3 KB 92ms
92ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=50ce951f28e98bd23f000011&page=1&limit=4&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64b9a94df9e1c50392ba77dff3590239f5caa2b90abc5d0d6d931a4f9f423ddf

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 1ms
date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7d2d188b4d569000-FRA

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame 89F6 11 KB
3 KB 60ms
60ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=5f7c351b57dac2cfc44d7f78&page=1&limit=4&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/a0c28f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c264bcf4752257bbee9a41f984bca38e5dc35a521135b2b42fd68d38f48704d5

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 1ms
date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7d2d188b4d579000-FRA

GET
H2 200 load.js Show response
widget.perfectmarket.com/onedio/ Frame 89F6 3 KB
2 KB 69ms
23ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/onedio/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6c21bbb6b819f7dba5c0b474b64535c13d53512c9c1e402a92b94b424dac95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: edibv5YY0QsddQPLEPWDiAieJ7baIXqS
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:06:24 GMT
x-amz-request-id: 1GK8BCB8JQYYVGHX
age: 241
x-cache: HIT, HIT
content-length: 1314
x-amz-id-2: 60xS424LX5jy84VGad4RSo5MisT+Ms8QSeoCnXtm5LqQiRBo7eub7pKKB44YMLYy3ndE3ZX3FOs=
x-served-by: cache-bur-kbur8200123-BUR, cache-fra-eddf8230093-FRA
last-modified: Fri, 28 Apr 2023 08:20:15 GMT
server: AmazonS3
x-timer: S1686017185.607949,VS0,VE1
etag: "a01bae8d0f5282875463a44413e5a731"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 50450, 1

GET
H2 200 impl.20230604-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 89F6 765 KB
160 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230604-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c3ba075c31642cc901d55e654c19026b22922a0bff9d487cf73831fa9a0b98a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: Dq.Q9EvL5Oe4Pu08r411WqDXvnc..gxS
content-encoding: br
via: 1.1 varnish
date: Tue, 06 Jun 2023 02:06:24 GMT
x-amz-request-id: Q9QT3MBD4GCMGA12
age: 3127
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 163076
x-amz-id-2: vyDNAuW+ah5q3aHnMQtEBdEIl8puZ9wNZe4rn5Cglnxcn9nBI0wyso65FhOM3vTPwJVv4oEBMXI=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Sun, 04 Jun 2023 09:14:17 GMT
server: AmazonS3-br
x-timer: S1686017185.561874,VS0,VE0
etag: "5505e72dbe0f895eb725864031f71bb4"
vary: Accept-Encoding
content-type: application/javascript
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 369

GET
H2 200 status Show response
recommendation-api.analytics.onedio.com/api/v1/ Frame 89F6 91 B
186 B 33ms
33ms Fetch
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/status
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 96c248ed6596a211aebf66eca21eb95634a613c77b3aea467801aea400acb1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"5b-mfr+JSkeyM+9BEELxE6+6OT8+sU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91

POST
H/1.1 200 1291.json Show response
id5-sync.com/g/v2/ Frame 89F6 241 B
645 B 72ms
24ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1291.json

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

79500ea94916f6a2c47673c45b475092a9947a57adfa89d5d547274a124e6be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
191 B 129ms
38ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=58823460498

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
191 B 127ms
38ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=73206436719

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
192 B 125ms
37ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=23301439127

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
191 B 123ms
37ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=38769317171

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 418147985044065 Show response
connect.facebook.net/signals/config/ Frame 89F6 300 KB
86 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/418147985044065?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a7a81bf39c3c7bb66ce695c178feb2f214373a84b269d18d5e6601f34da0121

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Jun 2023 02:06:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88019
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 14FWoAgU6QomLpp4jA+eRcA3SJ9GhZh3jpqxT3cGIyG+t91E/xJ74Gpn3tR/COCQXqXU7tgxb7QTWdECNhs4bQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame 89F6 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Jun 2023 02:35:26 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ Frame 89F6 74 B
435 B 116ms
64ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
191 B 37ms
37ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=63745677040

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 89F6 0
172 B 98ms
32ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Tue, 06 Jun 2023 02:06:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 89F6 0
618 B 175ms
93ms XHR
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://onedio.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 89F6 0
619 B 169ms
88ms XHR
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://onedio.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
191 B 37ms
37ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=86072546591

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 89F6 0
173 B 93ms
31ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Tue, 06 Jun 2023 02:06:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
191 B 37ms
37ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=95003024002

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 89F6 0
172 B 91ms
31ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Tue, 06 Jun 2023 02:06:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 89F6 3 KB
2 KB 167ms
91ms XHR
application/json 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0ff91fa73af9fccd1105f9536bc260e9d8b6cd59adb3120cff5f533ba3783de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 89F6 0
191 B 37ms
37ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=86260710057

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 89F6 0
172 B 133ms
76ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Tue, 06 Jun 2023 02:06:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 89F6 3 KB
2 KB 170ms
97ms XHR
application/json 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

89dda46c7bee1761ffec46d2e82f36b1aad76b17b80d39707d939291adda0f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 events
bidder.criteo.com/csm/ Frame 89F6 0
211 B 37ms
37ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 89F6 43 B
365 B 35ms
35ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 31 May 2024 02:06:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 89F6 43 B
365 B 35ms
34ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 31 May 2024 02:06:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 89F6 107 B
531 B 119ms
32ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=onedio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 89F6 107 B
456 B 93ms
31ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onedio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 596 B
356 B 50ms
49ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=2122297043606714&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Data_Collect&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=511466349&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184789&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=251&adys=5726&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=c92rmmxixkc8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=1100x2&msz=1x-1&fws=256&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eef0332d53bef81595ef7d291e27607049daab5f25eaef986992ac8332076f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 91AA 6 KB
3 KB 109ms
29ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:24 GMT
expires: Wed, 05 Jun 2024 02:06:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame 89F6 0
211 B 37ms
37ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Jun 2023 02:06:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 421 B
213 B 219ms
218ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=3308902525728378&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Sponsored_%C4%B0%C3%A7erikYan%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&adks=2318357959&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184806&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=1029&adys=541&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=g5s31n43gj1e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbf32da7c041012e2d77c453d11e5d9443f4029ef0c0c0a505ddf358651e4e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 183
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 89F6 0
211 B 37ms
37ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 414 B
196 B 186ms
186ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=548125114142712&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Pageskin_Genel_Right&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C140x600&ifi=3&adks=3875572001&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184820&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=1360&adys=376&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=sqys49yhg0qr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x5350&msz=160x-1&fws=768&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

525ea0699cf7747d41a18c7b3fb0c536bd5e8ef49cb286e6d2e80d7102911b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 89F6 0
211 B 37ms
37ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 413 B
196 B 187ms
186ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=1363297030405657&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Pageskin_Genel_Left&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C140x600&ifi=4&adks=2081268503&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184830&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=80&adys=376&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=og70jrhhw18d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x5350&msz=160x-1&fws=768&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d587c2abe4e9efc774b42010e741c14d97183ce2d29d95c1f95a80c59c18817e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 push-notification-platform Show response
recommendation-api.analytics.onedio.com/api/v1/user/ Frame 89F6 69 B
85 B 26ms
25ms Fetch
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/user/push-notification-platform
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: de7713832e8617ed0535afa5ccf9ff63dc6b8bb4512664185a4b9e5d7f1abcc6

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"45-2rSfLWY0Uw0T3cV0z/i/mcLPZVo"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69

OPTIONS
H3 204 push-notification-platform
recommendation-api.analytics.onedio.com/api/v1/user/ Frame 0
0 25ms
24ms Preflight 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/user/push-notification-platform
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onedio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 06 Jun 2023 02:06:24 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H2 200 track
t.teads.tv/ Frame 89F6 23 B
104 B 138ms
54ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=93a83de7-00d2-4ffd-8784-032be88cbe5d&pageId=118539&pid=128615&debug_metadata=Vl8W2DALkJ&fv=1197&ts=1686017184885&f=1&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame 89F6 23 B
134 B 132ms
49ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=93a83de7-00d2-4ffd-8784-032be88cbe5d&pageId=118539&pid=128615&slot=native&fv=1197&ts=1686017184892&f=1&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 sync Show response
gum.criteo.com/ Frame 89F6 46 B
288 B 121ms
38ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230604-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 336130
expires: 60

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ Frame 89F6 3 B
364 B 79ms
29ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 pmk-20220605.8.js Show response
pm-widget.taboola.com/onedio/ Frame 89F6 86 KB
24 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/onedio/pmk-20220605.8.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/onedio/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 077a758c165eced3316ba482308d475ebebfecf3040daacf54558be0db9d19af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: 8RaoF9DwyxjBcgKM6OBDbh1U_YlysD0g
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:06:24 GMT
x-amz-request-id: DZRT7QECK5TNJTN7
age: 3347126
x-cache: HIT, HIT
content-length: 24009
x-amz-id-2: W/o/L7cS+NJrL0Lm/4+OteToJnHPAw9Hcn8dNdc/ZEpZUGAxz6dwRTf+U36cRd1c5m9slPuK6ww=
x-served-by: cache-bur-kbur8200113-BUR, cache-fra-eddf8230094-FRA
last-modified: Fri, 28 Apr 2023 08:20:12 GMT
server: AmazonS3
x-timer: S1686017185.950667,VS0,VE0
etag: "745d9593e177572ec01004762570e98c"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7757, 12971

POST
H2 200 ad Show response
a.teads.tv/page/118539/ Frame 89F6 539 B
701 B 56ms
56ms XHR
application/json 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/118539/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&auctid=93a83de7-00d2-4ffd-8784-032be88cbe5d&formatVersion=1197&env=js-web&netBw=9.7&ttfb=20
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3121ae381725f7036ab25931c12b0a805abe44ed43eb0549e9a19023251101da

Request headers

Accept: application/json; charset=UTF-8
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:24 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://onedio.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Tue, 06 Jun 2023 02:06:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 22 KB
10 KB 233ms
233ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=126593470685727&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikAras%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=3485359229&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184957&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=279&adys=907&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=lyar88j1lqc1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=357x250&msz=300x250&fws=256&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dac5960e7ff1917456862e9d18dd56e336dae0e1467f251e0b17517b6266dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10577
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 57 KB
14 KB 320ms
319ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=3759070952573331&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikAras%C4%B1_TopRight&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=6&adks=3569613027&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D1.00%26hb_adid_adf%3D25f97ff61a265a4%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.00%26hb_adid%3D25f97ff61a265a4%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184967&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=636&adys=907&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=h8iskhj0jtk4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=357x250&msz=300x250&fws=256&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00a7c1d5d09276da3a8a8de89b137f19d9471814e512ad64a1778fb3e55eda96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14385
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 22 KB
10 KB 238ms
237ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=3202343521099158&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2Cmasthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1100x250%7C980x250%7C970x250%7C940x250%7C728x90%7C1100x1&fluid=height&ifi=7&adks=2332837411&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184974&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=250&adys=241&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=833gi9ectee3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=1100x-1&msz=1100x-1&fws=256&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7e3496a6d64fbfb8871820c4d560bbfb2b4ee8f8bee4636a06f0de54e5ffc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10498
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89F6 22 KB
10 KB 264ms
264ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2939887975097746&correlator=3968318890851303&eid=31072020%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikYan%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=8&adks=1969900062&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D1.00%26hb_adid_adf%3D26875aba72fc4b6%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.00%26hb_adid%3D26875aba72fc4b6%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1686017184981&lmt=1686017184&dlt=1686017183569&idt=1027&adxs=1029&adys=1275&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=9iyu0jkcy77w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ga_vid=609016728.1686017185&ga_sid=1686017185&ga_hid=1818974099&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0017d9faef36846d5862d4bff7d44d35281d137249edd129235bd82ea61ebda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10418
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookiesegments Show response
dmp.adform.net/audiencetag/ Frame 89F6 2 B
246 B 42ms
41ms XHR
application/json 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDU0OF0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJkbXBfdXNlcnMiLCJleHAiOjE4MDE3MzQyNDUsIm5iZiI6MTQ4NjM3NDI0NX0.4SMC1tfOK3v649sBGDbZNaTlLE_E9L479UK90GsG6TI

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ Frame 89F6 0
185 B 65ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418147985044065&ev=PageView&dl=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1686017185011&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=30&it=1686017184666&coo=false&rqm=GET

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Jun 2023 02:06:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 89F6 0
31 B 65ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418147985044065&ev=ViewContent&dl=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1686017185012&cd[content_name]=Kredi%20Kart%C4%B1%20Aidat%C4%B1n%C4%B1z%C4%B1%20Geri%20Alabilirsiniz%3A%20Kredi%20Kart%C4%B1%20%C4%B0adesi%20%C4%B0lgili%20Bilmeniz%20Gereken%20Her%20%C5%9Eey&cd[content_category]=Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F%20%3E%20&cd[content_ids]=%5B%221010878%22%5D&cd[content_type]=news&cd[content_editor]=ruready&cd[content_date]=2021-10-23&sw=1600&sh=1200&v=2.9.106&r=stable&ec=1&o=30&it=1686017184666&coo=false&rqm=GET

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Jun 2023 02:06:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 track
t.teads.tv/ Frame 89F6 23 B
134 B 52ms
51ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-browserInfos&fv=1197&ts=1686017185051&env=js-web&auctid=93a83de7-00d2-4ffd-8784-032be88cbe5d&pid=128615&hb_provider=null&f=1&debug_metadata=orientation%3Alandscape-primary%2Cangle%3A0%2ChistoryLength%3A2%2CviewportHeight%3A1200%2CviewportWidth%3A1600%2ChardwareConcurrency%3A4%2CdeviceMemory%3A8%2Cbattery%3A%7B%22level%22%3A1%2C%22charging%22%3Atrue%7D&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9A9E 15 KB
6 KB 41ms
41ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 325870
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 89F6 15 KB
11 KB 97ms
37ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306010101&st=env

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f08b2ac990457ec38f53aec8df2f215fbafcffc4928424dcb03bc2c74cc4254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11374
x-xss-protection: 0

GET
H2 200 bundle.js Show response
tpx.tesseradigital.com/dist/ Frame 89F6 26 KB
26 KB 232ms
44ms Script
application/javascript 35.157.179.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tpx.tesseradigital.com/dist/bundle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4d7a0bfa44fd296b5f01d7ea149625a134d3efd59d66ac6cf6f676954d5d8ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
server: nginx
etag: "6f2498ef32ef6286ba03632b6f97de070d437f60"
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 26573

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9A9E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=onedio.com&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=qBdDH3x3UzNMNXNUeW1PWVNvUzhYWkhKOGlHK2RSd1Ixd2xCdEl6THZCRmNuWE5rNFBNeHlpQ3BiTzVoMGd4RXF2S2tGL3dYakM1UVU0Q3NwdS84ZmlXLy9tcS9idWJUemtONE9PNXFNeDJURXN4MDB1K0F1S1VaYzNVZi...

438 B
659 B

92ms
29ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qBdDH3x3UzNMNXNUeW1PWVNvUzhYWkhKOGlHK2RSd1Ixd2xCdEl6THZCRmNuWE5rNFBNeHlpQ3BiTzVoMGd4RXF2S2tGL3dYakM1UVU0Q3NwdS84ZmlXLy9tcS9idWJUemtONE9PNXFNeDJURXN4MDB1K0F1S1VaYzNVZitOcUlXalFES1FjelF5MEsyZFVCUUhTdm9HemsrRkF2VEtoOVFqajY1SDhSd0tsVVEyZkJsOG9LMExrYUVCMnhsMXBrZSt4OXN3R3kvUmpDdWZXUGRScDdtSTFoa09yRGp3SEVUcFd5S2lMNXk5MEpLVmRjQmRCREoyeFNTK29DMHJqRGx6OVJ2bnQ4KzBBZVFkYVRLQWN5akRQNFA2dnZ0cWVhQ1Q2cmZ3N2NCWlpia0FEMD18&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8a86c0207437792a8da92976d69bbc360afd4623670e669bb4e84cf65d18dd51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1135876
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=qBdDH3x3UzNMNXNUeW1PWVNvUzhYWkhKOGlHK2RSd1Ixd2xCdEl6THZCRmNuWE5rNFBNeHlpQ3BiTzVoMGd4RXF2S2tGL3dYakM1UVU0Q3NwdS84ZmlXLy9tcS9idWJUemtONE9PNXFNeDJURXN4MDB1K0F1S1VaYzNVZitOcUlXalFES1FjelF5MEsyZFVCUUhTdm9HemsrRkF2VEtoOVFqajY1SDhSd0tsVVEyZkJsOG9LMExrYUVCMnhsMXBrZSt4OXN3R3kvUmpDdWZXUGRScDdtSTFoa09yRGp3SEVUcFd5S2lMNXk5MEpLVmRjQmRCREoyeFNTK29DMHJqRGx6OVJ2bnQ4KzBBZVFkYVRLQWN5akRQNFA2dnZ0cWVhQ1Q2cmZ3N2NCWlpia0FEMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 295586
content-length: 0
expires: 0

GET
H2 200 container.html Show response
a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0364 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:24 GMT
expires: Wed, 05 Jun 2024 02:06:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3524 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:24 GMT
expires: Wed, 05 Jun 2024 02:06:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 89F6 17 KB
7 KB 102ms
43ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 32A5 624 B
577 B 87ms
34ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXEekT3OpF0SRCjrN5NSpOgTyS_D-gxfdpaPOOD8l6TjwhnkM5wqQBNlsSVQIh77vukOyc2wttWKt-xgMUSogK_cy8B2EwKZXuJwKLT8OpjpTJ_RbqjdyzS3XlHfMaspxkdvUih4LsMamwGq7Dfuvr-NS7BJaUK6VtTGrR7lpvQ0pCf-8wqYL0LP9xVaQzb6n5-1mVWZDCKQ9GTdKRmPSgC9odtuQ

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0364 78 KB
27 KB 116ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0364 42 B
63 B 109ms
61ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Al3PAPfwbfAwjumULyfWaiS98zaig1yTdaUlcktOI9Y5CzO3nv_TZirmGjMRVVXTmHf-BCUmHZdwEhszOCE4vFi0x6MkOP3FqRUmU4pZxerhh5gB4

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0364 0
20 B 108ms
61ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4206301833863873344&x=1&ct=76

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 0364 3 KB
1 KB 76ms
27ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 17:16:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 0364 19 KB
8 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 12:05:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0364 0
0 80ms
29ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtiOUdO_Bcs9X9M9VV7IhtUwSF8IdDQSsdQ29XMEYNd3PViQKARKYxaxXwk-ASwnym0JPLEMXm7erdkWwnsFjDXT-1EA
Requested by: Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0364 173 KB
55 KB 110ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 200 container.html Show response
a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A3C9 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:24 GMT
expires: Wed, 05 Jun 2024 02:06:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 447C 624 B
285 B 62ms
34ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNUBvbNjlCPa4oRzawFQ5hZsSBpgG8giXmdVrO5U7ThgWrx4k-c8KL9zZqfmVcDNAItkhdIRc4Ho-Amez7GT1BEpJW5ggdW2o9RCVR1RSkFw7aWvBxvmDxcHVVC5afmPPn_t4GkD6_T-I8j2emze6X1gbza9G5PZ1KOBjZ4TPqmtoT7k1sj__UfXYaTP4kGntByKNfYM_ucnnPOufqBC0K2RQZzcSA

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3524 78 KB
27 KB 70ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3524 42 B
63 B 82ms
61ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ac5iLqKiLkxPUNH304oGItt89qGnnP0cCSmHWeYLyrUK8oM6x-cP92z_t0uVtGjxaPMUidy_iHBFlSSMbc8MJRZoMg7e3cU2uIU2fqUPogF6BHJyo

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3524 0
20 B 84ms
61ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14635048039928786972&x=1&ct=76

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 3524 3 KB
1 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 17:16:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 3524 19 KB
8 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 12:05:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3524 0
0 55ms
29ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy6BC3CVD_pq1CTxLPpHC-JzFs-0NYk0lB56CODou-vpADRKydGIsPq5eg8v54KOGbWh16fbsw-mHGKQK4jv9ey44Bsw
Requested by: Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3524 173 KB
54 KB 118ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A576 624 B
285 B 36ms
34ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARihoLXcATAB&v=APEucNVgrBOPT6pBu-rWy8G3aV8Gmu2fvURNr3wcQtTKS_xdDnHtedOQ9-1kqoOWIxpcIsjYV_c7OpCGo87Z7wW9ucTDSTW2ocrRNLp7U2sKgD_U6472V81wYgP7Ti1Ish1nrQMYzO7dLJ9VNMW_GA5ysZB5zsBEfPzfibuCFkaKyNp2jnLM4DEDPfMAatzeKHf8E9mI_XyM

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A3C9 78 KB
27 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C9 42 B
63 B 84ms
83ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2yz88kzDEVDwksT-YtQQvXL2fOU0xU7slKYor717n8XtBGNxs88dyHCK61_VAtqO2cV_CMW1FmL0T6xU6pyZFAWbicqNLyB6vpq57bKFPOL7HiWs

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C9 0
20 B 86ms
85ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2991849046863992014&x=1&ct=76

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame A3C9 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 17:16:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame A3C9 19 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 12:05:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3C9 173 KB
54 KB 98ms
79ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305221508000/ Frame A069 222 KB
61 KB 107ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 02:30:17 GMT
age: 257768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61790
x-xss-protection: 0
server: sffe
etag: "dc39a5ea8e84372b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 02:30:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame A069 15 KB
5 KB 142ms
57ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 04:33:48 GMT
age: 250357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 04:33:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame A069 94 KB
28 KB 149ms
64ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 06:02:30 GMT
age: 245035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 06:02:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame A069 5 KB
2 KB 148ms
63ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 06:37:49 GMT
age: 242916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 06:37:49 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame A069 40 KB
13 KB 145ms
60ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 21:30:23 GMT
age: 275762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 21:30:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A069 5 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&lang=tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 01:06:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A069 5 KB
774 B 81ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 00:42:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A069 3 KB
3 KB 23ms
21ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:49:55 GMT
x-content-type-options: nosniff
server: cafe
age: 22590
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Tue, 06 Jun 2023 19:49:55 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A069 344 B
449 B 24ms
22ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 25356
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 06 Jun 2023 19:03:49 GMT

GET
H2 200 7193897619005018383
s0.2mdn.net/simgad/ Frame A069 334 KB
335 KB 90ms
22ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7193897619005018383

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c1cadf6eabccdb20e7907b3b634d0dd368de752a4b33c3ff8bee224ae4db51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:57:29 GMT
x-content-type-options: nosniff
age: 216536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342512
x-xss-protection: 0
last-modified: Wed, 03 May 2023 10:27:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 13:57:29 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame A069 42 B
173 B 44ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVujZzrXjDxNjwzdDpLzEK3_2OBo7rZLXU2ceJ7CFpP_myqugvwbNphiHTFLG00ftWPu568XllUp1IGttX-uUZDKzMCoChf8aXVyfWJ81z2g5jDg2JbUAbZDVtVOhUw3XXXsqHvAJKG0w2XXJOeuLGi_ybxA&dbm_d=AKAmf-APj9Wub8fP7flwHn6ndL4xzr3CAYwQPzo0Tm029syt3uGEo-6sExFmz-zSiwuJ95Ko3tTq1kPCIye1oD-rc6mJBo_e3EUiz8dPfLlP5Q3uo9Dhm2JpurTgHOSlFzHjxMBieLvSmGDgKk9btsHbBlYKnXl4KCowC1ra4cgzk8aZysJLpVOCQg7xniEIQfBSYk8eCfz0l-mYVDHz8E0HJrsW-bVfrBrhT3OHUMx3_JrsqT1qMBtCVedqoHe4ACp03GqOZaIdLclG9eqRWoReJsZmTHi5pHnhqT72bBbov5luIJcWvheSVDZglKSj_GKmRTG4k9lZHQTcaj1eWQhDqBMKjDd6WnzAu2EB2RPpfyb6pMZpaDlDbEHmfc-5rLdADTSowXKRLbLhkaMZUYYHPKQZCAqPwJwB-ib83OrWiF9RsTGIl36D85Kd06XR7zcFqMs2gPU9XukHNhgyxLOZEdmtFBAM70C0EHLZgmKyKQ8KkJLOltiFyaQNT_hzimvzZSRW6FayVZbyEZ2xAUiQPTCcY7nlvPOJkIf22iq5cfvlV9THF8jlOlyqFWsrlbb7w5LfBsarFsSU3_hwgNc1YXL0Qjpa2tebzJAEN9-td-GuCCoxMOGZ-yyy_Ilyke3wF_6glax-1UOSS2xhKSoxoBQ7UuIghPHh598Hu4fAvA1dyN0zQ_yEC-HMLDS4czqtV7BEb781cazMlOAxI0JYWMFTb-bToKowSRqMyvssKUt5ZmuzWyMv5bqBTvvxQX4Plwy9avf8Nz5o1_HO0zosxxu8Og_JdNT2eVf1Poso-mvPNI73JciBkrJYRTSTk1Fn_-NfIHpicF0plT8oIowEkROD6U47TXbA0kxNIMYr6YbDykSJ4tYflxfd_h8Bld_vwWtlcwTZCdpQps8skkIv-P7IQqGLZ-AUXplIJSpHlMY7HnbR9ot1dbLXZTE4RCWRrs0rB5hc2GVCX_Ui7pd4AR_qhARR-gh42Q9imIYF5nKbQpg-6dYEzREyUeMGjTN6qZUAlrlzpt5tl3Ax7IGXGF0EkyQ8R-b3O3HsDvx8Iah554jd8_UwMQjR5eHuzyGdDNDfXmOgkzpWAW6API9wQ6-S82WMa-P_8DxUoYGnmv8uFJdjozSvX37YruTo9-SFJ0ibTrzPpjIaxd8Gffk32OTX1TXOnbczfSSIZAt8R0cPiZNfsN7qhTdp9XaIsVtLTaC-29GuElsi9VZTvcuO3KS_TH5aSGsWStI_c0uXjx3M-mL_6_8krX4ytIgR9UUcY2658cKfJqVmEV6JEli23sToAnoS361CdMkgaqagEjZZK_aTrIujCkfA4UGYhwJHq5Nrcv3NuikiaPl9y2KdbqHlvqBPITog6I38GQHMj4Za4zGFcXkX4I3d5VjB7LKmv2I2xsnJW5-ZNv1d_FqUZ5xjnyzZxfZxw563nIYz9gULtriGqRpkjLsJmbKyhwX2Zpy1YqJpkm1zU-UlWueT_nrh3BgeJ30MNQJLvfE85DAo0q40b8e17qRY05D-r4BkOabk6bwTQnbcTphI6ZkFgrA8hFUfiYuG0CTtmOcj0aM4zA_PtMg2zp8J5U5kkxFIS7rTaXM1S5_eCec-PTa3FgO3wfiK0HRC6AUuHfLioWScQLotfjwYMT1I2fGbnNjgwaSsWBj_3sQ9vUaFRmp89_5DhyWfMnPShbVF3j2Kz5wD6YPKZonjnrXXUTA7TZtvtJI3n4CnhxYSEox5lONJBXT7o6DBuJSgcQrPdK9fPk1qlGCVLtg-r0Gu19JuQyufTIaM0e16USFlLzJ6XYDOSq0oG9R51DAnUdO2jQ9Cu3aOmTtxPf7_WzBjPe0hXUtC_r1dwGmgeGlAtd9ZX_hMIRjHC6d_ngtyU6aGRDo9tOgel2chI6EReppd2JDzoStAHWBon3BbCfGIxau7jt-ptf62-R4ToVYdyQcp9orOcmVhEKGJHgVlLk9sbxqI019J5MTHanfCJGOcFMTe_-hX7aZDor_uYWazd4XiYbN0F41BishwT-lRR2OhwDsJUtmHfg9y-w3xnYPD4G2Z1u3e4LG4qIvHk1ilN1SF1QIq-15IRZCPAGILhiZ-6L_Gt_oMXd6YzMrkVmJu_p7B6ORXXX_fx7Pjzt-HAz1MSnpEjI1m4jlnHDAXGDUyrgXzWHI5u8po9U-jJ206k68DELOiogYrVlJJj0Dil7bKjy1eW7Ufd0fYhN9uRz7o323mPhrRuBYpsrZvhO8OEbIxxR7_NZnvsxo65HzqqxUtqumfK9RrnQ9B6eSDj5SM86nEtXqj3PVlCJ8dIXVhsrn0LehxMUQ_m__7UR1DFHHDUPDuCDV0E9RuLgn7IDdk-3LBJio1QahFm4cgT5H9yMnRlP7jSVDTQo_Z6lfkzhUvl8PGKNkxj1V91aSjBPM1cOCQ-qYxDfF7kNsrYX4vPoIKjzGnuEzXToPeDfGLspUHNJujZd7n92qAKcdCNQTHv4DChmqHCFIhBst1fgVj0_zKp-NwGsj1HgDDY4Gj-E3iOp2e4A7ajirjzWAxy-btJ9DTkN0PbUyA-z3cyLMBgdTTzE4Sd0I9GsAt5CkE0wCl352etQlJyxRaTky_EzAJmjp_jT86AaoRvx6dTcbOdbeVggr1G0ig67-GR2jkkrTzlfUi_-akXAoSpp2RMVhBIg0MLqsvusz8tiubmddXBjMEjN4HOniSS3eWnYJ_LBowr20keEn0qez4FrTIqWypeoQyM-MhMRLjnH6kQ7B1pDTq3QmwbTn7xVlOm5tZJFZVzdtNblfj2mU1eroiddGl7YmFctkMsp5YTkjpEZAlQ3yz14ntZlwyYzBvCjiqMXKoDObB1cbb5ItTaMdDsv0QwyVip4LaOF6WiL3ihMblG-cliNNLdJUxKvxWHD1JC_xuWSBu4KpMBQUWWuta-jhznOM5t8oaaOyn3Y6EkqQnRtslXYqOgLbjXKqqlxy9Ylh16KuL_svs0kyLhE6eRwp6mpHrgfL7NFWf7kqim-dRp1baoDs86G04LK3DN_j_qyIrTmhIM1I5jNv5I46ggnxlrCqGCiHXmfimX5cITno6FW3atIcwQZGJQtjrUC2rEobcEkHd0AsYzKJPyDMbnkXrY9I4_QxjDqKhUwnCg6IUlzYUlS2KIhFU14Ro8tuxta5jirJMxzjoF55fGchvSoXTQSP5-YObwSsO2wTHUVGJSsj_y6P42WkYzZl7z4kObBhMQQG6QMVQON4WZesTNS5aV81SZnvMbbIJmCUk8jWgxBLvlCOpK7AMQNxITDuSHy4x16HHF8MU4zwx24qbB6wM3mdkR_Xrsc-ukT3PSxvgUQ1gPTsnLllNCf2sfoJACa9SQrJzYeBT5VhCSrd2GcrSAo8_akjEFYvRSqLMcDmgh426HSS9juY8gHHo8Q&cid=CAQSKQBygQiDWT3BTMH4HgAcm65Ddudp8nzoCe_7a_8Js50XmSSbxOYIYvj7GAE&dc_exteid=31101527520387766862841419687328578&dc_pubid=4

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A069 0
0 64ms
63ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs7g8oZR-ZL0gy6yBB4eSr9ACjJvF_m2Vv5L73hCP36K9wAEQASChqsgqYJWC_IGUB6AB06nd-QLIAQapAu_7TD_q-bE-qAMBqgTgAU_Q5eyoK9ufvNisFQnmoJH_gWO8DBZZ1i5WYESaDQVYsfHMiB2Z69ehjrKJWHCvsLNBo4fv_82cFy486CRkck4asvFxb74sFUJfxCh_CRg4pjcfBZJXMVf5uPUwn6Ai_lkpFO9xRzCOgw8i8ET965pq5FzPmXtLpaLGdYtkpm_x707yKU200C6P-KNxe5DL76JjSDUhI3RzFk1BwoP2E-uCjNhEKCF1qdvj4sF2MvH0D4TtTxxKgYUZSUk2MQj9C_O13dARc2nTEmAxAEag8btH2ZDO4e_Y-o6NxJGaOCsjwATPjfuFqATgBAOIBczByeVHkgUGCAMQARgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeV1qKGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEMb_EBjCo9ncAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGwE8umvxPIE77v2uED0BMA2BMNiBQN2BQB0BUBgBcBshceChwIABIUcHViLTM2NTc2OTA3OTAyNTUxMDUYwYAT&sigh=wjUVaoO5hrQ&uach_m=[UACH]&cid=CAQSKQBygQiDWT3BTMH4HgAcm65Ddudp8nzoCe_7a_8Js50XmSSbxOYIYvj7GAE&template_id=509&vt=10
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame A069 0
0 30ms
29ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTN4MZHrFKm00lAp-may2rPKfznwpHZ8swovITdSajPbhaR1ColtxYnrM2FtMSoq4fZ0x3v_yHCy88H7zQNPGJE-sVbkg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A069 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0106b8d9d4a9e893fc65aaa89ac57aefd3a1ca7a257e7fe66d022dca718b514d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 32A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1

43 B
632 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXEekT3OpF0SRCjrN5NSpOgTyS_D-gxfdpaPOOD8l6TjwhnkM5wqQBNlsSVQIh77vukOyc2wttWKt-xgMUSogK_cy8B2EwKZXuJwKLT8OpjpTJ_RbqjdyzS3XlHfMaspxkdvUih4LsMamwGq7Dfuvr-NS7BJaUK6VtTGrR7lpvQ0pCf-8wqYL0LP9xVaQzb6n5-1mVWZDCKQ9GTdKRmPSgC9odtuQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 32A5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH6UoeDdER2x98G1RlSWzgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1

43 B
632 B

26ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXEekT3OpF0SRCjrN5NSpOgTyS_D-gxfdpaPOOD8l6TjwhnkM5wqQBNlsSVQIh77vukOyc2wttWKt-xgMUSogK_cy8B2EwKZXuJwKLT8OpjpTJ_RbqjdyzS3XlHfMaspxkdvUih4LsMamwGq7Dfuvr-NS7BJaUK6VtTGrR7lpvQ0pCf-8wqYL0LP9xVaQzb6n5-1mVWZDCKQ9GTdKRmPSgC9odtuQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 32A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1

43 B
1 KB

36ms
22ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXEekT3OpF0SRCjrN5NSpOgTyS_D-gxfdpaPOOD8l6TjwhnkM5wqQBNlsSVQIh77vukOyc2wttWKt-xgMUSogK_cy8B2EwKZXuJwKLT8OpjpTJ_RbqjdyzS3XlHfMaspxkdvUih4LsMamwGq7Dfuvr-NS7BJaUK6VtTGrR7lpvQ0pCf-8wqYL0LP9xVaQzb6n5-1mVWZDCKQ9GTdKRmPSgC9odtuQ

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
AN-X-Request-Uuid: 1d87809c-44a5-46d3-a4c6-750eb94ad552
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 32A5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

170 B
243 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 06 Jun 2023 02:06:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 858785c6-bd1e-43f6-9b13-3527ad7d1e2a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 447C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1

43 B
632 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNUBvbNjlCPa4oRzawFQ5hZsSBpgG8giXmdVrO5U7ThgWrx4k-c8KL9zZqfmVcDNAItkhdIRc4Ho-Amez7GT1BEpJW5ggdW2o9RCVR1RSkFw7aWvBxvmDxcHVVC5afmPPn_t4GkD6_T-I8j2emze6X1gbza9G5PZ1KOBjZ4TPqmtoT7k1sj__UfXYaTP4kGntByKNfYM_ucnnPOufqBC0K2RQZzcSA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 447C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH6UoeDdER2x98G1RlSWzgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNUBvbNjlCPa4oRzawFQ5hZsSBpgG8giXmdVrO5U7ThgWrx4k-c8KL9zZqfmVcDNAItkhdIRc4Ho-Amez7GT1BEpJW5ggdW2o9RCVR1RSkFw7aWvBxvmDxcHVVC5afmPPn_t4GkD6_T-I8j2emze6X1gbza9G5PZ1KOBjZ4TPqmtoT7k1sj__UfXYaTP4kGntByKNfYM_ucnnPOufqBC0K2RQZzcSA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 447C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1

43 B
1 KB

34ms
21ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNUBvbNjlCPa4oRzawFQ5hZsSBpgG8giXmdVrO5U7ThgWrx4k-c8KL9zZqfmVcDNAItkhdIRc4Ho-Amez7GT1BEpJW5ggdW2o9RCVR1RSkFw7aWvBxvmDxcHVVC5afmPPn_t4GkD6_T-I8j2emze6X1gbza9G5PZ1KOBjZ4TPqmtoT7k1sj__UfXYaTP4kGntByKNfYM_ucnnPOufqBC0K2RQZzcSA

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
AN-X-Request-Uuid: c5c0f44a-01a0-457f-b412-914234cf80f5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 447C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

170 B
232 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 06 Jun 2023 02:06:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7aea3d89-a08c-4665-a9ad-871eace3f88c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A576
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1

43 B
632 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARihoLXcATAB&v=APEucNVgrBOPT6pBu-rWy8G3aV8Gmu2fvURNr3wcQtTKS_xdDnHtedOQ9-1kqoOWIxpcIsjYV_c7OpCGo87Z7wW9ucTDSTW2ocrRNLp7U2sKgD_U6472V81wYgP7Ti1Ish1nrQMYzO7dLJ9VNMW_GA5ysZB5zsBEfPzfibuCFkaKyNp2jnLM4DEDPfMAatzeKHf8E9mI_XyM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A576
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH6UoeDdER2x98G1RlSWzgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1

43 B
632 B

25ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARihoLXcATAB&v=APEucNVgrBOPT6pBu-rWy8G3aV8Gmu2fvURNr3wcQtTKS_xdDnHtedOQ9-1kqoOWIxpcIsjYV_c7OpCGo87Z7wW9ucTDSTW2ocrRNLp7U2sKgD_U6472V81wYgP7Ti1Ish1nrQMYzO7dLJ9VNMW_GA5ysZB5zsBEfPzfibuCFkaKyNp2jnLM4DEDPfMAatzeKHf8E9mI_XyM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFEJKMeOrjbGYNweYM-6ac&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A576
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBHvEXwsLtHXfY6Q2e2tjw0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBHvEXwsLtHXfY6Q2e2tjw0%26google_cver%3D1

43 B
1 KB

22ms
21ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBHvEXwsLtHXfY6Q2e2tjw0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARihoLXcATAB&v=APEucNVgrBOPT6pBu-rWy8G3aV8Gmu2fvURNr3wcQtTKS_xdDnHtedOQ9-1kqoOWIxpcIsjYV_c7OpCGo87Z7wW9ucTDSTW2ocrRNLp7U2sKgD_U6472V81wYgP7Ti1Ish1nrQMYzO7dLJ9VNMW_GA5ysZB5zsBEfPzfibuCFkaKyNp2jnLM4DEDPfMAatzeKHf8E9mI_XyM

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
AN-X-Request-Uuid: 7909cfab-c61d-4399-8175-15c589d66cd6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
AN-X-Request-Uuid: 873642f7-a9ce-4055-98fc-b9dfefce7fe3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBHvEXwsLtHXfY6Q2e2tjw0%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A576
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

170 B
232 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 06 Jun 2023 02:06:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6266a9f9-76a9-48ca-b823-213b1bdd888d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzE2NDE3ODI1NDUzMzk3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87C4 13 KB
5 KB 23ms
20ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 17:16:21 GMT
expires: Tue, 04 Jun 2024 17:16:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 953B 783 B
1000 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e939dd040d5dbb39da8d8b2fb0dd02299d686819a6f694b436734cef4a976766

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IO9nKC55YADgsV1gi1xHog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-IO9nKC55YADgsV1gi1xHog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
expires: Tue, 06 Jun 2023 02:06:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3524 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6825975950228&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3524 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6825975950228&version=m202301230201&ct=76&x=1&cor=14635048039928787000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3524 84 KB
35 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTvY07lQOkvp1tRzZh-GS4llwfDK6db9UXFOugDoVzSXmhWS3EOQe7xZj06cD25CGySh3uClUYv1_VOFHoWNnSQs3r1ffPn2hwNiUHF45T7dSaT7CGNruYn4SeFj00MZTkFbu9OASRQYDFvjGigstgH-4mb40a4qQVoqyUgOHrevN-58o&dbm_d=AKAmf-B6vOAXEWXECOeREqyCdn917EYbCR2hcEz6EwPIO1Tb3PnKQuh9SfgGH1s1dj3yMMyI6kL_dcT_jTkwF8847OwKAginLM9KiOUjI0-fu6HaRMfGutfTMHnQJoszft-4Uzv9HXc7b3nDdUR6U2UBRy0htmT_rE48Nm4o1hB4pUn7_NIbKJoOPKsE62D643qfdVhkCdo35jg06Znfx4cps5KDmnOpRx77Pg9gGln0gE6WTSpwNFdDmRo8H9HBnTzOB1-mCf0tAeyFJDMq6rr4wZJiV6JWyW-mSH9XLaGMqEMNu9_GzZTikBiaUUFUXvuKJXdSu_lmmqjKO1LpFYfVUueXsKlvalXv-X8uqll7sBmgnWYW7yKvbt3KE6iurq19s83k6Mo3xZS4xhyjL_9ral5hQLunaAKHjK7NF4qb7dInYXXnEEUn5z4dH6z5m8YgOGciO-qJw9YFWA4lIq0aaQ8CZ40axQ5w6PAB6pE1TIRZ2Ce_cM3jdgysTBkciNwBfZi4_bpBa3Uj9SQfrYCw95TefqM0E45CqLsBAEVBWNa_0pGPy1jiBijXvCGP1tJo6J-aYlv49u2Aj6CWsXSVZdRhcWShJ-rrKPXfwMbsUEtNEC-js_X86ZPJrO2YYiojqLCcYqvGrsm3vdiI5S9yOAvi4T8gf1Ea5hhm_xEtAGbVJBEFyAw2qRFfYxxpXN40vn552k-6rS4IVknnDx2T8l8rBK0MMFo_oe5EkkFZLqDBZL75x0XZx99_tB6_AsAK3zsTy1Vrv155tSg0FcvITHTRpmAXv8efnVbIgXM786qZYsRqr_dteFKNHcAXzE1TbKpkHlr4HrUORU_vSYrFFMB_B0mD5D6l-zh76hwk1B1SaoXraS4rRn8MTa67psEWDBmLTbxld3nTtzLjod81C478L8nDuGOz9P8hd7g0d1VnXPr3IUKU_4x0X3WY-CVLIOGCq0trowHc4hBqpcIfTtTUh4is2EOiBEAuoI6GuiIsQ3QajWSFF9LHzBd2gg-apEK6iBcaKXK4Depnr2OQlrhM-UE1Im3Cr2nYFDBlOZk5rqarl03a7oXvCAJcOqdY2JaPk5p1mHiaNMlbpToS5o2D0NF0oplq4_bbcmk4H8Zi0DGyjHf9BT7jgZt9CrOUnoGVcnnAmZiaYChKeERN6z0Ww5XqzZa-d0FjHCKF_mOqb8QomAxcLhJFUESnyfUkO1djgSt8GiJDweLNQX4QMLa3Ml-rGguCgPlHky0XYsEimJ7N_JOscUw_SBUL6HVtej7g9u_UVpbvGnwDafXCzurYO5Wt7uKoYbDogI7fzilhAtlOK3d7F3UsKj7awb5akoe23R6jkeIox3vwFS93Azu-YHJfplN7buB75QvThJxbl5VeNO0hWN4Og8GLIy_CZsToPgyvq9fJ2NRXwWWeTcyYyz-91bI4XNUOedTqvl6FwpyqIBK7fTI2hWCoFw0HMcdwa_DqmpfT-4C5xs08IC20KuTQEOnckvq8G3kFY0Q-YQuxrh038Lx-g1qSO1VgSJTVfFR3ogzOA24R4OmG4cwzhGeJ7t3y_4Inf2z669dqmlxd1WbjaTbOxP3U6qP7uVP4UNHcq9x2Tf901wQ9q0AujJUpVCl4ceGWBIqL-BncZE16A0metVlabWr7SVAdLIb_lNd3LLx-DAmW8dZtMUiuO_QMS3geTP_q7jtiTXl7aFKgQvameHWgzYayYt2C4KB1NIzPBV5LCj3viv0BHBgkkLCAjrMht79KzVDdQ7fiMd9oQMW6hdEj0nG7xM-z-8N5Vq8j7hqnnRto_g3NrmBkG-7mn5eXgfkJKAI1c0VFMnog5isWYazrnc8x2TMaQCv48fAF5_wIQASMRby4rqFuhykN-mTX-7dQXZWrlLbcgFET7JQSvsBrTMuTjIfNFXNTFipQ995C0BYQWl-ABA53vJazRVrZUDgzesHYWpkPTkRk91xByWKISOq1lj99mEujkn2tm91BxOh5IXDhRiENyJbrVi01Aj88eL_j9IXiefYIjy_dnHgI05X79ERCRTmXen_dGw1OTF7P6c9uNonTvq9rTZI4O5EZbcnq2Bw1uxhHYUNYfmraGAGvU0_09FT0ROpsbSPN4ZCF2fZIb70GaDSnm-fpHptf5Ut-2vZDGIvg6SnsJOKijKvxewI_py2rgvTObseVIDma2bTUZ8ySkDJGwkpE0kmsAlZxZR5VxoPaRKnnkXr0EJPZpbM6rpkQE8RINBw_vR4KxERi3wA7uTwW4jXPkxS82LQrN-euNlU8e0jryIWIMJSkfw1ine71fE4JKRjkFsHNJtR7HOp5TeD0YyfXod19lYYyol5upN-YxnwX1KZFPp-vE_ZwasgZ4Ban68iJ0CJv67KaJaLeAZ6TzY79zw4dSfHqMqEZNa2H3dfFlhM2FQvgKHCrBjXjUv19s9gPxg1inGVuw2C8F-gzi7HysLAazAB9N9bcvCGWYlVIPbGkoLFHsWs7s5ewlEvzitM95ME5oiSlolBTfi3YlxoRgZghMpeAW2_vPGOc1v5H4fkP9Dmlf1XntHcwpl9K_iN3AfBJ6C96xwGaQ9kva7bPakeMeJxb6kwBuoue0AQHda5xtUgLjhp36_0T-MqqRXeOf4TM8hgzvU1gSXOrvrLJpaSdmampwO3DXa6gaLicUvNOcky3VgZtWkC1sXsFyWwHo6h9wL6TB7weZa3LcWqrO3lDGqWc3Nyq_HKtYIsZJmi2QF9E_dly8_lYXrqIi3aIjtLmdeCdUIwq5vOYz7mv2BykgoXgBZYyX8HnrpWfvsOUSipw5n1mXXxEFNsNsNOYKHwFjwI5ftfDRl6wehfLBWFclc4zTJURdRj27gMdl87tKgdA9-ZSE27YPYdP9rEsh2fGcYNXg2UphhwUapxSowUJVO4naldy_OBTXNN4jwnD4FTgWsmtLdR0nNs3xBjEdDX5fZkb8DNcJ01qSxgVfjlQShjoFnMPwEBS1v-S6Yba8ueVAA6V4P5p4RHst0mf95LRdXFkuxprbcxfxcYrc_lDaEOoZEPAfRxTxyAPmgeWq02p-Eq6ZKmqGYZhI8sG07qz53y_0eavLsvqCL5BPhNwEnt7nTu2KINKN1QyundTR2AxlmUCwlgaC2OWjywUzDd-pyl799okD6Fy8r8SMkHHylAEaELy-dlkWC36yRfzQmIen5s2e0DZ2rcFXfBQeI0xq-8PuNe3gDo9Veop9yiHVFWtJPYJFp4j8AhAw8joIWHg3R1dC5O5Qz0Wmfh-S-djbkpFNsYJqYUiTIanKtAYmsZO2QgwIXn62jXQHEXxXj3iWNeWlS9HLsu-4CrYV6NNtDR9mQFzLdwg5YhRFjogLM98I37eh61fw7qYdSIXN29nR5vtRZiGSYoWDnIQBp2EdfTbxcvRQN67MmDivRbQ6_ONxhA733azaefmwuMkTRxU5RjTwOWNW-Qp&cid=CAQSKQBygQiDUEBG-lDTVksJKISqIJc7M8wgZJnD6fkecBhrL4ToFL8TDQfKGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=14635048039928787000&adk=754613069&idt=82&cac=0&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

864d7e3f9c8737edd2ecede7f9a49ed57106209fe810c315951002677af99795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36005
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0364 0
20 B 58ms
56ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7444227107550&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0364 0
20 B 59ms
57ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7444227107550&version=m202301230201&ct=76&x=1&cor=4206301833863873500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0364 90 KB
36 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpsSQ0zJpfzZB-rgMzaSWgat2dTVK_r6qsSREToUDR-4Ojq3kHMCGOw1bqxnF41X2PxJV0MQcWbO9ae7Qfxk-zHMrLcSefEK1Kpw_LgTQKysKLcJw&cry=1&dbm_d=AKAmf-C2Jq82DEC0QmP9O9MLDQ7Yl_1JyxPDsbytubq6KE0NKTOUJQzC38rVq7mNH3Eg-FODvPPGI_06qflw_8hu02qTU_f7e_cNfxuXxDOGMSUtz3IrXcRi8vUwlA9ESd_D6pzUKRLowb-chXBLKEA7yia4CXbhtAh2g1WFzkJORJYFl0zEGBBZcT2aIF0LrQ86ANliDKJSoajmPDEYnA78OUvjhdROI6vxdKPy8knDZ_rySOt_caU2H75Vsgy3gsAcFd-wpHFDGnHyxOOn1KfsWKsvAfr6HyleGbaGHKBjEQshfcnMAMrsCj_a9z3gEKULZLt3mWtKJic1hq3KsC41m1HsljziK29-DLA4_hP7eVHqIGiv0oSSiLyrKzcPfZgUe2vcb4oAOojZrWYPCrG_m2UQPd4AYBZPOlt-qn0oCu6csNnF5bYA-6sIhGfPcNjRS8INY8c59UN3X5kGQgLYCAr0ieGIkDmnNiFSSU1hPKkdjhkSUfsoHSvLhqadsmWHtAAgrB2DD1uAuDPEOnxOsR7QVS1EPlDtHqWFueJEANsTB530pP8f3lO_r50bD0F4DKHOsuoTleF8hIL2PVYYm0_qEeJTLQgFG5q5k1GHQCPVAP9ih5lUNGjjvHSoto1OpIGJh3ml9uMK4uDNZr1Mm37zy5AAjiS4OnkYyCn_sp7NjapNpUfH5Z27LAvvIJwm9ixEQ761eTUZq3GUaI3qZQLC7fxt53Bh64B86FtntaVAkaGcipKNtg8gOxrHVQli8TKFGmM8VoX_aBrL5eh3kAgt1muA-ZXfzKbxg5h0M4J4ak57MVASQdNItgvNAGYinhDcNEK5ZUkraDJ_247qx9ApD46E0sorwmCTXAudMnFaIDrCNWNIhNOYasYxwdveOAqc1A-KcCfcFOdcs2UIKWAC8TZoLuGUsYlkhHXm_araNNp2FB-iuG8vzqdvhd5fuyRyLsJilpzs5Nmrlf1bQSh9rhN-GAAFquAjxk5HNeEULB7TK6aP-dneO8p3wBUVf--Ss5i3JvWtBZUkOmtuuYNlVTJv_eOV5Wn5V1a5Q7Coe2Cw3Xq7e-4h_nUXZMzHb0B0v4DPl_DlwwG_0DU8fljUXCf8L-3P7BA8mphOX6jArlAB7jsPfw31uXSgeI2ExNLVe2Eulq5vg0ZA5hxlneHn-rqPLthSpU6mUAH3RROmkjWkyTYhn_9eEFUidcHhWHdvKmsamQ7gbzH6dXuJSPAoflG8K3Dw1H_p-Bm0Vn9hQ7mVe9v5EeEFHGxe7eoZWzV78xnrZtrGabu_qqmwPx9RPHSh-6GW0DA_KK4j7V4GOuTqowvAv5OhLLgOYGVIWfJnSPsgfDOEt3epUK24pF_IRqEznG48E3LzwDaAp5JxTWVtGWvqGa1nAxLc9n4WRjpX7p8V0Fan8JQJicKnfo4vIQG5uFO5DMz98Ht8uCrRnNnt7x71GL1zAAyzOKTU63x_vPEVC8LrIkf4MEicgQZJ-OmihA3E9fs-j5Khbxge33ONqsWul0b4fohmzGAlSaqseg9AHIa9LoXIfNai0IbmwS3Y6wQZwXoDYrTJ5d_la2rf3G7T5wSm4-BoijP2LTz16GtsUmKhi-AWx0NSiDKfOhOqxH3cWrUKKR4Me-kUnEgbLjWZ9jThB05K108mvwkLmThSuXbbCNTtu1OBoicYh2pQKKeWmZId0sEWbGSjPDqEvadaw6Vdk18J7XMX0TKXmW-uKdsR-Ve3402M_xke1a1olhBo-LfnEYGbXEObaOpaSFvUzp2IKkWDVlYNRERptrPDXMskOeiK8zqmUO-H3UJTCS8w5Ew8sPpnO-8GW2R5jmeyvNtuSjybNgEgOSdozQozQcIEivcskaqCh6AzF-Z1D7f0l8Z_czI6M_lsBpK2WxKJ3gM3MiDk4g6MdDswPy493VkFbyCeYaCGkbabZtqVSlYDUoG_ZKFuo6dgy3IFGnyzMpplLCixeksbv8dbJz3sdrIk9zpysXGWJdCZxVzhtWHk0yf15JBGd_X-kBekYRal599YcQZaYISGvL63jDN8B3vLGFnwG3q80oC1e2sPZp7nXzw9WwudMROOWA8o6DNMF1Y3kGVPaiQTQXuDLaXerqpPPLxQAyT1fqeeiu5Y23Gofo5fM8e2BsTD8qapGGaKoxwQgQInhXc_xrlaEE3J6J9PFxu1aL3ShMMLMrKIq_z5rgHFF73GfDMz45qLJEXoe5U50y6RVh6VvjaBUTQN2gsqb8qgSIezSXAVtoD4aHKGsxqnMZIevmPmqY80cTszhitzUECTuibTnp1RfNWK-_5b9N0Rh-AbbrvFT7lSRM75Z1PnMrMLiC__FhJ-1iL-uGPeatVWgFux7lx9JC42nlWyk-SGl4oGiJUtkIR7agNQxZKtR_3SGDWfkXd-ByAhqvusiCAVoKEaq7_6Q9TDV9FsACTsfbfVAvuuVOFgKKMrI_gjnP_pcc0NHuaZt40hAc5ZUDwaF6C9CeIhn4IxfeEGhu_8WNCpmTKdo4uq8qEKISwWzOEKIuFBXLSNriyNGme7b9tUbIsUDnSN-FCz1p-6snSDou6bXdT1RhoiE5IodYHIfVBsYPKkPX483s9qE38Hx7cubkgHrhRi8knvBeJOgaFBsXfsohJJB25erV3EO2_KoRy2M1DpsKnVebWYoWfw2YIiT9IpYdQjQRY9e29FtG_hR-vo8ETdlUXZhN-LjbrruLWE0nAD8dR7D7Gp4S1vf3lGqHYDO8rHGGkFnd9xJekLEfjlzXVdN4Kcux0nX5MXckrEXivXWD__aF4z3PjxO630GdvYynjPs9-zQIivTKNEXGIvj_6Opb5vCj45cX6RVNqEQzYxMi0bGyt-W_XlyK2BGxtr-RXGRdju1kbG9HKEvIvjoUbsCoiaucshx4D-lqi9e78NSp9W8gAx08VywWDCFCgRafp-7eNIkYBgBidXEQKoLdDgDBQD7zRQcBSN8srAh1eSvq4IC2zwIP7awwkQQ4pbqRC2FeJMYUvq7gw6zcrZ91M7WElvraM2kbkkcxM6vRm9HMIjU2UkTBfypqSFrcnJS2jU_K6bxWBdWna1zytjanIFGAeyjR5mZXlqUnT0gbB22Gf5yPb4sU4MPcDCirWOjyA6nhk_W_99IsJOprP8G-Q69RmNIFNOgSXvlt2raxRhXClmrQ-XN368okGFEhr_rSZWbbOM98mfCzKuQYQ3JFO1UAAccQYiX5CWo6JyXxJwPfYapLHyxUHHkbdhksIb3AgOWCP1aXuNJoheS1hMJiVpTo0y5VsyJelvHo70iADT7X3pgrIx4yaXMn9Oknic_qyCn6wjMlx-WNnYSXDlezBPtIwAZmmZjtCig5cxp0gmhIc2-q-xYVbdMFASRu0OG7bMLUvJZRv-Pj8Bl0M13Q9X9nyyNKR7oBOiuyaji0Bau20YU_lw2ypzF4zJzi-44JpiKYqoLJTGuo6ntmD24KsVZH1MuXZV6f5K2LGJCjEoCqWj6xhs3O3aiKlds3GvQKmj0IahNRe6TCGFOzA2EkT8dg9zt2D8U3D3RmIUbI4E3gTxRGUfVALnsZTHGMkAix96HRN3fQzk9F2p_DMMnGHSUejEsLWF1U8yRH71fLybste558hDdHKkQPSb8kLQiAA7fWCI&cid=CAQSKQBygQiDfBsyF7KtK3m9odaIzcbc2od1nnDPMHz4WGxDSXvYCbLKgUm6GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=4206301833863873500&adk=3730726249&idt=129&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

119f23ab3158392e08fbd79e8ddd1df7a4ba7cd301152ffd798a7e1c7d0bf1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36860
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C9 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5906382096107&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C9 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5906382096107&version=m202301230201&ct=76&x=1&cor=2991849046863992000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A3C9 90 KB
36 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtRegz3vVKSUm0FcQxCLvhsVOPoLb1vLDDjYJ1YZvwkqLMaxPft0Kw25nD60eSLy-DoBh83cOYa1kbXZ_uFlxCCrggznrhilNrt1Xcb3aIzYCCIwk&cry=1&dbm_d=AKAmf-BUpGMaCBpbBEIakwn6P4dlDIRJccEXI-kvU6oEnZCIIm6hgnyPRsN_K-dz7R_3oqeqd2BzcBRSow-3s2ggcE1mfg_hX66B1bJlOIFyIbrwupJM2KzQhpndaKwO9OmkLL3OI0c6VAtzxR2vFf1YjH3fhMerf84pzyQb_szJc3ImXV-FaDwYefKKE6KK6ZHKNvZLcF_Xomb3i2na9PVri2NWdYgBVPeiO39xeuiLnjdY5oOfNMcKfmY_no5cRsodpGPKcWpewnJ0xbAECCVl-KauzOsk1TFFERh5y92ccJwGszIgCegEJ4XqYkOgQMO1hMyvPy8Qyje5pDBlVs4Aq9bpZZhiIsJ_tn8fC8CbZbGuvSpF5I9nUb73M-S3FAyI8PBQI9oQuoNi_3216DiUBlnlLEyi39NwBZebP5U6lcoZ_PE7e8cvAqJft6giK2CZM1gQ70kMdr4jeJFI_xtdzbfgCSCBZElwZjzAr6XTpBR_kIiKVfRrGl9MGPPmzbKZYSErjH5XdLB9TiUHoEVzvAj_np_5oJcBgUz8xmNLwwg1RFkoHtN1B6AxYQco3gdJXQQvRy3TGFgSW-z-2dy22gcHK6cbwh774JOIYrNuetc6JQsLPBDRo3pjRiLwOu1Spc-VmjZqe17HlGmAfb7mH5EX2e9Lxd10dnT1ymL5e3Zxj0TF-nK1uaxKYy3K3estRtarewqIXlJwsD3TfH3ciq6M_ansEHEQFBnNE94yaQL3x71Re-jhYnJPJQUKYACRLqHvKtDXLjtmL0V-Vu3UJV_5zvQL4owZ5cieJEkpklhFb0xVqWFElqAeJpKjRf2Cxjjpa-pxdKw8fNdAfIbmv_3ACzxAP-XkGayl3wNm-sbyBbI9VOhyv2kKp5FwmzJp_YKs7aE-NvnFwkF2ZHx4KJ5Z96Pvk8o34A7HArJWrDDTdRugzJRM3rzXorvCKwbWJpEC29ZNGwg3CbLbpABMp0v-_Kzkvc53XfoP2To9yDz4h3U4HaA5jk_wPfRqQpWg4bMGrUrgsqXLhA99mX32ILAFfBVizNEgqi_MvvXczZDx-WrqueW-deo5b3n2vu8KjxcEAkk05bEAd0MFZIewyqXj4LtPNn4E0hCz4j58re12aHA_94uXT2WmuNQUADtSFnFxeCLf-21OTKtuFJsUN6SqJeZuzwix9wnZeTwtowutxpVr9d02tDa8LTTsVB0QJI0Dr3AjX7xW0fnLUxfo1Q9mC2j7RsOeZIOFA5wDEPLZmVGxVBsvIS3ljEGq5W2angIrIEZcLREdmEMMibZ6_y6p89Sk9FJJsPBZsFZEJpruTcrCfWT4Ek76APhzN7eo6MMxeKhwr_VujNCn0yl4umUxhgQeT1WJyzVOaTM3XarDTcJHUfna5H7QVWE-uUpMu4Azhu7HuFTsg988t83xohqf5t2GMBvnjt5W9Q71j0IDCx6SRiVfl3cZGPo6lIDEnXS3RL_AARVTaZwztxTt4D88_dYjm1anhf8qIErg82N_iIbRG0Bf8yNjvzYM-8BRv-4Le1uVwFcqLuowukAeOOMeVsuP9F0cpc2P4vJ3xJL7Mh2wRCCWtVzpZY820TYFilFZFOU-g5UqCmgIFv8Quz6W8X1_PYUUpa1Utz_bljIVLbQl9C8OIfY6WLzZEIIHw9P6VYmKXOD5PbI8nVcprZVj8Fs02XzlZ-IjNnAF8jSONQaoN-d3mwhiiJ8auOFxxCAnbTaIpAnfOVr_HWoqLvYcT5FkyWavx9mRnWCHWE3Z3AezQBRDjHQUZzRTWum0eFZTUNfyaYnCr2KuVcdq9eWuRWmsXnc9j-rig-BUCQqdiA7PwiXsjDpPy-TCfplFilHxSPvDbaKXdTsbfeHEudKxdLCFcKCkVe-k7emfg_eoFqaf1zZ24pwAo9B8C3Fl6JV07I092aHyzBlwtFlk_Rm2H9GLQE7ebfHyUoQ3g3A8TxPDhoq8dA4OrE8thZAHRbU6lxMRPu-ySFtkyNXZXaUJ_Sp5rcQGgWf7KSTbz2KiMNZaiW97DUnfOH_z3BvJPEW2ozBq7jWBZ-lnIzlnSFNKg1-uofZ3EHneryX1Qz6kKEJZNDiRO5_ylOrnROC87l2J0MwLB_Ztvx4lPXVv6saoejHqvqYLOXNPDH4Kk0kDdseg5rVqBRPUIZClyAXAWwL7051hxJ7pP2FZwM-C5a7m9_SMgcVgDUIOwuorn9KmHE9TVkt6A7qbCJ2xCZq1wJepK2ZQ8wcfdZpp3BBDDf2w04RIVRK8VaEZUhoiBag6ITEtp6YnXUslRVOYjGhzcZhtNQ_dWYrwP58_6BByFUdQFL1t3TtFyXxKxGeBzNg68yGbESDjVBZBI1PMr3iQSnx6Cmp1dglA3WHPG5oe5U0jvEc97SVqsx5aMYRU67IMBY6164WmGmtpv-wu3VO3np1Cyl3ntQB_LLnTslV5C99vXGra8NC0h1Ol59jOT4Yaze7DrUfRu750Mwth8Crv6BBS0EcqbgvZiwHa4fBM6tzHYS3yOAZso52IBpSkSZvc23GBsp4hoON09KwIEkw6p84q6z943iHwidFIOHhdxeBFxetY4siDTqA6t5tInxVKCmJ_-jX0CvOvftsgCGAFm_uh9bBhrkXvyCvf8QNHpm0iAm-MeOSio1CUOnIp02KyhB1JK1E-g9z0o88VUEKV3uUGLTBWCUxOJ0sf2WSy7o0stpc4t06i6LUuwQJJIIPzBiEbBXNxUgij67IMO-DKtbHeaG6tElfYoEmGaF2kaIgu5WCWO7-ly2Io1rgC2WDTfsN_Gz0T8OR2HE3lB1jU5NP_TwbheQJM-T_rsV0ri7DpE3OPQ3n1FpGrNX2dQR9EKKkI0N2CWTHkqkD8DsznGaG_ed_U8WM1iZjAFEeHAQVE3oPlPQuAy0555lj94Z6gls5aFc_FIIFaq9GgXekbmAT4jF-R3Hmqanmqq4MigJdmpeu0bWPsMV0yKANCrlfsPFHhgKZEL0Wh7_TR9zoDuQxGT9I62sm9gX4Ai4qEgg7ZVLq13K3AQPwrU7YgU0360wZO3EsPPrDuSi4LEg05-exeMvTcrZ6m3OWiZKSf6mrl4OC2yUc04zQIpgTEHcM8u1KFi6RFFDAXt5JY6pMW4uh__9dIsu5FIN1_iMSYMhHWQKoxNbeIkYDSh3xNU-UBZ3Npe1jGBlKcbWeSJuVd8l0Ais9I1SpnMObYzQbleEVT7VYfHCB_W95t7xe2hxUao9OSWfeEjqzorxOp9nKMHm3lqrDRuNWNsLFu-xmULF36V2YUk2QBVgoq49_e_PHLpCkEZmx6T7HSHXWPogp7ZVUehxDApjRgmcTbB9y2hACJyRlmk8G_ImiCgKTn71QWcYZtQWYL-BnbVOJHz1Yy8LbS87-tdoh2vsunRk4-NDn9bH0fk8AicAFep3HOrXczgzIoMVDT5aybtqHyuV43tKXjFmQwT3EAO697nTzY68KQKJzWm5wVRX6x2pzeXD82SAib0-PTBde4jQnFstnL8G8mdf_kVOrT86rwG6sM5c5i5Xo5nHm7P4Aw6_GZ_r_fOyS7uXx3ToxwDkYxCgt0bQn7dgzh&cid=CAQSKQBygQiDthHMi9upsHQNjZmspYmrc5cSSWKX1V5m4SUeYHzg4QyMXK0FGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2991849046863992000&adk=385625681&idt=98&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db29d2057e2f452e00dd7f8c3c041d1f427b466ad334bd4b70935b1431cb8b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36964
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 953B 0
0 57ms
56ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306010101&jk=2939887975097746&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 87C4 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H2 204 incoming
tpx.tesseradigital.com/ Frame 89F6 0
77 B 21ms
20ms Image
text/plain 35.157.179.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpx.tesseradigital.com/incoming?p=false&a=false&b=false
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
last-modified: Tuesday, 06-Jun-2023 02:06:25 GMT
server: nginx

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3524 170 KB
59 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Origin: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 3524 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTvY07lQOkvp1tRzZh-GS4llwfDK6db9UXFOugDoVzSXmhWS3EOQe7xZj06cD25CGySh3uClUYv1_VOFHoWNnSQs3r1ffPn2hwNiUHF45T7dSaT7CGNruYn4SeFj00MZTkFbu9OASRQYDFvjGigstgH-4mb40a4qQVoqyUgOHrevN-58o&dbm_d=AKAmf-B6vOAXEWXECOeREqyCdn917EYbCR2hcEz6EwPIO1Tb3PnKQuh9SfgGH1s1dj3yMMyI6kL_dcT_jTkwF8847OwKAginLM9KiOUjI0-fu6HaRMfGutfTMHnQJoszft-4Uzv9HXc7b3nDdUR6U2UBRy0htmT_rE48Nm4o1hB4pUn7_NIbKJoOPKsE62D643qfdVhkCdo35jg06Znfx4cps5KDmnOpRx77Pg9gGln0gE6WTSpwNFdDmRo8H9HBnTzOB1-mCf0tAeyFJDMq6rr4wZJiV6JWyW-mSH9XLaGMqEMNu9_GzZTikBiaUUFUXvuKJXdSu_lmmqjKO1LpFYfVUueXsKlvalXv-X8uqll7sBmgnWYW7yKvbt3KE6iurq19s83k6Mo3xZS4xhyjL_9ral5hQLunaAKHjK7NF4qb7dInYXXnEEUn5z4dH6z5m8YgOGciO-qJw9YFWA4lIq0aaQ8CZ40axQ5w6PAB6pE1TIRZ2Ce_cM3jdgysTBkciNwBfZi4_bpBa3Uj9SQfrYCw95TefqM0E45CqLsBAEVBWNa_0pGPy1jiBijXvCGP1tJo6J-aYlv49u2Aj6CWsXSVZdRhcWShJ-rrKPXfwMbsUEtNEC-js_X86ZPJrO2YYiojqLCcYqvGrsm3vdiI5S9yOAvi4T8gf1Ea5hhm_xEtAGbVJBEFyAw2qRFfYxxpXN40vn552k-6rS4IVknnDx2T8l8rBK0MMFo_oe5EkkFZLqDBZL75x0XZx99_tB6_AsAK3zsTy1Vrv155tSg0FcvITHTRpmAXv8efnVbIgXM786qZYsRqr_dteFKNHcAXzE1TbKpkHlr4HrUORU_vSYrFFMB_B0mD5D6l-zh76hwk1B1SaoXraS4rRn8MTa67psEWDBmLTbxld3nTtzLjod81C478L8nDuGOz9P8hd7g0d1VnXPr3IUKU_4x0X3WY-CVLIOGCq0trowHc4hBqpcIfTtTUh4is2EOiBEAuoI6GuiIsQ3QajWSFF9LHzBd2gg-apEK6iBcaKXK4Depnr2OQlrhM-UE1Im3Cr2nYFDBlOZk5rqarl03a7oXvCAJcOqdY2JaPk5p1mHiaNMlbpToS5o2D0NF0oplq4_bbcmk4H8Zi0DGyjHf9BT7jgZt9CrOUnoGVcnnAmZiaYChKeERN6z0Ww5XqzZa-d0FjHCKF_mOqb8QomAxcLhJFUESnyfUkO1djgSt8GiJDweLNQX4QMLa3Ml-rGguCgPlHky0XYsEimJ7N_JOscUw_SBUL6HVtej7g9u_UVpbvGnwDafXCzurYO5Wt7uKoYbDogI7fzilhAtlOK3d7F3UsKj7awb5akoe23R6jkeIox3vwFS93Azu-YHJfplN7buB75QvThJxbl5VeNO0hWN4Og8GLIy_CZsToPgyvq9fJ2NRXwWWeTcyYyz-91bI4XNUOedTqvl6FwpyqIBK7fTI2hWCoFw0HMcdwa_DqmpfT-4C5xs08IC20KuTQEOnckvq8G3kFY0Q-YQuxrh038Lx-g1qSO1VgSJTVfFR3ogzOA24R4OmG4cwzhGeJ7t3y_4Inf2z669dqmlxd1WbjaTbOxP3U6qP7uVP4UNHcq9x2Tf901wQ9q0AujJUpVCl4ceGWBIqL-BncZE16A0metVlabWr7SVAdLIb_lNd3LLx-DAmW8dZtMUiuO_QMS3geTP_q7jtiTXl7aFKgQvameHWgzYayYt2C4KB1NIzPBV5LCj3viv0BHBgkkLCAjrMht79KzVDdQ7fiMd9oQMW6hdEj0nG7xM-z-8N5Vq8j7hqnnRto_g3NrmBkG-7mn5eXgfkJKAI1c0VFMnog5isWYazrnc8x2TMaQCv48fAF5_wIQASMRby4rqFuhykN-mTX-7dQXZWrlLbcgFET7JQSvsBrTMuTjIfNFXNTFipQ995C0BYQWl-ABA53vJazRVrZUDgzesHYWpkPTkRk91xByWKISOq1lj99mEujkn2tm91BxOh5IXDhRiENyJbrVi01Aj88eL_j9IXiefYIjy_dnHgI05X79ERCRTmXen_dGw1OTF7P6c9uNonTvq9rTZI4O5EZbcnq2Bw1uxhHYUNYfmraGAGvU0_09FT0ROpsbSPN4ZCF2fZIb70GaDSnm-fpHptf5Ut-2vZDGIvg6SnsJOKijKvxewI_py2rgvTObseVIDma2bTUZ8ySkDJGwkpE0kmsAlZxZR5VxoPaRKnnkXr0EJPZpbM6rpkQE8RINBw_vR4KxERi3wA7uTwW4jXPkxS82LQrN-euNlU8e0jryIWIMJSkfw1ine71fE4JKRjkFsHNJtR7HOp5TeD0YyfXod19lYYyol5upN-YxnwX1KZFPp-vE_ZwasgZ4Ban68iJ0CJv67KaJaLeAZ6TzY79zw4dSfHqMqEZNa2H3dfFlhM2FQvgKHCrBjXjUv19s9gPxg1inGVuw2C8F-gzi7HysLAazAB9N9bcvCGWYlVIPbGkoLFHsWs7s5ewlEvzitM95ME5oiSlolBTfi3YlxoRgZghMpeAW2_vPGOc1v5H4fkP9Dmlf1XntHcwpl9K_iN3AfBJ6C96xwGaQ9kva7bPakeMeJxb6kwBuoue0AQHda5xtUgLjhp36_0T-MqqRXeOf4TM8hgzvU1gSXOrvrLJpaSdmampwO3DXa6gaLicUvNOcky3VgZtWkC1sXsFyWwHo6h9wL6TB7weZa3LcWqrO3lDGqWc3Nyq_HKtYIsZJmi2QF9E_dly8_lYXrqIi3aIjtLmdeCdUIwq5vOYz7mv2BykgoXgBZYyX8HnrpWfvsOUSipw5n1mXXxEFNsNsNOYKHwFjwI5ftfDRl6wehfLBWFclc4zTJURdRj27gMdl87tKgdA9-ZSE27YPYdP9rEsh2fGcYNXg2UphhwUapxSowUJVO4naldy_OBTXNN4jwnD4FTgWsmtLdR0nNs3xBjEdDX5fZkb8DNcJ01qSxgVfjlQShjoFnMPwEBS1v-S6Yba8ueVAA6V4P5p4RHst0mf95LRdXFkuxprbcxfxcYrc_lDaEOoZEPAfRxTxyAPmgeWq02p-Eq6ZKmqGYZhI8sG07qz53y_0eavLsvqCL5BPhNwEnt7nTu2KINKN1QyundTR2AxlmUCwlgaC2OWjywUzDd-pyl799okD6Fy8r8SMkHHylAEaELy-dlkWC36yRfzQmIen5s2e0DZ2rcFXfBQeI0xq-8PuNe3gDo9Veop9yiHVFWtJPYJFp4j8AhAw8joIWHg3R1dC5O5Qz0Wmfh-S-djbkpFNsYJqYUiTIanKtAYmsZO2QgwIXn62jXQHEXxXj3iWNeWlS9HLsu-4CrYV6NNtDR9mQFzLdwg5YhRFjogLM98I37eh61fw7qYdSIXN29nR5vtRZiGSYoWDnIQBp2EdfTbxcvRQN67MmDivRbQ6_ONxhA733azaefmwuMkTRxU5RjTwOWNW-Qp&cid=CAQSKQBygQiDUEBG-lDTVksJKISqIJc7M8wgZJnD6fkecBhrL4ToFL8TDQfKGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=14635048039928787000&adk=754613069&idt=82&cac=0&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 14:12:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 3524 29 KB
11 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 20:43:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3524 41 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E29D 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:05:32 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 12:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3524 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c6f82576efee6483b4be47b15ba0079cc4acf76078682cf34ede7091221e6d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0364 170 KB
59 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Origin: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 0364 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpsSQ0zJpfzZB-rgMzaSWgat2dTVK_r6qsSREToUDR-4Ojq3kHMCGOw1bqxnF41X2PxJV0MQcWbO9ae7Qfxk-zHMrLcSefEK1Kpw_LgTQKysKLcJw&cry=1&dbm_d=AKAmf-C2Jq82DEC0QmP9O9MLDQ7Yl_1JyxPDsbytubq6KE0NKTOUJQzC38rVq7mNH3Eg-FODvPPGI_06qflw_8hu02qTU_f7e_cNfxuXxDOGMSUtz3IrXcRi8vUwlA9ESd_D6pzUKRLowb-chXBLKEA7yia4CXbhtAh2g1WFzkJORJYFl0zEGBBZcT2aIF0LrQ86ANliDKJSoajmPDEYnA78OUvjhdROI6vxdKPy8knDZ_rySOt_caU2H75Vsgy3gsAcFd-wpHFDGnHyxOOn1KfsWKsvAfr6HyleGbaGHKBjEQshfcnMAMrsCj_a9z3gEKULZLt3mWtKJic1hq3KsC41m1HsljziK29-DLA4_hP7eVHqIGiv0oSSiLyrKzcPfZgUe2vcb4oAOojZrWYPCrG_m2UQPd4AYBZPOlt-qn0oCu6csNnF5bYA-6sIhGfPcNjRS8INY8c59UN3X5kGQgLYCAr0ieGIkDmnNiFSSU1hPKkdjhkSUfsoHSvLhqadsmWHtAAgrB2DD1uAuDPEOnxOsR7QVS1EPlDtHqWFueJEANsTB530pP8f3lO_r50bD0F4DKHOsuoTleF8hIL2PVYYm0_qEeJTLQgFG5q5k1GHQCPVAP9ih5lUNGjjvHSoto1OpIGJh3ml9uMK4uDNZr1Mm37zy5AAjiS4OnkYyCn_sp7NjapNpUfH5Z27LAvvIJwm9ixEQ761eTUZq3GUaI3qZQLC7fxt53Bh64B86FtntaVAkaGcipKNtg8gOxrHVQli8TKFGmM8VoX_aBrL5eh3kAgt1muA-ZXfzKbxg5h0M4J4ak57MVASQdNItgvNAGYinhDcNEK5ZUkraDJ_247qx9ApD46E0sorwmCTXAudMnFaIDrCNWNIhNOYasYxwdveOAqc1A-KcCfcFOdcs2UIKWAC8TZoLuGUsYlkhHXm_araNNp2FB-iuG8vzqdvhd5fuyRyLsJilpzs5Nmrlf1bQSh9rhN-GAAFquAjxk5HNeEULB7TK6aP-dneO8p3wBUVf--Ss5i3JvWtBZUkOmtuuYNlVTJv_eOV5Wn5V1a5Q7Coe2Cw3Xq7e-4h_nUXZMzHb0B0v4DPl_DlwwG_0DU8fljUXCf8L-3P7BA8mphOX6jArlAB7jsPfw31uXSgeI2ExNLVe2Eulq5vg0ZA5hxlneHn-rqPLthSpU6mUAH3RROmkjWkyTYhn_9eEFUidcHhWHdvKmsamQ7gbzH6dXuJSPAoflG8K3Dw1H_p-Bm0Vn9hQ7mVe9v5EeEFHGxe7eoZWzV78xnrZtrGabu_qqmwPx9RPHSh-6GW0DA_KK4j7V4GOuTqowvAv5OhLLgOYGVIWfJnSPsgfDOEt3epUK24pF_IRqEznG48E3LzwDaAp5JxTWVtGWvqGa1nAxLc9n4WRjpX7p8V0Fan8JQJicKnfo4vIQG5uFO5DMz98Ht8uCrRnNnt7x71GL1zAAyzOKTU63x_vPEVC8LrIkf4MEicgQZJ-OmihA3E9fs-j5Khbxge33ONqsWul0b4fohmzGAlSaqseg9AHIa9LoXIfNai0IbmwS3Y6wQZwXoDYrTJ5d_la2rf3G7T5wSm4-BoijP2LTz16GtsUmKhi-AWx0NSiDKfOhOqxH3cWrUKKR4Me-kUnEgbLjWZ9jThB05K108mvwkLmThSuXbbCNTtu1OBoicYh2pQKKeWmZId0sEWbGSjPDqEvadaw6Vdk18J7XMX0TKXmW-uKdsR-Ve3402M_xke1a1olhBo-LfnEYGbXEObaOpaSFvUzp2IKkWDVlYNRERptrPDXMskOeiK8zqmUO-H3UJTCS8w5Ew8sPpnO-8GW2R5jmeyvNtuSjybNgEgOSdozQozQcIEivcskaqCh6AzF-Z1D7f0l8Z_czI6M_lsBpK2WxKJ3gM3MiDk4g6MdDswPy493VkFbyCeYaCGkbabZtqVSlYDUoG_ZKFuo6dgy3IFGnyzMpplLCixeksbv8dbJz3sdrIk9zpysXGWJdCZxVzhtWHk0yf15JBGd_X-kBekYRal599YcQZaYISGvL63jDN8B3vLGFnwG3q80oC1e2sPZp7nXzw9WwudMROOWA8o6DNMF1Y3kGVPaiQTQXuDLaXerqpPPLxQAyT1fqeeiu5Y23Gofo5fM8e2BsTD8qapGGaKoxwQgQInhXc_xrlaEE3J6J9PFxu1aL3ShMMLMrKIq_z5rgHFF73GfDMz45qLJEXoe5U50y6RVh6VvjaBUTQN2gsqb8qgSIezSXAVtoD4aHKGsxqnMZIevmPmqY80cTszhitzUECTuibTnp1RfNWK-_5b9N0Rh-AbbrvFT7lSRM75Z1PnMrMLiC__FhJ-1iL-uGPeatVWgFux7lx9JC42nlWyk-SGl4oGiJUtkIR7agNQxZKtR_3SGDWfkXd-ByAhqvusiCAVoKEaq7_6Q9TDV9FsACTsfbfVAvuuVOFgKKMrI_gjnP_pcc0NHuaZt40hAc5ZUDwaF6C9CeIhn4IxfeEGhu_8WNCpmTKdo4uq8qEKISwWzOEKIuFBXLSNriyNGme7b9tUbIsUDnSN-FCz1p-6snSDou6bXdT1RhoiE5IodYHIfVBsYPKkPX483s9qE38Hx7cubkgHrhRi8knvBeJOgaFBsXfsohJJB25erV3EO2_KoRy2M1DpsKnVebWYoWfw2YIiT9IpYdQjQRY9e29FtG_hR-vo8ETdlUXZhN-LjbrruLWE0nAD8dR7D7Gp4S1vf3lGqHYDO8rHGGkFnd9xJekLEfjlzXVdN4Kcux0nX5MXckrEXivXWD__aF4z3PjxO630GdvYynjPs9-zQIivTKNEXGIvj_6Opb5vCj45cX6RVNqEQzYxMi0bGyt-W_XlyK2BGxtr-RXGRdju1kbG9HKEvIvjoUbsCoiaucshx4D-lqi9e78NSp9W8gAx08VywWDCFCgRafp-7eNIkYBgBidXEQKoLdDgDBQD7zRQcBSN8srAh1eSvq4IC2zwIP7awwkQQ4pbqRC2FeJMYUvq7gw6zcrZ91M7WElvraM2kbkkcxM6vRm9HMIjU2UkTBfypqSFrcnJS2jU_K6bxWBdWna1zytjanIFGAeyjR5mZXlqUnT0gbB22Gf5yPb4sU4MPcDCirWOjyA6nhk_W_99IsJOprP8G-Q69RmNIFNOgSXvlt2raxRhXClmrQ-XN368okGFEhr_rSZWbbOM98mfCzKuQYQ3JFO1UAAccQYiX5CWo6JyXxJwPfYapLHyxUHHkbdhksIb3AgOWCP1aXuNJoheS1hMJiVpTo0y5VsyJelvHo70iADT7X3pgrIx4yaXMn9Oknic_qyCn6wjMlx-WNnYSXDlezBPtIwAZmmZjtCig5cxp0gmhIc2-q-xYVbdMFASRu0OG7bMLUvJZRv-Pj8Bl0M13Q9X9nyyNKR7oBOiuyaji0Bau20YU_lw2ypzF4zJzi-44JpiKYqoLJTGuo6ntmD24KsVZH1MuXZV6f5K2LGJCjEoCqWj6xhs3O3aiKlds3GvQKmj0IahNRe6TCGFOzA2EkT8dg9zt2D8U3D3RmIUbI4E3gTxRGUfVALnsZTHGMkAix96HRN3fQzk9F2p_DMMnGHSUejEsLWF1U8yRH71fLybste558hDdHKkQPSb8kLQiAA7fWCI&cid=CAQSKQBygQiDfBsyF7KtK3m9odaIzcbc2od1nnDPMHz4WGxDSXvYCbLKgUm6GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=4206301833863873500&adk=3730726249&idt=129&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 14:12:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 0364 29 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 20:43:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0364 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A069
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

31ms
31ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A3C9 172 KB
60 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Origin: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 10:17:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame A3C9 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtRegz3vVKSUm0FcQxCLvhsVOPoLb1vLDDjYJ1YZvwkqLMaxPft0Kw25nD60eSLy-DoBh83cOYa1kbXZ_uFlxCCrggznrhilNrt1Xcb3aIzYCCIwk&cry=1&dbm_d=AKAmf-BUpGMaCBpbBEIakwn6P4dlDIRJccEXI-kvU6oEnZCIIm6hgnyPRsN_K-dz7R_3oqeqd2BzcBRSow-3s2ggcE1mfg_hX66B1bJlOIFyIbrwupJM2KzQhpndaKwO9OmkLL3OI0c6VAtzxR2vFf1YjH3fhMerf84pzyQb_szJc3ImXV-FaDwYefKKE6KK6ZHKNvZLcF_Xomb3i2na9PVri2NWdYgBVPeiO39xeuiLnjdY5oOfNMcKfmY_no5cRsodpGPKcWpewnJ0xbAECCVl-KauzOsk1TFFERh5y92ccJwGszIgCegEJ4XqYkOgQMO1hMyvPy8Qyje5pDBlVs4Aq9bpZZhiIsJ_tn8fC8CbZbGuvSpF5I9nUb73M-S3FAyI8PBQI9oQuoNi_3216DiUBlnlLEyi39NwBZebP5U6lcoZ_PE7e8cvAqJft6giK2CZM1gQ70kMdr4jeJFI_xtdzbfgCSCBZElwZjzAr6XTpBR_kIiKVfRrGl9MGPPmzbKZYSErjH5XdLB9TiUHoEVzvAj_np_5oJcBgUz8xmNLwwg1RFkoHtN1B6AxYQco3gdJXQQvRy3TGFgSW-z-2dy22gcHK6cbwh774JOIYrNuetc6JQsLPBDRo3pjRiLwOu1Spc-VmjZqe17HlGmAfb7mH5EX2e9Lxd10dnT1ymL5e3Zxj0TF-nK1uaxKYy3K3estRtarewqIXlJwsD3TfH3ciq6M_ansEHEQFBnNE94yaQL3x71Re-jhYnJPJQUKYACRLqHvKtDXLjtmL0V-Vu3UJV_5zvQL4owZ5cieJEkpklhFb0xVqWFElqAeJpKjRf2Cxjjpa-pxdKw8fNdAfIbmv_3ACzxAP-XkGayl3wNm-sbyBbI9VOhyv2kKp5FwmzJp_YKs7aE-NvnFwkF2ZHx4KJ5Z96Pvk8o34A7HArJWrDDTdRugzJRM3rzXorvCKwbWJpEC29ZNGwg3CbLbpABMp0v-_Kzkvc53XfoP2To9yDz4h3U4HaA5jk_wPfRqQpWg4bMGrUrgsqXLhA99mX32ILAFfBVizNEgqi_MvvXczZDx-WrqueW-deo5b3n2vu8KjxcEAkk05bEAd0MFZIewyqXj4LtPNn4E0hCz4j58re12aHA_94uXT2WmuNQUADtSFnFxeCLf-21OTKtuFJsUN6SqJeZuzwix9wnZeTwtowutxpVr9d02tDa8LTTsVB0QJI0Dr3AjX7xW0fnLUxfo1Q9mC2j7RsOeZIOFA5wDEPLZmVGxVBsvIS3ljEGq5W2angIrIEZcLREdmEMMibZ6_y6p89Sk9FJJsPBZsFZEJpruTcrCfWT4Ek76APhzN7eo6MMxeKhwr_VujNCn0yl4umUxhgQeT1WJyzVOaTM3XarDTcJHUfna5H7QVWE-uUpMu4Azhu7HuFTsg988t83xohqf5t2GMBvnjt5W9Q71j0IDCx6SRiVfl3cZGPo6lIDEnXS3RL_AARVTaZwztxTt4D88_dYjm1anhf8qIErg82N_iIbRG0Bf8yNjvzYM-8BRv-4Le1uVwFcqLuowukAeOOMeVsuP9F0cpc2P4vJ3xJL7Mh2wRCCWtVzpZY820TYFilFZFOU-g5UqCmgIFv8Quz6W8X1_PYUUpa1Utz_bljIVLbQl9C8OIfY6WLzZEIIHw9P6VYmKXOD5PbI8nVcprZVj8Fs02XzlZ-IjNnAF8jSONQaoN-d3mwhiiJ8auOFxxCAnbTaIpAnfOVr_HWoqLvYcT5FkyWavx9mRnWCHWE3Z3AezQBRDjHQUZzRTWum0eFZTUNfyaYnCr2KuVcdq9eWuRWmsXnc9j-rig-BUCQqdiA7PwiXsjDpPy-TCfplFilHxSPvDbaKXdTsbfeHEudKxdLCFcKCkVe-k7emfg_eoFqaf1zZ24pwAo9B8C3Fl6JV07I092aHyzBlwtFlk_Rm2H9GLQE7ebfHyUoQ3g3A8TxPDhoq8dA4OrE8thZAHRbU6lxMRPu-ySFtkyNXZXaUJ_Sp5rcQGgWf7KSTbz2KiMNZaiW97DUnfOH_z3BvJPEW2ozBq7jWBZ-lnIzlnSFNKg1-uofZ3EHneryX1Qz6kKEJZNDiRO5_ylOrnROC87l2J0MwLB_Ztvx4lPXVv6saoejHqvqYLOXNPDH4Kk0kDdseg5rVqBRPUIZClyAXAWwL7051hxJ7pP2FZwM-C5a7m9_SMgcVgDUIOwuorn9KmHE9TVkt6A7qbCJ2xCZq1wJepK2ZQ8wcfdZpp3BBDDf2w04RIVRK8VaEZUhoiBag6ITEtp6YnXUslRVOYjGhzcZhtNQ_dWYrwP58_6BByFUdQFL1t3TtFyXxKxGeBzNg68yGbESDjVBZBI1PMr3iQSnx6Cmp1dglA3WHPG5oe5U0jvEc97SVqsx5aMYRU67IMBY6164WmGmtpv-wu3VO3np1Cyl3ntQB_LLnTslV5C99vXGra8NC0h1Ol59jOT4Yaze7DrUfRu750Mwth8Crv6BBS0EcqbgvZiwHa4fBM6tzHYS3yOAZso52IBpSkSZvc23GBsp4hoON09KwIEkw6p84q6z943iHwidFIOHhdxeBFxetY4siDTqA6t5tInxVKCmJ_-jX0CvOvftsgCGAFm_uh9bBhrkXvyCvf8QNHpm0iAm-MeOSio1CUOnIp02KyhB1JK1E-g9z0o88VUEKV3uUGLTBWCUxOJ0sf2WSy7o0stpc4t06i6LUuwQJJIIPzBiEbBXNxUgij67IMO-DKtbHeaG6tElfYoEmGaF2kaIgu5WCWO7-ly2Io1rgC2WDTfsN_Gz0T8OR2HE3lB1jU5NP_TwbheQJM-T_rsV0ri7DpE3OPQ3n1FpGrNX2dQR9EKKkI0N2CWTHkqkD8DsznGaG_ed_U8WM1iZjAFEeHAQVE3oPlPQuAy0555lj94Z6gls5aFc_FIIFaq9GgXekbmAT4jF-R3Hmqanmqq4MigJdmpeu0bWPsMV0yKANCrlfsPFHhgKZEL0Wh7_TR9zoDuQxGT9I62sm9gX4Ai4qEgg7ZVLq13K3AQPwrU7YgU0360wZO3EsPPrDuSi4LEg05-exeMvTcrZ6m3OWiZKSf6mrl4OC2yUc04zQIpgTEHcM8u1KFi6RFFDAXt5JY6pMW4uh__9dIsu5FIN1_iMSYMhHWQKoxNbeIkYDSh3xNU-UBZ3Npe1jGBlKcbWeSJuVd8l0Ais9I1SpnMObYzQbleEVT7VYfHCB_W95t7xe2hxUao9OSWfeEjqzorxOp9nKMHm3lqrDRuNWNsLFu-xmULF36V2YUk2QBVgoq49_e_PHLpCkEZmx6T7HSHXWPogp7ZVUehxDApjRgmcTbB9y2hACJyRlmk8G_ImiCgKTn71QWcYZtQWYL-BnbVOJHz1Yy8LbS87-tdoh2vsunRk4-NDn9bH0fk8AicAFep3HOrXczgzIoMVDT5aybtqHyuV43tKXjFmQwT3EAO697nTzY68KQKJzWm5wVRX6x2pzeXD82SAib0-PTBde4jQnFstnL8G8mdf_kVOrT86rwG6sM5c5i5Xo5nHm7P4Aw6_GZ_r_fOyS7uXx3ToxwDkYxCgt0bQn7dgzh&cid=CAQSKQBygQiDthHMi9upsHQNjZmspYmrc5cSSWKX1V5m4SUeYHzg4QyMXK0FGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2991849046863992000&adk=385625681&idt=98&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 14:12:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame A3C9 29 KB
11 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 20:43:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A3C9 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H2 200 json Show response
trc.taboola.com/onedio/trc/3/ Frame 89F6 93 KB
26 KB 806ms
793ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onedio/trc/3/json?tim=02%3A06%3A25.615&lti=deflated&data=%7B%22id%22%3A538%2C%22ii%22%3A%22%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1685970388182%2C%22vi%22%3A1686017185613%2C%22cv%22%3A%2220230604-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22vpi%22%3A%22%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6569%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5724.828125%2C%22mw%22%3A715%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%2CBelow%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ecc5965ecaa67f60e26615c0d7df1051d4fb6aea3a8806dd5db2fc8c2b003a1e

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 771
date: Tue, 06 Jun 2023 02:06:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230094-FRA
server: nginx
x-timer: S1686017186.636329,VS0,VE771
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://onedio.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB10 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:05:32 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 12:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0364 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c71365e672443bf7a30423d604a651c4ae8be9d9be4b548edcf96a2a7d5f199

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
www.facebook.com/tr/ Frame A585 0
45 B 22ms
21ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedio.com
Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://onedio.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 92D0 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:05:32 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 12:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A3C9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ee5bf96b4a2da8c61ba646ce5bae4ffb8f3f7cc2df59fb537243a83b777c552

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/onedio/log/3/ Frame 89F6 0
243 B 157ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/onedio/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://onedio.com
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E29D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMuTcvOd5_bkteiFbz49CrI&google_cver=1&google_push=ATf1kGPwPIRMfeeKvs3xdsxM-hoqCpMsNm5IckhHRcHJcV5Tr9ijnFjzH-Vzl24ogDXIakyKJTsR5vtpkz-uSm6QssMDMix5IyP8Zw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMyOTc2NzAyMjczNDUwNTM1Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHKChs0im2wV0eUIITbTNJg&google_cver=1

43 B
398 B

29ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHKChs0im2wV0eUIITbTNJg&google_cver=1
Requested by: Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHKChs0im2wV0eUIITbTNJg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E29D 35 B
465 B 91ms
22ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMfRywogoPrA0tmkN_K4Fbg&google_cver=1&google_push=ATf1kGO8MaPQv9SYJ5vyilQkxxIGV8VsWxGan_GTZLxw4CFWV5x9xGzFUo91ljr5eZY0zWHDHVC24Btojlc8sNtUYBReMG_YaA5i

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E29D 0
104 B 199ms
84ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFBlAdlNAGEbtDqSbTaBduI&google_cver=1&google_push=ATf1kGPUpNhv2H5prDS4BVTAMG5TKY2NqRegHwalSMYMQIW5YPYG-S6Sr4UY17bWSxc_O9pLdIrmTgFb5hl3uWXULO8KNAAlUUxc5Q
Requested by: Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E29D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKrs4yN9wPywgbwJCgP92p4&google_cver=1&google_push=ATf1kGOxarzN9WVGk0xQgjkC0FP0OnGwc2MsXRxx9NLcekROXQQYLWZcad714Npy_clCd2Jiq1FORMpfpC1-hlWT...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOxarzN9WVGk0xQgjkC0FP0OnGwc2MsXRxx9NLcekROXQQYLWZcad714Npy_clCd2Jiq1FORMpfpC1-hlWTfUmoJWcQQ6AWjA

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOxarzN9WVGk0xQgjkC0FP0OnGwc2MsXRxx9NLcekROXQQYLWZcad714Npy_clCd2Jiq1FORMpfpC1-hlWTfUmoJWcQQ6AWjA

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x28 config_version:"58"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOxarzN9WVGk0xQgjkC0FP0OnGwc2MsXRxx9NLcekROXQQYLWZcad714Npy_clCd2Jiq1FORMpfpC1-hlWTfUmoJWcQQ6AWjA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 06 Jun 2023 02:06:24 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E29D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-chuRMQuTR8sj22c8iOVB1rkZ_lZrSFddM9LOnQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

29ms
29ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 127198
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E29D 43 B
245 B 85ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAdSZutgAE9arEEQxwn7YsA&google_cver=1&google_push=ATf1kGNHZYkv8vgsmbpZKXo9YfkyigocTWxIVmbz_PCOCzhwayBZAzm9kcNL26AJ6K--hq31LW0MERlVREgnnG_O4eZ-vPMFjLi5
Requested by: Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E29D
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFL04czfYQHfvOa1YzPzhu0&google_cver=1&google_push=ATf1kGMAmVEDiN9NNFEmWEmUwYSE9bgNkO5fdHh2PQD7Qbnh59uTNrG2AuqauKKtMFwxiaQ5HRtYZ...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMAmVEDiN9NNFEmWEmUwYSE9bgNkO5fdHh2PQD7Qbnh59uTNrG2AuqauKKtMFwxiaQ5HRtYZj4g3wQa3wWX4MpCCx9n-nvtjg&google_hm=Wkg2VW9zQ...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMAmVEDiN9NNFEmWEmUwYSE9bgNkO5fdHh2PQD7Qbnh59uTNrG2AuqauKKtMFwxiaQ5HRtYZj4g3wQa3wWX4MpCCx9n-nvtjg&google_hm=Wkg2VW9zQ284WVVBQUViLnlWY0FBQUFB

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 06 Jun 2023 02:06:26 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEFL04czfYQHfvOa1YzPzhu0&google_push=ATf1kGMAmVEDiN9NNFEmWEmUwYSE9bgNkO5fdHh2PQD7Qbnh59uTNrG2AuqauKKtMFwxiaQ5HRtYZj4g3wQa3wWX4MpCCx9n-nvtjg&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZH6UosCo8YUAAEb.yVcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad377"}
X-SO-Key: ZH6UosCo8YUAAEb.yVcAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad377
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMAmVEDiN9NNFEmWEmUwYSE9bgNkO5fdHh2PQD7Qbnh59uTNrG2AuqauKKtMFwxiaQ5HRtYZj4g3wQa3wWX4MpCCx9n-nvtjg&google_hm=Wkg2VW9zQ284WVVBQUViLnlWY0FBQUFB
Cache-Control: private
X-SO-HostName: m-ad377.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: m-tgng33.dc4p.scaleout.jp
X-SO-IP: 84.19.175.165

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E29D 0
12 B 31ms
29ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IC92hAMn5OpOhFWG2kbmaZJV8du7RRyP7hPFkuTUCrtjpcq6_srDJ9EeVgv3jJXf4ssjZB

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9170381621892120779/ Frame 2FDB 13 KB
3 KB 30ms
29ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2744
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
expires: Wed, 05 Jun 2024 02:06:25 GMT
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3524 0
0 140ms
69ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstD4QhLYu33-2hXKyGmieJVMIGc5WfnZVZPuLJtK_OwBdFMYleLipkauqcyVX92oMY3nO7fJF9ApacrA-LapwGCsP0qnieHap2kmz6kFgUxkHMvnrWs45I-YFZZ0Pswwih4rO51yLfLZ-cVwmDk0ZY_m_aXAhWeWyaSlNXeqMhRv1XP7OewMX2lGkRys6bnbue3KVNdiNz21zhZxeBkrkD6nFE8DGBMUda7NvA2inaPtWJjfZ4o1TkPcmCe0ENvnqX2r4MbnNLfCRxAFxXQSZc0lksd4QRUy7kzYIrTbUvLdOZrY6eSXj7Z7vyolvsE4r4z1Xk5MOPSPJK8UTxZabPifXDEJSLh_BRuH-pQMRrEAp2AO3m55ap--igqqt9FWQ-ded8aRjtN88r0IGl1TAfrehK_gBed3beX_-pZTfMBYXnMh_WnUhZPVhf4EH7Y1NYgmdeSpGj7lupne_Jy-OGsvAN4xE6Owk1UP02-Sz7nRZ6xCam-ThFU8Ik0rz_3jPKXgB_EqDmgNG04W3ygPR5Papt5vv0vsJsy6Qn6tfaZDRHEHq0reR2jCroYKYDfmfhlG5y3KwMdgH5Rh9QPfHtbJZUSIQU7iFyeHpuaIGkerwEeLdPOOL_1h62Kzaf89WTSOHNJp2HTfBSXFrrlDanmsETwGk77T6GiK2a7WjlXdxMuj6XP3XSzj1JkS8X9GG1DjKx8VIHdHxC55kKMrowR3a48ZEkAr8nqZfK9TI_F4lvF10O32zsn8AcqasNew0RArjSZxiIBOmulweETjpnIBTjEINIkEGcTw_fGH4SrOM1vsIR1MG56O9mljwBfPU-oYq_XMJTUXDpTemK8QNanL-RliusnTGsrCsyUDnJ7SJWIIskP4JenfYys-tQc-clZTQEdVXhoEEXL-9eOHBEIOwhmSDVYRwOsmdKBO1j5QvFOXvkytaauXoykcDGV9MsGG-pSuRhShH_omVtEVE09PYNbaGlzsZ9bwBc6xYm4C15aP83NDnV6HMdnOPeziKKN6erWmobs1961OvsyFXxkV_iN589AjMBRaoXx0jf4ybc-cH3ZyDMPNr3uj-vLTvT6_fVQsHFZw5FreMu8gVDB0T4dpZSz47ouN8J2XANZm33IR1w1VqVTOqP7up6fi1tNgnSP2wcGYTU9kFOlhZse4yMqoGMj5j8fNr6XOkUsuOiW9L0zDRXiNeOkaPXCi1QTGyY5edzi8MISfTA2iHRlJ8TQ8g&sai=AMfl-YRIenIgK7uYcfX_Mt2B_Dmyg9_P3K3sVBlYUNPSfTtn6vKnpy7LIXt6efI9pMCGhR3OQQVeJ0-y4whgfwe1gIgl_nR9cfBA4Jc9vsreoi3h5Wt4TS96gjtSRslEc8YdLQ8OqblW_dJ8SgXTuckaTaV12YDAX1XOz-Ra9tM01ZVINODJKQ_lKhqyw-rM-UDGdEAJN6uysf96hCXI92Bm7wFE8ft_JnyqgHzkGw&sig=Cg0ArKJSzFlFOPwGZbiSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=234&cisv=r20230531.06105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D49C 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 249222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:52:43 GMT
expires: Sun, 02 Jun 2024 04:52:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 1D9F 47 KB
12 KB 30ms
30ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
expires: Wed, 05 Jun 2024 02:06:25 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0364 0
0 97ms
70ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnFpemEbJm2SKaUcJmZnxDb4IbI3ys368RlkuEgQpMswZphD20xCxqcT6nV0JzsiDp2shOtKYpPJ7JLWDIhFeIALrDWa5jnsRmlxB_oHv9xReQBNLlgtIw_C8iJnvsIAmMgvs2e_S8Qo46WYJe6aAlXFT-83h75KpaTXqh92ir6_epZI2fsnLbHfB5V0zAFdAX4DS7MrGYMMt4BjJRoz18C4OwVmDYznO7N4Igpm4N2oH1anroTrCZVQg96Nr33tWKjgduI66p2SMtdpVllU5nxkhnw6KcqgFBqRDAT1AyQzQG5smVjozUMR_p6bFjuIilTsNpqSH5dTKU64tLi4YUsVCfWPWODzTnL1Fdl9RD3cfRcSEwVyx__L1sh89xRHMlwqZQhaOlqNPqBNlcwNeEn0jzU-3nnzDb6frUmPJquIVF4g7QR41zM5ujr4EtFSnVpvRMavv08ou1MT4sZYPPM83nXeKnR-DlJgHPklYnf22jicGFDw2kfKHFvQvCIVX2sULetQF8HkOku5M6IxgR8r2uSGAwgkraTcX0mXP6tdTQGiWkNkngIPQGxFavGPwVH-IC4aYyxCPtTz2CdTL-eXGz7PssEjqZn8DcGCaYhfyO8f7TPvQPo9ZNT-3mHsR20yKGKqtRfRt38cRe6lmzsx3npr_EelUEl82ac1JjgYWHoIgy9CxgHHcgD4xFlBglGHUzSMse1MIQbcinUDaOFDT2ZacGBP9T4NP3pHY-Qii4aNWQwGMJMBUzyFHFjhnN-cFJkiPRFD7nzAfhaWTUIyDp6k-V8G7SIGVP-OR_1KivppU8QuOwZhCnGUsljxOqBPKYx5eQMx1bhkJb2KYNFcNe5-C0mN7ddAOmhMvyOermRZffW-nNe1cCMgSZF0rt1AGGqeLpPAWbSU0CZ8epg4rPgrRBnA4qLQ50SkSSRx49mU3dyN1Ce1egKtW-1mhQeyjkytv3ruGESTzDUsu9nZ25n9sYxuqAVEamQtOvodzSj3ZgPUSff7_oi2mQeG16p_DYILFFZUo3jxlYeXoylf2Oi44B_U2y_6QoNm23upBHfFhLDRjarIY2HAQCWO8alC4-b8Qdqb0ZWaY5hKJ8PPiwITkRMp-H4nxBgE3SQml2CuQdxQEOhTp3bCWdUTHTvUjLaP-sE1r37jQEtijqXF6VOfZ_CkMneelU6ouUhOAHP9NXPaEcVTgGdqz-XVe_vNW8Y0coOt5zYAhbrjybRuG_6edLxrRco7CfY_ZjaEv8dN2G589CC6N27FrEuBE-qWD26W-SAuvaEg&sai=AMfl-YQiNP82Wzaqmdz8PkEobM41SC8HAt1MgN0zfoh6rV6BPymKa8iRjC0j9DsD2D8BimoxuPqa95WiBDPxf5_tRldBIgZ2eNout2PYIOZMaSornqZbTlcbLh7uS-4ApA6MEmffbWSze9gQdogNc7gLItlNigbOgwpfN22xxby5XDHTrmzQ9CUN2np-99WdVq0CvuH5QowHSjN57IV4EotHWxrvEUdUusc8DGDAhg&sig=Cg0ArKJSzAvvE79qMiJ6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=187&cbvp=1&cstd=180&cisv=r20230531.93887&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB10
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJc-wwym2oHfshns1ywl3jM&google_cver=1&google_push=ATf1kGPniav2a2Hd74_FpQu0nkuMiSamOQdZwZ5mkrV9kXy2YBYM_nFRN8Pe7aBRNRUtLUEl70JyGY_PVX8kd43QdWVUje1bSbPJJg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FD85C7178444EDF8AADA5843046D51F&google_push=ATf1kGPniav2a2Hd74_FpQu0nkuMiSamOQdZwZ5mkrV9kXy2YBYM_nFRN8Pe7aBRNRUtLUEl70JyGY_PVX8kd43...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FD85C7178444EDF8AADA5843046D51F&google_push=ATf1kGPniav2a2Hd74_FpQu0nkuMiSamOQdZwZ5mkrV9kXy2YBYM_nFRN8Pe7aBRNRUtLUEl70JyGY_PVX8kd43QdWVUje1bSbPJJg

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 06 Jun 2023 02:06:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FD85C7178444EDF8AADA5843046D51F&google_push=ATf1kGPniav2a2Hd74_FpQu0nkuMiSamOQdZwZ5mkrV9kXy2YBYM_nFRN8Pe7aBRNRUtLUEl70JyGY_PVX8kd43QdWVUje1bSbPJJg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Jun 2023 02:06:25 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AB10 70 B
265 B 157ms
46ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAn6VYEcTCE3MhQvyBmeLU4&google_cver=1&google_push=ATf1kGO0wUn4F1U5cW_ffylW2oKtz2fCat266EwesgtCpveXRokKd8cRDWjUOZ8MnBmiL3bLTCFAmxkSE9qYuOK6PsQP46FyN4mT
Requested by: Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB10
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELtW6zHU5aCFjy4dAzBRGgA&google_cver=1&google_push=ATf1kGNeYrFPdFMnV-lG98urdxtST2FLdOHP4m4hCORAH22LvbCs-bS5Jd9M7rsqpJLSmEoO6mnO9y2dYMvDl2-XO3Qmksl...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNeYrFPdFMnV-lG98urdxtST2FLdOHP4m4hCORAH22LvbCs-bS5Jd9M7rsqpJLSmEoO6mnO9y2dYMvDl2-XO3QmksldDQ8YlA&google_hm=eS1GUXp4M1dWRTJwSFBz...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNeYrFPdFMnV-lG98urdxtST2FLdOHP4m4hCORAH22LvbCs-bS5Jd9M7rsqpJLSmEoO6mnO9y2dYMvDl2-XO3QmksldDQ8YlA&google_hm=eS1GUXp4M1dWRTJwSFBzRkdrclExNnBVVGt5Zk1nTmpyQX5B

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 06 Jun 2023 02:06:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNeYrFPdFMnV-lG98urdxtST2FLdOHP4m4hCORAH22LvbCs-bS5Jd9M7rsqpJLSmEoO6mnO9y2dYMvDl2-XO3QmksldDQ8YlA&google_hm=eS1GUXp4M1dWRTJwSFBzRkdrclExNnBVVGt5Zk1nTmpyQX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB10
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENyMsZOyAj_jxw6TtA5qBCU&google_cver=1&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSawL...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENyMsZOyAj_jxw6TtA5qBCU&google_cver=1&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSa...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSawLFRSPlkA

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSawLFRSPlkA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMw2iKdw_0yHvuqMSI6ptifUPtG3Dn4wyB8LinAUrBsyG7mN0hZM70VWlX6wQEvTsqaLl5hxc-5NXgTAO6uPWqSawLFRSPlkA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB10
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBLm3bTfbqniMpObwX2bQiM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBLm3bTfbqniMpObwX2bQiM&google_hm=ZH6UoeDdER2x98G1RlSWzgAADFoAAAIB&google_nid=index&google_push=ATf1kGORgTD_J8JseYc8tBqibwK0utFVX2h0k...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBLm3bTfbqniMpObwX2bQiM&google_hm=ZH6UoeDdER2x98G1RlSWzgAADFoAAAIB&google_nid=index&google_push=ATf1kGORgTD_J8JseYc8tBqibwK0utFVX2h0kZgrObGmdoQdW7hlTTTe7s0CyG83V_teBXD2-LnII3qzTV0Dq0DJa1Vze8kPdwdfiw

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBLm3bTfbqniMpObwX2bQiM&google_hm=ZH6UoeDdER2x98G1RlSWzgAADFoAAAIB&google_nid=index&google_push=ATf1kGORgTD_J8JseYc8tBqibwK0utFVX2h0kZgrObGmdoQdW7hlTTTe7s0CyG83V_teBXD2-LnII3qzTV0Dq0DJa1Vze8kPdwdfiw
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB10
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKPEWu58uxSPCLNbSZXqrhI&google_cver=1&google_push=ATf1kGMBFb1najOAIarfNJbtIzeiD83cJGdranpgcKD0UTP2TeEo06A1PgEYApwCpsb8s_epIKpbdaHWoam9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMBFb1najOAIarfNJbtIzeiD83cJGdranpgcKD0UTP2TeEo06A1PgEYApwCpsb8s_epIKpbdaHWoam9BS80AoEtLdb--i4F

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMBFb1najOAIarfNJbtIzeiD83cJGdranpgcKD0UTP2TeEo06A1PgEYApwCpsb8s_epIKpbdaHWoam9BS80AoEtLdb--i4F

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMBFb1najOAIarfNJbtIzeiD83cJGdranpgcKD0UTP2TeEo06A1PgEYApwCpsb8s_epIKpbdaHWoam9BS80AoEtLdb--i4F
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB10
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEM7yW6ljb3SdNSD7IHTmcIE&google_cver=1&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmcuMgFdlG...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM7yW6ljb3SdNSD7IHTmcIE&google_cver=1&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmcu...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmc...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmcuMgFdlGwCyn1YsA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGNTTNKoomPlzKknbtXhABSbgGpsUMVqbKC8ahgc7ddzidPANAZSXDDd3A4dSAb32s90hII5zyineAYcAmcuMgFdlGwCyn1YsA
access-control-allow-origin: *
date: Tue, 06 Jun 2023 02:06:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AB10 0
12 B 29ms
28ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxB7tlq0oLo_rPb_ilHwUotG0TNlR3d1uWuU78-yynjsqoNVxbNKsc4-DQ-OxG1viyizwE

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/9170381621892120779/css/ Frame 2FDB 6 KB
1 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 10:58:52 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2FDB 118 KB
40 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 07:18:46 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 2FDB 95 B
122 B 27ms
26ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/img/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:27:51 GMT
x-content-type-options: nosniff
age: 409114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 08:27:51 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 2FDB 6 KB
3 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 08:27:51 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2FDB 60 KB
24 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 839C 47 KB
12 KB 31ms
31ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:25 GMT
expires: Wed, 05 Jun 2024 02:06:25 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A3C9 0
0 73ms
73ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvClglLkEgPhl6M31EfBOlLuxmJd--qSQzEdrrZ7vqa2LlAPu8VDRdaT1x_kX8U4sLCkBhlApEi8KbgzOuIQA5uafSl3dy4HvFn0kVEzGTQDHLqT1hvyW4O3Kbqhv0Su9DfYgqfzlw84vY1lN0M1mVuJwI6as4pf67OiDiLFj07rwepvlEE1wWyHg_YtIplZ-Fbkaus-JsRRSesxuarepC0kNqseL-PZUwb66oa_Drl_eRlIXmmdLYKCgkk46OSlgCquW7sqmdsjykm5HkXsBJGoq5xistlnu4i7MN2MExz8yR2iseVvrrtw3rHv-NVYVGxwpPwLxBC8N3zjZME9KdsBJ5RKQXI1w8j1S763-2cY7eAzPjgfnOrr2Nvs69NL0IzBBG_-DTbw5bN0r3JZUaoklNCJmGplZtFCHUCHhXcIjgfzxYtjJwn4VCl0EO7RABgZju0JZy9mGBJXLc1OG5fytMYnrK7XA9NuGZcfFZH7BAmzL4wvyZv-hALqkOMHdf6RYAoN18_t30RDeZqQEYwPMRfPVoIf0AdJnV0BgqAfqlBrJisOYvAdN1PnSMDmEavQ5DWz_01kOzHoN9ezsiwArvZr9GvHQP_xVEbEfDtgpQOsVBNPMCqQtr7cN2_zqlXAdnkpBYF7KpviOKfH7Dvkwaaf7UtEAHLkJ51aPFOVwSkRH7YGm1Px6d1v-tsCokRg4WcPve7dEg4dFbd7S67E_t5HkgLj16uDb4JdEyks5OdxvqCwVzzyOA5lmkftAau7EJFF5TEHjAMtCXnU-HYWAr_K6_j1Tu26K5vZxQuJtTxm5tgZE3wm2BzWmqo8_IL58fIfDAEITU3Dt98yyRg9pgi2o5cE8ICEgWMcz-YQvLPVtpkaqNQ9ilEaawHXV6fp6PkBqb9N1S96yvXcGNWPzpOydgvSpV6y5Rlmwissaczec_STMLZqc_mJZjiIHuv5VAdDZ6KDgigxZoCMk8nImhRbEaI8_fBS2QLNwrf-faOtm1GKcQzGhD-MGiA_vtcmJHR39XS1oSSq34LGHxPr8yA2klN0ldmddUQWN7mbgWhSVI5we_B4GGvOTRTDgHTsROec1pEjT5-ft2vmv0CUAMyu1EeeHfscnlcRBbHFHSh0BcLNrDZl-LE2V40jskkazMFB8H6ny1AGjG2NgCK8rx-Db5zjMs_hypJ3oh0fu0se4UvhEi5v2LQa8tqQ7Jh4pGJAQnHN2Clu0KApbgy33F8sKaQEaUP04gEhgyLqP6ZKQ2Mo6ridyLit3V_Ikm3nJlaDmLer18&sai=AMfl-YQhZ5aSb4D-0RDlptnLB2eHmb72EbOE7d5dBLcrZvSbBqwjTxaBymiJTD8-Qvd7Jp3IHjRBdRo60Lq214lpBQEz8Gbo0Gn2FN7sIQK6UlyWNYNAWfB23E3i2WR9t9LdHn9ixnaNcDhiOxZhYXytbbGXAOE6MqjWKpTIggSweF8XUzk8e9w5HVFC_t_pHv16rKBw0EekmZl4UUgloBnMhGP-IBf1mPTceryd&sig=Cg0ArKJSzIQIgWisAkP8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=197&cisv=r20230531.71787&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92D0
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPUuMx_mqws1fRuo2MS6xbc&google_cver=1&google_push=ATf1kGNqu-LVYLAUnQlIrnUlpJzrbmJKp1EO3dACEHmAjY4O1pyZC6yz3k...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNqu-LVYLAUnQlIrnUlpJzrbmJKp1EO3dACEHmAjY4O1pyZC6yz3kILfUTaUEmy5WfeB2-UHuV0JEm01QVGpK0Hj3f0yqo&google_hm=YFzGBT3NFB9FF...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNqu-LVYLAUnQlIrnUlpJzrbmJKp1EO3dACEHmAjY4O1pyZC6yz3kILfUTaUEmy5WfeB2-UHuV0JEm01QVGpK0Hj3f0yqo&google_hm=YFzGBT3NFB9FF6L01loY4w

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNqu-LVYLAUnQlIrnUlpJzrbmJKp1EO3dACEHmAjY4O1pyZC6yz3kILfUTaUEmy5WfeB2-UHuV0JEm01QVGpK0Hj3f0yqo&google_hm=YFzGBT3NFB9FF6L01loY4w
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92D0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMGME1LFdfsN-PqdkpOAhPw&google_cver=1&google_push=ATf1kGNMBQsigO6qr44G1pEiBgC4fEV-u9_0SorTqvjhvy79FjEKQoisHZWfbf7bWvAnFd_lrVIpzwyUF7w5odvc...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNMBQsigO6qr44G1pEiBgC4fEV-u9_0SorTqvjhvy79FjEKQoisHZWfbf7bWvAnFd_lrVIpzwyUF7w5odvcjJEI2nK9bRKv

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNMBQsigO6qr44G1pEiBgC4fEV-u9_0SorTqvjhvy79FjEKQoisHZWfbf7bWvAnFd_lrVIpzwyUF7w5odvcjJEI2nK9bRKv

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x16 config_version:"558"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNMBQsigO6qr44G1pEiBgC4fEV-u9_0SorTqvjhvy79FjEKQoisHZWfbf7bWvAnFd_lrVIpzwyUF7w5odvcjJEI2nK9bRKv
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 06 Jun 2023 02:06:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92D0
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENG3Se1XskIBcd78B5-ihhQ&google_cver=1&google_push=ATf1kGM83vV2EAjk91MHhvK_dUOew_ud9Qi8bRbhZR8Jjh9CF4XzkIarqmF6KDjRGZnN4Y90fP4DW...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGM83vV2EAjk91MHhvK_dUOew_ud9Qi8bRbhZR8Jjh9CF4XzkIarqmF6KDjRGZnN4Y90fP4DWUxY5WzmI4QubVSv5Nn_HgNe

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGM83vV2EAjk91MHhvK_dUOew_ud9Qi8bRbhZR8Jjh9CF4XzkIarqmF6KDjRGZnN4Y90fP4DWUxY5WzmI4QubVSv5Nn_HgNe

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 06 Jun 2023 02:06:25 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6421990D98A64DA794B4CBC2887C7E32 Ref B: FRAEDGE1710 Ref C: 2023-06-06T02:06:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGM83vV2EAjk91MHhvK_dUOew_ud9Qi8bRbhZR8Jjh9CF4XzkIarqmF6KDjRGZnN4Y90fP4DWUxY5WzmI4QubVSv5Nn_HgNe
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9bHd0bOjJzmd9eNTdbA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92D0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGTfYg7pLYETEamF_NXyiLw&google_cver=1&google_push=ATf1kGNfXNi-l7Qz_VGqFBKcJJdY89TadSfuHBSPXQeLzQ_LEHpJUMatHi58A7rVlmGILCGwzgHXqlMn5-QzuT...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM4ODY3MDA4NTU2MDQ2OQ%3D%3D&google_push=ATf1kGNfXNi-l7Qz_VGqFBKcJJdY89TadSfuHBSPXQeLzQ_LEHpJUMatHi58A7rVlmGILCGwzgHXqlMn5-QzuTynW7...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM4ODY3MDA4NTU2MDQ2OQ%3D%3D&google_push=ATf1kGNfXNi-l7Qz_VGqFBKcJJdY89TadSfuHBSPXQeLzQ_LEHpJUMatHi58A7rVlmGILCGwzgHXqlMn5-QzuTynW7Lf34dn9mYD

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM4ODY3MDA4NTU2MDQ2OQ%3D%3D&google_push=ATf1kGNfXNi-l7Qz_VGqFBKcJJdY89TadSfuHBSPXQeLzQ_LEHpJUMatHi58A7rVlmGILCGwzgHXqlMn5-QzuTynW7Lf34dn9mYD
Date: Tue, 06 Jun 2023 02:06:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92D0
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJiJdmiYePDN9wJ2WxgS3oE&google_cver=1&google_push=ATf1kGMLocqUsENDvg1CgiJEIOS8DSlBgPlFzAPOTcAcqR_bKYo-FZfYcWWPdiO_5ZmD_i0GBlFIqLpLs-vjOE0g...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMLocqUsENDvg1CgiJEIOS8DSlBgPlFzAPOTcAcqR_bKYo-FZfYcWWPdiO_5ZmD_i0GBlFIqLpLs-vjOE0gSQx6Oxzeqg3a

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMLocqUsENDvg1CgiJEIOS8DSlBgPlFzAPOTcAcqR_bKYo-FZfYcWWPdiO_5ZmD_i0GBlFIqLpLs-vjOE0gSQx6Oxzeqg3a

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 06 Jun 2023 02:06:25 GMT
via: 1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMLocqUsENDvg1CgiJEIOS8DSlBgPlFzAPOTcAcqR_bKYo-FZfYcWWPdiO_5ZmD_i0GBlFIqLpLs-vjOE0gSQx6Oxzeqg3a
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: H08uiAh7eyFYksxkNJhioCi73Ff6oBH6bPvbx-t5zKXkshkvbtGDsw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92D0
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEDqIzYXQiUrAeMOPUQxFMWE&google_cver=1&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREMf8Y13bo...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDqIzYXQiUrAeMOPUQxFMWE&google_cver=1&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREMf...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREM...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREMf8Y13bo3xW8I

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PvqZ5UyXScePTvXxMh8lDA&google_push=ATf1kGO0hLKlASkZUwsHT0zgQ0KkOTRlnOmVWTQcwwnoNDlhz8QlS5X0rS9cHDv3mwbKzuQyO7HRXNjptKgNREMf8Y13bo3xW8I
access-control-allow-origin: *
date: Tue, 06 Jun 2023 02:06:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame 92D0
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM7KVz0N6msTsB2JjMQVL8E&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPTaKK3q__Vs2-TpdlaZxa1KcjOMRkK7TS8rT1Up6aqWZJZGlqXZ1zToYFqmk61-jzROGbuc3qmaFQiwWXID2_6UxrYUHTHaA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

45ms
45ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Tue, 06 Jun 2023 02:06:26 GMT
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 92D0 0
12 B 30ms
28ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IU-pLbEQrxyYKkCt3K6c3zro7dA3odijJvRJpxbZneLJ-aQMRXyNEH5dYq3Cjs1bNI5jJTig

Requested by

Host: a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
URL: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 74EA 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 249222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:52:43 GMT
expires: Sun, 02 Jun 2024 04:52:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1D9F 118 KB
40 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 07:18:46 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1D9F 63 KB
25 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 87C4 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LRo9Ug
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1A26 22 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 249222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:52:43 GMT
expires: Sun, 02 Jun 2024 04:52:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 839C 118 KB
40 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 07:18:46 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 839C 63 KB
25 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D49C 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 2FDB 13 KB
13 KB 22ms
21ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:23:08 GMT
x-content-type-options: nosniff
age: 538997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 May 2024 20:23:08 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 2FDB 12 KB
12 KB 23ms
23ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:58:48 GMT
x-content-type-options: nosniff
age: 227257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 10:58:48 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 2FDB 14 KB
14 KB 22ms
22ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:27:52 GMT
x-content-type-options: nosniff
age: 409113
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 08:27:52 GMT

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 74EA 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0364 0
0 63ms
62ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnFpemEbJm2SKaUcJmZnxDb4IbI3ys368RlkuEgQpMswZphD20xCxqcT6nV0JzsiDp2shOtKYpPJ7JLWDIhFeIALrDWa5jnsRmlxB_oHv9xReQBNLlgtIw_C8iJnvsIAmMgvs2e_S8Qo46WYJe6aAlXFT-83h75KpaTXqh92ir6_epZI2fsnLbHfB5V0zAFdAX4DS7MrGYMMt4BjJRoz18C4OwVmDYznO7N4Igpm4N2oH1anroTrCZVQg96Nr33tWKjgduI66p2SMtdpVllU5nxkhnw6KcqgFBqRDAT1AyQzQG5smVjozUMR_p6bFjuIilTsNpqSH5dTKU64tLi4YUsVCfWPWODzTnL1Fdl9RD3cfRcSEwVyx__L1sh89xRHMlwqZQhaOlqNPqBNlcwNeEn0jzU-3nnzDb6frUmPJquIVF4g7QR41zM5ujr4EtFSnVpvRMavv08ou1MT4sZYPPM83nXeKnR-DlJgHPklYnf22jicGFDw2kfKHFvQvCIVX2sULetQF8HkOku5M6IxgR8r2uSGAwgkraTcX0mXP6tdTQGiWkNkngIPQGxFavGPwVH-IC4aYyxCPtTz2CdTL-eXGz7PssEjqZn8DcGCaYhfyO8f7TPvQPo9ZNT-3mHsR20yKGKqtRfRt38cRe6lmzsx3npr_EelUEl82ac1JjgYWHoIgy9CxgHHcgD4xFlBglGHUzSMse1MIQbcinUDaOFDT2ZacGBP9T4NP3pHY-Qii4aNWQwGMJMBUzyFHFjhnN-cFJkiPRFD7nzAfhaWTUIyDp6k-V8G7SIGVP-OR_1KivppU8QuOwZhCnGUsljxOqBPKYx5eQMx1bhkJb2KYNFcNe5-C0mN7ddAOmhMvyOermRZffW-nNe1cCMgSZF0rt1AGGqeLpPAWbSU0CZ8epg4rPgrRBnA4qLQ50SkSSRx49mU3dyN1Ce1egKtW-1mhQeyjkytv3ruGESTzDUsu9nZ25n9sYxuqAVEamQtOvodzSj3ZgPUSff7_oi2mQeG16p_DYILFFZUo3jxlYeXoylf2Oi44B_U2y_6QoNm23upBHfFhLDRjarIY2HAQCWO8alC4-b8Qdqb0ZWaY5hKJ8PPiwITkRMp-H4nxBgE3SQml2CuQdxQEOhTp3bCWdUTHTvUjLaP-sE1r37jQEtijqXF6VOfZ_CkMneelU6ouUhOAHP9NXPaEcVTgGdqz-XVe_vNW8Y0coOt5zYAhbrjybRuG_6edLxrRco7CfY_ZjaEv8dN2G589CC6N27FrEuBE-qWD26W-SAuvaEg&sai=AMfl-YQiNP82Wzaqmdz8PkEobM41SC8HAt1MgN0zfoh6rV6BPymKa8iRjC0j9DsD2D8BimoxuPqa95WiBDPxf5_tRldBIgZ2eNout2PYIOZMaSornqZbTlcbLh7uS-4ApA6MEmffbWSze9gQdogNc7gLItlNigbOgwpfN22xxby5XDHTrmzQ9CUN2np-99WdVq0CvuH5QowHSjN57IV4EotHWxrvEUdUusc8DGDAhg&sig=Cg0ArKJSzAvvE79qMiJ6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=391&vt=11&dtpt=204&dett=3&cstd=180&cisv=r20230531.93887&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Jun 2023 02:06:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2FDB 7 KB
6 KB 35ms
34ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1db54c121f4f16e227a6c3afe71f24ebd80c577e346d734b8bba7a7cd336cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5575
x-xss-protection: 0

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A26 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3524 0
0 63ms
63ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstD4QhLYu33-2hXKyGmieJVMIGc5WfnZVZPuLJtK_OwBdFMYleLipkauqcyVX92oMY3nO7fJF9ApacrA-LapwGCsP0qnieHap2kmz6kFgUxkHMvnrWs45I-YFZZ0Pswwih4rO51yLfLZ-cVwmDk0ZY_m_aXAhWeWyaSlNXeqMhRv1XP7OewMX2lGkRys6bnbue3KVNdiNz21zhZxeBkrkD6nFE8DGBMUda7NvA2inaPtWJjfZ4o1TkPcmCe0ENvnqX2r4MbnNLfCRxAFxXQSZc0lksd4QRUy7kzYIrTbUvLdOZrY6eSXj7Z7vyolvsE4r4z1Xk5MOPSPJK8UTxZabPifXDEJSLh_BRuH-pQMRrEAp2AO3m55ap--igqqt9FWQ-ded8aRjtN88r0IGl1TAfrehK_gBed3beX_-pZTfMBYXnMh_WnUhZPVhf4EH7Y1NYgmdeSpGj7lupne_Jy-OGsvAN4xE6Owk1UP02-Sz7nRZ6xCam-ThFU8Ik0rz_3jPKXgB_EqDmgNG04W3ygPR5Papt5vv0vsJsy6Qn6tfaZDRHEHq0reR2jCroYKYDfmfhlG5y3KwMdgH5Rh9QPfHtbJZUSIQU7iFyeHpuaIGkerwEeLdPOOL_1h62Kzaf89WTSOHNJp2HTfBSXFrrlDanmsETwGk77T6GiK2a7WjlXdxMuj6XP3XSzj1JkS8X9GG1DjKx8VIHdHxC55kKMrowR3a48ZEkAr8nqZfK9TI_F4lvF10O32zsn8AcqasNew0RArjSZxiIBOmulweETjpnIBTjEINIkEGcTw_fGH4SrOM1vsIR1MG56O9mljwBfPU-oYq_XMJTUXDpTemK8QNanL-RliusnTGsrCsyUDnJ7SJWIIskP4JenfYys-tQc-clZTQEdVXhoEEXL-9eOHBEIOwhmSDVYRwOsmdKBO1j5QvFOXvkytaauXoykcDGV9MsGG-pSuRhShH_omVtEVE09PYNbaGlzsZ9bwBc6xYm4C15aP83NDnV6HMdnOPeziKKN6erWmobs1961OvsyFXxkV_iN589AjMBRaoXx0jf4ybc-cH3ZyDMPNr3uj-vLTvT6_fVQsHFZw5FreMu8gVDB0T4dpZSz47ouN8J2XANZm33IR1w1VqVTOqP7up6fi1tNgnSP2wcGYTU9kFOlhZse4yMqoGMj5j8fNr6XOkUsuOiW9L0zDRXiNeOkaPXCi1QTGyY5edzi8MISfTA2iHRlJ8TQ8g&sai=AMfl-YRIenIgK7uYcfX_Mt2B_Dmyg9_P3K3sVBlYUNPSfTtn6vKnpy7LIXt6efI9pMCGhR3OQQVeJ0-y4whgfwe1gIgl_nR9cfBA4Jc9vsreoi3h5Wt4TS96gjtSRslEc8YdLQ8OqblW_dJ8SgXTuckaTaV12YDAX1XOz-Ra9tM01ZVINODJKQ_lKhqyw-rM-UDGdEAJN6uysf96hCXI92Bm7wFE8ft_JnyqgHzkGw&sig=Cg0ArKJSzFlFOPwGZbiSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=499&vt=11&dtpt=256&dett=3&cstd=234&cisv=r20230531.06105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Jun 2023 02:06:26 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A3C9 0
0 61ms
61ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvClglLkEgPhl6M31EfBOlLuxmJd--qSQzEdrrZ7vqa2LlAPu8VDRdaT1x_kX8U4sLCkBhlApEi8KbgzOuIQA5uafSl3dy4HvFn0kVEzGTQDHLqT1hvyW4O3Kbqhv0Su9DfYgqfzlw84vY1lN0M1mVuJwI6as4pf67OiDiLFj07rwepvlEE1wWyHg_YtIplZ-Fbkaus-JsRRSesxuarepC0kNqseL-PZUwb66oa_Drl_eRlIXmmdLYKCgkk46OSlgCquW7sqmdsjykm5HkXsBJGoq5xistlnu4i7MN2MExz8yR2iseVvrrtw3rHv-NVYVGxwpPwLxBC8N3zjZME9KdsBJ5RKQXI1w8j1S763-2cY7eAzPjgfnOrr2Nvs69NL0IzBBG_-DTbw5bN0r3JZUaoklNCJmGplZtFCHUCHhXcIjgfzxYtjJwn4VCl0EO7RABgZju0JZy9mGBJXLc1OG5fytMYnrK7XA9NuGZcfFZH7BAmzL4wvyZv-hALqkOMHdf6RYAoN18_t30RDeZqQEYwPMRfPVoIf0AdJnV0BgqAfqlBrJisOYvAdN1PnSMDmEavQ5DWz_01kOzHoN9ezsiwArvZr9GvHQP_xVEbEfDtgpQOsVBNPMCqQtr7cN2_zqlXAdnkpBYF7KpviOKfH7Dvkwaaf7UtEAHLkJ51aPFOVwSkRH7YGm1Px6d1v-tsCokRg4WcPve7dEg4dFbd7S67E_t5HkgLj16uDb4JdEyks5OdxvqCwVzzyOA5lmkftAau7EJFF5TEHjAMtCXnU-HYWAr_K6_j1Tu26K5vZxQuJtTxm5tgZE3wm2BzWmqo8_IL58fIfDAEITU3Dt98yyRg9pgi2o5cE8ICEgWMcz-YQvLPVtpkaqNQ9ilEaawHXV6fp6PkBqb9N1S96yvXcGNWPzpOydgvSpV6y5Rlmwissaczec_STMLZqc_mJZjiIHuv5VAdDZ6KDgigxZoCMk8nImhRbEaI8_fBS2QLNwrf-faOtm1GKcQzGhD-MGiA_vtcmJHR39XS1oSSq34LGHxPr8yA2klN0ldmddUQWN7mbgWhSVI5we_B4GGvOTRTDgHTsROec1pEjT5-ft2vmv0CUAMyu1EeeHfscnlcRBbHFHSh0BcLNrDZl-LE2V40jskkazMFB8H6ny1AGjG2NgCK8rx-Db5zjMs_hypJ3oh0fu0se4UvhEi5v2LQa8tqQ7Jh4pGJAQnHN2Clu0KApbgy33F8sKaQEaUP04gEhgyLqP6ZKQ2Mo6ridyLit3V_Ikm3nJlaDmLer18&sai=AMfl-YQhZ5aSb4D-0RDlptnLB2eHmb72EbOE7d5dBLcrZvSbBqwjTxaBymiJTD8-Qvd7Jp3IHjRBdRo60Lq214lpBQEz8Gbo0Gn2FN7sIQK6UlyWNYNAWfB23E3i2WR9t9LdHn9ixnaNcDhiOxZhYXytbbGXAOE6MqjWKpTIggSweF8XUzk8e9w5HVFC_t_pHv16rKBw0EekmZl4UUgloBnMhGP-IBf1mPTceryd&sig=Cg0ArKJSzIQIgWisAkP8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=377&vt=11&dtpt=171&dett=3&cstd=197&cisv=r20230531.71787&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Jun 2023 02:06:26 GMT

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 2FDB 92 KB
92 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/img/visual.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=SXsZMsyYhc&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:30:54 GMT
x-content-type-options: nosniff
age: 23732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94238
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jun 2024 19:30:54 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 839C 47 KB
47 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:57:15 GMT
x-content-type-options: nosniff
age: 551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:12:15 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 839C 46 KB
46 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:53:34 GMT
x-content-type-options: nosniff
age: 772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:08:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 839C 7 KB
6 KB 37ms
36ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64e95700ca7a96120526898bac47ac272a33e88c77f4267fda0d25ebc22b9d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5715
x-xss-protection: 0

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 839C 2 KB
2 KB 29ms
29ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 18:42:46 GMT
x-content-type-options: nosniff
age: 26620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 18:42:46 GMT

GET
H3 200 60005582_20230413245519799_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 839C 36 KB
36 KB 32ms
31ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413245519799_300x250_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00867e4aa81a541e2fad8ba10b2c4e9a6b137bdbb4ba13fb1a38d2fea88cb41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 03:05:17 GMT
x-content-type-options: nosniff
age: 82869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36758
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 07:55:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 03:05:17 GMT

GET
H3 200 60005582_20230413243008511_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 839C 34 KB
34 KB 30ms
29ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413243008511_300x250_LOOK-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f46bfd81485e775d3ba7208cd1de8eb706639b1aaa338f371676199625faa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 22:01:49 GMT
x-content-type-options: nosniff
age: 14677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34621
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 07:30:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 22:01:49 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 839C 43 B
608 B 99ms
29ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29115794_4307561_355028899_145340772_HSP0201A20230413&ref=29115794_4307561_355028899_145340772_HSP0201A20230413
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 7397371
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 01 Mar 2023 07:22:36 GMT
Server: cloudflare
etag: "2b-5f5d1938cc700"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 52523298
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7d2d18950c1f0493-FRA
Expires: Wed, 05 Jun 2024 02:06:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2FDB 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 02:06:26 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 839C 26 KB
26 KB 21ms
21ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=U2vGXW4H4P&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:58:02 GMT
x-content-type-options: nosniff
age: 504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:13:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 839C 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 02:06:26 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1D9F 47 KB
47 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:57:15 GMT
x-content-type-options: nosniff
age: 551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:12:15 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1D9F 46 KB
46 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:53:34 GMT
x-content-type-options: nosniff
age: 772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:08:34 GMT

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1D9F 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 18:42:46 GMT
x-content-type-options: nosniff
age: 26620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 18:42:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1D9F 7 KB
5 KB 33ms
32ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b861dae7ed25de0659f0997c43614ced1035bb5ce2b1bec82844bfc86ab287f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5609
x-xss-protection: 0

GET
H3 200 60005582_20230503241617712_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1D9F 25 KB
25 KB 24ms
23ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230503241617712_300x250_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd268841271a7a193e86500967ec98cab937166dcf55e86ef1c1160635fb584e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:14:17 GMT
x-content-type-options: nosniff
age: 31929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25556
x-xss-protection: 0
last-modified: Wed, 03 May 2023 07:16:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 17:14:17 GMT

GET
H3 200 60005582_20230503242002254_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1D9F 34 KB
34 KB 22ms
22ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230503242002254_300x250_LOOK-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

990bb3be367ae44d6ebf4b42390d8bd9212c9cd09aef40547694175f47334629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:00:59 GMT
x-content-type-options: nosniff
age: 32727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34762
x-xss-protection: 0
last-modified: Wed, 03 May 2023 07:20:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 17:00:59 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 1D9F 43 B
608 B 30ms
30ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695495_145340772_PO0301A20230503&ref=29118705_4307561_354695495_145340772_PO0301A20230503
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 7397371
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 01 Mar 2023 07:22:36 GMT
Server: cloudflare
etag: "2b-5f5d1938cc700"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 52523298
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7d2d18953c400493-FRA
Expires: Wed, 05 Jun 2024 02:06:26 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 1D9F 26 KB
26 KB 21ms
21ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=9hqkHuRocm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:58:02 GMT
x-content-type-options: nosniff
age: 504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 02:13:02 GMT

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F155 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F7B 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D49C 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ2CuoZR-ZOOcGK2wx_APvNm54AgAAAAAOAHgBAI&bg=!LC-lL3vNAAY9J7QfHSc7ADkAdvg8WlHlfpvB2pSWvcbdFDWheLYFc9F8GYFpmjHL3jjnhGKe6OjDvwGBgPpQomXwFi37od3MTMsCAAABCFIAAAACaAEHmQNFtZ291EMRTJzWcoCTqjE4578w_fwcHxMKeXFyb8UH5AzguzKg1lL2kwGzo4pd3YD9DrkXH75Gv5EXeI8Ul-ZVPdOE_EnzccZgPFbk-xRJLSFa5le9odfYxhmI3u3h2el3MOHcX2LwYo81pq-HYRkK37DzYLIXxDGgKZr5aM6S5yyZnW4eiuTD6iEy86VEewiFKvN5tj4tKVzetg9JQNvk8whNUHWh4NwxhSB_ClGhIVRAYc-O_h5AmaE2dNK1KSrWlXFFaM4w5cvu0mL19rV3hraoo6zOuNQco5pHgY7PuyCj1WotlNK1ircWHx6n6usfWfV9R-eGw8V1OmauBY0mKMk-ygLZP-iqUbQOlOCIBgQunGvCYdfnLVnzkVHYcp7MOFXw2HyUepIf4-E3XifIxBfOiBPJ0HD54Co4Utusm2LWRC09dYb6AVq0QVRbF_tbws6ly3AapJ8P7fWvLbTqi_SnAn49wgCz7Bwixg7zJORvAFHlfVQ317tytaNblPKAcp_5cW1B06TT-GMTGJiK4bO702eTmIRBa9jFOFuT8FO33_LlU_1m2wvi0H8hvqTV_-M4QGh6VFW-chuD2js6iRIqvtrLzsftLQAF5KygRRS2Yxn-6sL37yb-kiWkTNrI2ZU4nXIjBUbbIX6aZlEqxgYqX33xaKP4bXAGVjQijYezCqek-QHgijoB9d5dfp4JOpEPJgcbXq14n77q1XbybQ942UOGdVlcRboozVJhStwfyVtm7QficcnZxU7v263CjkWx79ipP2QBXbWrDI9HwUlrBTIT43HJk0piuj8K4XKOjvheKbGLooiFIKr5uMtLLQm8TKME_Es_sfdQnXh6dQR7Lpdfuj-QBAWqGYcKQ-msbEAtb3k3n2JnpAXO7bPpLTdCAThHfJiwP82ddOBCtbG5ZoQ_oeLOBPlgZ8d0vGwSPCJlk_I4CFOt8gOs2ZFqKJ8gJ0V6BhhHufw-Yp7KmIwxbChHkJTK_wob6da7pnWbBrPRPAbE4QoSDwuwD1zPhVYLE91al1u5E5nV5jSHKRDxwOFTGrScUsKabZN52IvhJwoyEgu0krfy9vy7qwIBaPCYaJ46wgKcPc3Z_XtYBczhxCDh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A26 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQdJqoZR-ZKrsGc66x_AP4dWVuAUAAAAAOAHgBAI&bg=!RUalRhLNAAY9J7QfHSc7ADkAdvg8WiX-eeuYENZYJCdG4zm45GPMVhIV0MwGhFwc1lHSTxBMuvGNxcpwp5BhD8XLw9aI30G7MaECAAAA6FIAAAACaAEHmQNExZDt0m65_7qzBcpM3cHjq3m4QnxQbctWMqwyIp-YCo22gWWPWDLVOgAxM6JmRg65k-GWoHu7pGDHef0DXjnkyn9o5co0UHKCgL5QRbKbGKcseAM-4NZ_YPnmP37GRIPEWjY-PFVVbGw9b6rGZHln3YLQ99w6a2KYgzAqaHQgLrulZpNrV2mkupWxy5UAmwdZU0cc0Awza7rJgVT-snrSwhaTio1yUHAZ0Sh98IHhgkoBbX7dOST3TGj9uLJ6DQrL5nh8Tnvr8fQGs6sJQMek8Y49fqpX653CF5GoJ1pC40MfkJ_7HfGilk3mBf_MSPpAX4AajitbsJTa-0rzb4BpZimfzGhMpvt-LjhYSfoybFM8L9xz2Xib-JDLDyj159zpNO7TnEJpJ_DvMyuenPmiHgD2lb10rH9sG5P4HAgKfxo5xYTwDNuP3oFzbckP5tTh39UYg-Mti98vAi9P_t2zehoM0eGv_VnWhZKlIIo_prH8OU0Yt63yhL0sNRqdYn51etFWunB0gVofwKk26GXGt0KyrLe_ev-oPNX2wbuWwYEBj5puD2b1e7Diu64SkJq5bobkVuh6U3WIDJVxLvcnegX2ri86QWlHk2Zgn8R1EKao_dcMRe7eokFGJL1yoXSeMtAy9jx7uSWmBbrpmEBSCDEjJ4Ze-LmKUqln49wjXwsJsg59cTUB4A07pf5BG3PnvqicoxlVFuM4jd4R4ItLsIGC-dx2-wisyW5nFJ2OPDqhflEFCcIAa6tNXkB340e6Sk_busXE31OM0RPOu_OlGvXX1sDK-UZ-WUxcMpRsYiA0iIa0Ucw9CxAr-zoMQvPqQ-TJi9DkVm1CNg_dm03uVeynxk5qwH5HS_YwLna0xf7li9f8mwdwTn7M672pKQptg28LsPdMybn2AZRV9zANa2bZqsLDeS_mJ5Z8cNMbewLfrLTCb21v1leRu5yWizGz4Qd02nkH5hi_S-Ph3FXFO4SLYRh5_R3_dJRXiVYYHZgvLx26Qry2x_QZdKuP4Jr-eFFw7Y4n1uSxhX62N0qHpz2XMNBbd9MZDTcF0BAtXfI1zdIHufQoY5PcJs4CwJCFH24O8eSGrgbKlHX8elsKjO4tQok

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EA 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-m5ZoZR-ZI2lGcbBx_APo86o-AYAAAAAOAHgBAI&bg=!PD-lP2vNAAY9J7QfHSc7ADkAdvg8Wg2h2m9pKAh2yb_OGKKcpGdbTcj8gjjL0OCY1o7wJhBZN18SPim2kdj8b-HPtqER3rT8g6oCAAABCFIAAAADaAEHmQM34YDrhQVkVrURoe1DWLRvxW53aA-oHLhAl93gjtp3-wc4endyYLammuXX2C1tRvZdd5B7eN8raz5LWZlY-YquOn-xLnbYtWVqmPRIUod1baAy02Za_Zru1861SixhlXAUsj-8N1UVxREqzG96b65sEOZohhKUYkKxRloZ92Nm_snynq7P_vIVSMeJ6m9aepOXOoGlGhPpQFZ2cM2vABSNKfmAtO-euw1k0E2awy_kNMXEXEnp5_k8nc9lSXDDIoIMNF1dI2fVaRFBG-TMsETBMrwOsgl4JlLHxwon6pPoLQzCiZsfiK4KMK2LnT08dHr9qLl76A1cYHgvvMHVJFTjh3PZPb-qT4jcf1iV6xJ1v6aZQrGGWqV-tC4KD7duiSQuTX_wuARsej5ukLMDT5Sn4YTkj-sXpf9Tqv7AUl_1Pn_5FYiFfrzG7IQDFwh4jvWXSFiS7sRyuDKHZXaoUY1LqVbCx2bVgioTwOkHul9-9SjctBgXv5qDMV9vqKP1tBc2SJG--nDXgw6CKEh4qgnEb0hqt66ExM4NSexOkMjbQVVFqp1yBcemUT15eN7BhJ2gQYYbqDPNQkk0rCSHCBsgZoXEh-IBXyQC4sRjo5jCqMg70tLORwWO6ADfZHUSql9dliUNLzeFsSnMmrpASuL8rdBQxyJcE6Y-_xaQcVQW7eYW1SvDWxeYHg4YXyTOiTB1vnPJLsDORtxbPjN_gmWCkS6Awny13R1J4Q4GMiXltp6Rsqfk1ywx2pX_WePhUS5ZkGA5TmkEpPFOEMVt2UHTZ4unZNMd0nZU-BzAa-3Dvp4FizNqV3jfPlB8vRGvh1fQUVU5LOChLJTSTQcGPeo1Y9INVjQEKHvemuQskXatTFTRkC9EvN-n-gX_PJfxS7TPPvE8nQE5LYyicRV-RGh35TLNsFq4BV60QElwPtZ0rLzbHh7Apcvod-6pbqynizGnxdh5gtoXAr3WdZ74xB6naLEECakiAKySuPYxnHmN9OFkiaZg8gU6lmgdxHC6EtYrAIhDWiQFRKpKWURZZf_ipRvRP3JhD0yHwJtIq0mO3PdciG2n-VIomw6fcOrUVT66M57ADtVOZg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1D9F 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 02:06:26 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.1/ Frame 89F6 111 KB
31 KB 28ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230604-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 2393976
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 31023
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Tue, 09 May 2023 09:06:26 GMT
server: AmazonS3
x-timer: S1686017186.461992,VS0,VE0
etag: "f42b894e197d2128ee7d3b438e0ac56d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
x-cache-hits: 138935

GET
H2 200 feed-card-placeholder.20230604-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 89F6 5 KB
2 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230604-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37f7b288df5c0cb70123c10a8c8dacaf3189db0c96a5fc2693f18c80d75ae104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: E20zmUzyMsrzYjGXrE7taae_4KR4Rcq8
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Jun 2023 02:06:26 GMT
x-amz-request-id: B37KTG63Y8S5RVC3
age: 47376
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: L4N73X3aem7CFgLgsF3jySV639Ebm/rMcXTaqD8ORTljEBjir47sQiRVYC1YQIUEzSljyQdybko=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 12:56:50 GMT
server: AmazonS3
x-timer: S1686017186.457180,VS0,VE0
etag: "75ec3a31947fa4de7c9f75a5c3bda89a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 31359

GET
H2 200 userx.20230604-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 89F6 17 KB
6 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230604-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6907d43a9e4b4307fc6f5d619fbd7b39f0b5b72f1578b6343d5c50b927438da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: H3jUu9oQv6ktLGpiPlUfTnLgLWRqAPUQ
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Jun 2023 02:06:26 GMT
x-amz-request-id: D7QVFMTK97702XVS
age: 47349
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: GkOcl+WG4fmqzmJUPiwq2cIkm4Di16riRrN6Z2e7TKT3jz1fii3ZVAasjctxCJRwEaVA12F5oq8=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 12:57:18 GMT
server: AmazonS3
x-timer: S1686017186.470942,VS0,VE0
etag: "77f044b924f457079f505491792bc6fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5783

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ Frame 89F6 4 KB
2 KB 22ms
22ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Jun 2023 02:06:26 GMT
x-amz-request-id: AYAY8C5RV6VHFQFT
age: 102
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: uXXi/CHzx4H+k/Dav0BANeZz2+huxUaTAYSpYKv6pyAG2ehKzSWgM89aoMgNsGGv1IubO09tKIk=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1686017187.512965,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 2
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 14

GET
H2 200 v5
metrics.getrockerbox.com/track/ Frame 89F6 44 B
555 B 200ms
131ms Image
image/gif 172.64.165.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=25426856&tier_three=3697345370&tier_four=onedio&tier_five=Desktop&auction_id=2023-06-06+02%3A06%3A26&referrer=onedio.com&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.165.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FmqzK8tsb8P%2FnpWhKpo3ONis3%2FhWnp0%2F67xiooE3m4vnpCOFO3v91ZZlzQgBVK7FodNPrC9wGUI7UugiuJzfCp%2FXRf3P22cjh64jnA7jzZsED3VC7QhlLDzATrV2ssB5S3PFfeIvlzFKx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 7d2d18985882383c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 abtests
am-trc-events.taboola.com/onedio/log/3/ Frame 89F6 0
230 B 31ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onedio/log/3/abtests?route=AM:AM:V&tvi2=4410&lti=deflated&ri=68ccc86e0176860cd2b84487a6826a57&sd=v2_c191ff221c3cff375731cf40d1a9bada_0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21_1686017185_1686017185_CNawjgYQ1JpEGM2u0vOIMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABooavF1rHfkux-cAA&ui=0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21&pi=/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&wi=4003718691141787111&pt=text&vi=1686017185613&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1686017186458%7D&tim=02%3A06%3A26.459&id=3379&llvl=2&cv=20230604-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/onedio/log/3/ Frame 89F6 0
230 B 31ms
31ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onedio/log/3/social?route=AM:AM:V&tvi2=4410&lti=deflated&ri=68ccc86e0176860cd2b84487a6826a57&sd=v2_c191ff221c3cff375731cf40d1a9bada_0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21_1686017185_1686017185_CNawjgYQ1JpEGM2u0vOIMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABooavF1rHfkux-cAA&ui=0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21&pi=/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&wi=4003718691141787111&pt=text&vi=1686017185613&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22rref%22%3A%22https%3A%2F%2Fpcloak.blob.core.windows.net%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Kredi%20Kart%C4%B1%20Aidat%C4%B1n%C4%B1z%C4%B1%20Geri%20Alabilirsiniz%3A%20Kredi%20Kart%C4%B1%20%C4%B0adesi%20%C4%B0lgili%20Bilmeniz%20Gereken%20Her%20%C5%9Eey%22%2C%22sec%22%3A%22Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimg-s1.onedio.com%2Fid-61704b25e95c836a1703d003%2Frev-0%2Fw-1200%2Fh-597%2Ff-jpg%2Fs-c98243167276ad228ced3fe6ae8b03b608984a22.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=02%3A06%3A26.562&id=2263&llvl=2&cv=20230604-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/onedio/log/3/ Frame 89F6 0
242 B 32ms
32ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/onedio/log/3/bulk-metrics?tvi2=4410&route=AM%3AAM%3AV&lti=deflated&bulkSize=13
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://onedio.com
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/onedio/log/3/ Frame 89F6 0
230 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onedio/log/3/abtests?route=AM:AM:V&tvi2=4410&lti=deflated&ri=68ccc86e0176860cd2b84487a6826a57&sd=v2_c191ff221c3cff375731cf40d1a9bada_0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21_1686017185_1686017185_CNawjgYQ1JpEGM2u0vOIMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABooavF1rHfkux-cAA&ui=0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21&pi=/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&wi=4003718691141787111&pt=text&vi=1686017185613&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1686017186576%7D&tim=02%3A06%3A26.576&id=5109&llvl=2&cv=20230604-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 d6bd5fd06026ee711952c5a1890dedc3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 65 KB
66 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bd5fd06026ee711952c5a1890dedc3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1288c65873146fe18afa37b1e7dceaab28decb02310d0016c6b303512d13d86e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bd5fd06026ee711952c5a1890dedc3.jpg
age: 465416
edge-cache-tag: 585238590223238505254998803227407996621,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 585238590223238505254998803227407996621,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 248
req-referer: https://www.balkanweb.com/
content-length: 66540
x-request-id: e0258d6d9f503846584d71f53220735b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200163-IAD, cache-iad-kiad7000036-IAD, cache-sna10736-LGB, cache-iad-kjyo7100129-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 31 May 2023 13:50:32 GMT
server: nginx
x-timer: S1686017187.610290,VS0,VE1
etag: "61aaf7e5a9b4fd23e1bffe53381ac105"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 fb979b7c1a71ee4d96b57ec0e66db49b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 46 KB
47 KB 27ms
27ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fb979b7c1a71ee4d96b57ec0e66db49b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af8bd2b36f5dbf0d3fb36666100fc398d8e96d4c797287bac0a77410e6f2a35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fb979b7c1a71ee4d96b57ec0e66db49b.png
age: 1519824
edge-cache-tag: 295908682541581499949937002428313318001,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 295908682541581499949937002428313318001,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 367
expiration: expiry-date="Mon, 12 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://onedio.com/
content-length: 47350
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200165-IAD, cache-iad-kjyo7100115-IAD, cache-lax10635-LGB, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 12 May 2023 22:26:23 GMT
server: nginx
x-timer: S1686017187.611501,VS0,VE3
etag: "8e1c0fb56aad0b39313b303e14132837"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 3, 1

GET
H2 200 tb8336-tb8335-woman-denise-pinchy-yellow-circle-nature-bg-1000x600__6da24013-d10b-40b8-9808-97644b309da0_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame 89F6 39 KB
40 KB 27ms
26ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb8336-tb8335-woman-denise-pinchy-yellow-circle-nature-bg-1000x600__6da24013-d10b-40b8-9808-97644b309da0_1000x600.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4ae3462308921ee5bebfa77c5f2200c9da063262c46a52aeca24ceea62a5403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb8336-tb8335-woman-denise-pinchy-yellow-circle-nature-bg-1000x600__6da24013-d10b-40b8-9808-97644b309da0_1000x600.jpeg
age: 69618
edge-cache-tag: 476298729013118373873473089694416722157,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 476298729013118373873473089694416722157,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 169
req-referer: https://thesportsrush.com/nba-news-despite-a-combined-net-worth-of-2-22-billion-michael-jordan-and-scottie-pippen-are-regarded-as-misers-in-las-vegas/
content-length: 39762
x-request-id: 877cc6a458bb732388db69ce45acf898
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100037-IAD, cache-iad-kiad7000067-IAD, cache-lax10653-LGB, cache-iad-kjyo7100022-IAD, cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 06:38:54 GMT
server: nginx
x-timer: S1686017187.615160,VS0,VE1
etag: "d553f3bbbb70ecc20060152072f2b9c8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 1

GET
H2 200 2a88eb448ce4821c1aa37a22c5259bcb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 31 KB
32 KB 27ms
26ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a88eb448ce4821c1aa37a22c5259bcb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c99843cb1ca29688cea0a8b4275d00c233c97224925f9f4c8e9cfe62b83bf967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a88eb448ce4821c1aa37a22c5259bcb.jpg
age: 2378454
edge-cache-tag: 369149822877023270911519674041601509149,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369149822877023270911519674041601509149,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Wed, 17 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://d-2474102948308413284.ampproject.net/
content-length: 31658
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000136-IAD, cache-iad-kiad7000174-IAD, cache-chi-klot8100177-CHI, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230094-FRA
last-modified: Sun, 16 Apr 2023 14:00:46 GMT
server: nginx
x-timer: S1686017187.622899,VS0,VE1
etag: "6a8c7c3e793b12ae9e0619b980282bf5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 4, 1

GET
H2 200 1963e5d189b38d587c69fdfde884f522.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 30 KB
30 KB 23ms
22ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1963e5d189b38d587c69fdfde884f522.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92655d7f9e691bf84075994186589543713e7cb9e65e478c85b8c9d320a2ba21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1963e5d189b38d587c69fdfde884f522.png
age: 2382801
edge-cache-tag: 572367841627956997915668938194787209827,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 572367841627956997915668938194787209827,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 354
expiration: expiry-date="Fri, 02 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kicker.de/
content-length: 30268
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100087-IAD, cache-iad-kcgs7200176-IAD, cache-lax10628-LGB, cache-iad-kjyo7100119-IAD, cache-fra-eddf8230094-FRA
last-modified: Tue, 02 May 2023 16:29:52 GMT
server: nginx
x-timer: S1686017187.622996,VS0,VE1
etag: "89ef44e478f2dab7a279e2c39dd79477"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 1

GET
H2 200 82084b342392eaadc3da0f09d7742f03.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/ Frame 89F6 17 KB
18 KB 25ms
25ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/82084b342392eaadc3da0f09d7742f03.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 753df3b078dc8c581a0ad80f66167b1c240fa0b92e72a1f1e7cee2765502be29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/82084b342392eaadc3da0f09d7742f03.jpg
age: 2267739
edge-cache-tag: 313779074023738505144944076944311110051,294988366559602151404204213160503502958,29ecf9b93bbf306179626feeda1fab70
cache-tag: 313779074023738505144944076944311110051,294988366559602151404204213160503502958,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 287
expiration: expiry-date="Wed, 24 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kicker.de/
content-length: 17878
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100100-IAD, cache-iad-kiad7000027-IAD, cache-lga21976-LGA, cache-iad-kcgs7200136-IAD, cache-fra-eddf8230094-FRA
last-modified: Sun, 23 Apr 2023 19:44:40 GMT
server: nginx
x-timer: S1686017187.623085,VS0,VE1
etag: "8d0439510195637578fbe5bf8c45d19c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 s-9468d99e6ee8f8bcfbebc3092672917c98036a53.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647a04b30af2453c88d9914c/rev-0/raw/ Frame 89F6 32 KB
33 KB 23ms
22ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647a04b30af2453c88d9914c/rev-0/raw/s-9468d99e6ee8f8bcfbebc3092672917c98036a53.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e69464caeb102cc3ef4e6fec4206471bc9ecbee5226fa1a5aaf146dc072547b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647a04b30af2453c88d9914c/rev-0/raw/s-9468d99e6ee8f8bcfbebc3092672917c98036a53.jpg
age: 298491
edge-cache-tag: 595607388231838060938435146886323194109,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595607388231838060938435146886323194109,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 512
req-referer: https://onedio.com/
content-length: 32466
x-request-id: b3fd938f60cf6248436a3a3b2bc4c0f8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000158-IAD, cache-iad-kiad7000056-IAD, cache-sna10736-LGB, cache-iad-kcgs7200136-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 02 Jun 2023 15:07:41 GMT
server: nginx
x-timer: S1686017187.638880,VS0,VE1
etag: "ba693a21dc250d707b85039f44255215"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 1

GET
H2 200 b683166e0da9af52c1b826ca3ea31c0c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 55 KB
56 KB 69ms
69ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b683166e0da9af52c1b826ca3ea31c0c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70865cda878d32a1590401371c1bdaa4fc5e9de404a39de7ac156d6d357502b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b683166e0da9af52c1b826ca3ea31c0c.png
age: 49550
edge-cache-tag: 399076634748012388703817651183830766465,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 399076634748012388703817651183830766465,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 283
req-referer: https://intouch.wunderweib.de/
content-length: 56748
x-request-id: 840b54d723c66e83dbc7c29a4f53b9fa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100037-IAD, cache-iad-kiad7000103-IAD, cache-lga21982-LGA, cache-iad-kiad7000144-IAD, cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 12:20:34 GMT
server: nginx
x-timer: S1686017187.642012,VS0,VE1
etag: "070c297ac8b4fb2ace492f87e20f55ac"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 2d7857a12e72340e4d7c1bcf6e6330da.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 11 KB
12 KB 67ms
67ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d7857a12e72340e4d7c1bcf6e6330da.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a5ea123261f7947e84605e3bd6a3d689986a2d95cc2c550e94f5bab5572e052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d7857a12e72340e4d7c1bcf6e6330da.png
age: 2003148
edge-cache-tag: 472499167655769110684359121848319962942,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 472499167655769110684359121848319962942,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 241
req-referer: https://www.lkz.de/
content-length: 11276
x-request-id: 2d0a938506fa1bd83814724811193b58
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100149-IAD, cache-iad-kjyo7100090-IAD, cache-lax10652-LGB, cache-iad-kiad7000075-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 10 May 2023 14:48:57 GMT
server: nginx
x-timer: S1686017187.644541,VS0,VE1
etag: "1551c4f0d7d096462be6bfc620adba87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 8, 1

GET
H2 200 29171c9dfdd90e96d5647a0b48202d95.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 40 KB
41 KB 68ms
68ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29171c9dfdd90e96d5647a0b48202d95.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40b1b257a5ddb9dd8a44482f560de047b9c5e0eb5641d38d66b1a6c53a518455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29171c9dfdd90e96d5647a0b48202d95.jpg
age: 2546946
edge-cache-tag: 487176723977015298214548089071149786492,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 487176723977015298214548089071149786492,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 53
expiration: expiry-date="Mon, 15 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.unsere-helden.com/
content-length: 41270
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200126-IAD, cache-iad-kiad7000025-IAD, cache-lax10651-LGB, cache-iad-kiad7000071-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 14 Apr 2023 08:16:50 GMT
server: nginx
x-timer: S1686017187.648289,VS0,VE1
etag: "0dd467894b447c16c6f333307eca4fa8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 14, 1

GET
H2 200 5a452622c8c779c9e8fd734bcc30cdc9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 10 KB
11 KB 67ms
67ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a452622c8c779c9e8fd734bcc30cdc9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 949ed2610175c55732c6b7c7a3e0f97708b388bae37b40a92174ee21499da7df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a452622c8c779c9e8fd734bcc30cdc9.jpg
age: 4622848
edge-cache-tag: 325296411604045038155768274685645290975,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 325296411604045038155768274685645290975,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 116
expiration: expiry-date="Sat, 15 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gladbachlive.de/
content-length: 10364
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100060-IAD, cache-lga21961-LGA, cache-iad-kiad7000042-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 15 Mar 2023 10:37:54 GMT
server: nginx
x-timer: S1686017187.650013,VS0,VE1
etag: "32db6900bef9ab23159867719d642393"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 309, 1

GET
H2 200 f1da15864542e45b6e17743e8327352d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 34 KB
35 KB 67ms
67ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1da15864542e45b6e17743e8327352d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f7619b8346cd550765079cdf4b6009d4cd36c1ebea801c3913275849acce565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1da15864542e45b6e17743e8327352d.jpg
age: 1803803
edge-cache-tag: 625901216007334440808381849926614730268,294988366559602151404204213160503502958,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625901216007334440808381849926614730268,294988366559602151404204213160503502958,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1246
req-referer: https://www.derwesten.de/
content-length: 35038
x-request-id: 0c1fb2f3dea3f2fe4bd06fbf924f053e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200074-IAD, cache-iad-kiad7000179-IAD, cache-lga21967-LGA, cache-iad-kiad7000179-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 03 May 2023 03:13:09 GMT
server: nginx
x-timer: S1686017187.652016,VS0,VE1
etag: "eea0359e80acf16426123638ed0c65e9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 44ae1dfb1846cb293b60bcfcb8af8146.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 50 KB
50 KB 58ms
57ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83997aeb0e94bdfbda81f9b9c2e3f017f0bc4d46b8c63fe6d8a094852c1258c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
age: 2401202
edge-cache-tag: 454935260536200774699196780106844800854,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 454935260536200774699196780106844800854,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 190
req-referer: https://www.poradnikzdrowie.pl/ciaza-i-dziecko/zdrowie-dziecka/przyczyny-objawy-i-diagnozowanie-dysleksji-aa-QEQh-kUbE-pXYi.html
content-length: 50902
x-request-id: fa6a659aee1436f0a8d75ce17a5a8763
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kjyo7100138-IAD, cache-chi-kigq8000068-CHI, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230094-FRA
last-modified: Tue, 09 May 2023 07:04:10 GMT
server: nginx
x-timer: S1686017187.664024,VS0,VE1
etag: "63eae4ae7bc108d87f6db0a99fae6cae"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 29, 1

GET
H2 200 55d596660f3bc7624c6ac91c9ab723a4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 47 KB
48 KB 23ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55d596660f3bc7624c6ac91c9ab723a4.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca53ad087b0b145ebc020293681fa808a42c99c37d1b4c254a147e97c812a60f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55d596660f3bc7624c6ac91c9ab723a4.png
age: 311680
edge-cache-tag: 480724281358025770252772315197338385586,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 480724281358025770252772315197338385586,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 201
req-referer: https://www.derwesten.de/
content-length: 48104
x-request-id: 1e7bced7310ba6b3fb71dae643a3f05d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100054-IAD, cache-sna10740-LGB, cache-iad-kiad7000104-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 02 Jun 2023 11:02:31 GMT
server: nginx
x-timer: S1686017187.725376,VS0,VE1
etag: "0c74bd1ccf6c3b98b1369a10c791ff0d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 8f7c1ff3969c94bda04e391c8f3748cb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 19 KB
19 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f7c1ff3969c94bda04e391c8f3748cb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 54af59cd5a41c8f66a3c0326d7f86f85cff13ef03ea8a45850bdda35bdea6485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f7c1ff3969c94bda04e391c8f3748cb.jpg
age: 1576630
edge-cache-tag: 579581286073238310115538067143073048842,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 579581286073238310115538067143073048842,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 149
req-referer: https://gameofglam.com/
content-length: 19068
x-request-id: 7880aab5833f57e99d2564d07286299e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kcgs7200165-IAD, cache-lax10631-LGB, cache-iad-kiad7000026-IAD, cache-fra-eddf8230094-FRA
last-modified: Thu, 18 May 2023 20:09:18 GMT
server: nginx
x-timer: S1686017187.725876,VS0,VE1
etag: "4b16e6e11c05b563fb8188721024275d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 1

GET
H2 200 b851d539814ba0a3ccd2e9c574f2a8fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 77 KB
78 KB 24ms
24ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b851d539814ba0a3ccd2e9c574f2a8fb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 977b523e2c3207450bc44e30ac993db1a376f7dffa97d07548d353e7175b2927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b851d539814ba0a3ccd2e9c574f2a8fb.jpg
age: 2478898
edge-cache-tag: 606929099839038826013186881621884422005,303068983218745094797658622059825425347,29ecf9b93bbf306179626feeda1fab70
cache-tag: 606929099839038826013186881621884422005,303068983218745094797658622059825425347,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1041
req-referer: https://www.derwesten.de/
content-length: 79274
x-request-id: 6618213523a7269d28d849c3930484b5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000087-IAD, cache-iad-kiad7000116-IAD, cache-lga21952-LGA, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 05 May 2023 14:42:20 GMT
server: nginx
x-timer: S1686017187.734046,VS0,VE1
etag: "9181ad591b21be5204043be35d47e1e2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 38, 1

GET
H2 200 52c7158f64911b4870c44bd556b724af.png
images.taboola.com/taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_325,y_356/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 26 KB
27 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_325,y_356/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52c7158f64911b4870c44bd556b724af.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91791b332c8d5c4432fff373a1847c2708e29dec9adffac3c4791077ed75d459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_325,y_356/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52c7158f64911b4870c44bd556b724af.png
age: 641027
edge-cache-tag: 573568061484645625465060507128859924024,293485692961724156391798994617785504949,29ecf9b93bbf306179626feeda1fab70
cache-tag: 573568061484645625465060507128859924024,293485692961724156391798994617785504949,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 387
req-referer: https://www.9tv.co.il/
content-length: 26968
x-request-id: b7fd4ee281fe87f85a02427ab9b8b36b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100126-IAD, cache-iad-kjyo7100059-IAD, cache-sna10720-LGB, cache-iad-kiad7000020-IAD, cache-fra-eddf8230094-FRA
last-modified: Sat, 27 May 2023 13:36:10 GMT
server: nginx
x-timer: S1686017187.734041,VS0,VE1
etag: "49261ac3b07bf3ca6fca6ed7f0904f5a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 4, 1

GET
H2 200 s-4089d744e7a3437687571c68f70444d0bbe9e5c1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647d985a0af245796411bf40/rev-0/raw/ Frame 89F6 40 KB
41 KB 25ms
24ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647d985a0af245796411bf40/rev-0/raw/s-4089d744e7a3437687571c68f70444d0bbe9e5c1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e35f60239e010746f62a96ea78f6196cbd974287e2ce51f4c555a2dc268e2d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647d985a0af245796411bf40/rev-0/raw/s-4089d744e7a3437687571c68f70444d0bbe9e5c1.jpg
age: 63370
edge-cache-tag: 613336299191691955399711587723142155158,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 613336299191691955399711587723142155158,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 882
req-referer: https://onedio.com/
content-length: 40882
x-request-id: 309794f251c1d3a4d7b78f4e281abe37
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kcgs7200039-IAD, cache-sna10732-LGB, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 08:24:06 GMT
server: nginx
x-timer: S1686017187.737636,VS0,VE2
etag: "1ffecab1670d3229ba3676b678ff8b35"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 41, 1

GET
H2 200 s-1a7b7d8183c7467d0046789f54296f07770e3f5f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647df6ea0af24519ca229b73/rev-0/raw/ Frame 89F6 25 KB
26 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647df6ea0af24519ca229b73/rev-0/raw/s-1a7b7d8183c7467d0046789f54296f07770e3f5f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1672e073d0c9bc9371e75e3e54777b0008f769d46d2d4937deb47a416700f580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647df6ea0af24519ca229b73/rev-0/raw/s-1a7b7d8183c7467d0046789f54296f07770e3f5f.jpg
age: 39256
edge-cache-tag: 342711302261373584687102473369682146962,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 342711302261373584687102473369682146962,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 817
req-referer: https://onedio.com/
content-length: 26040
x-request-id: a7ddcc80f7e27cb3af23fa5212e80ac8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200024-IAD, cache-iad-kcgs7200041-IAD, cache-sna10720-LGB, cache-iad-kjyo7100069-IAD, cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 15:01:00 GMT
server: nginx
x-timer: S1686017187.737744,VS0,VE1
etag: "01ffc946df5e8d573d091b46531f2045"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H2 200 e27405c621c592f3d076e9b7af9bebbf.jpg
images.taboola.com/taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_357,y_256/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 13 KB
14 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_357,y_256/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27405c621c592f3d076e9b7af9bebbf.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b500ab1e5b4b551b9c7589011dd14fccd0ab371631644a18f790b4659b2470a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_357,y_256/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27405c621c592f3d076e9b7af9bebbf.jpg
age: 495160
edge-cache-tag: 545339158571486405593244428622716769644,568333867061882278150107818091167214166,29ecf9b93bbf306179626feeda1fab70
cache-tag: 545339158571486405593244428622716769644,568333867061882278150107818091167214166,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 146
req-referer: https://dl.web.de/
content-length: 13520
x-request-id: ff0ada4200489dfdab3749080c973dfd
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000060-IAD, cache-iad-kjyo7100157-IAD, cache-chi-klot8100065-CHI, cache-iad-kiad7000161-IAD, cache-fra-eddf8230094-FRA
last-modified: Tue, 30 May 2023 15:47:26 GMT
server: nginx
x-timer: S1686017187.750278,VS0,VE1
etag: "bea71b92713ac65049946089b398200c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3524 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxkFicuhczzLIgOY_c5v77U1Pq1YebzHAbwCtRUL0DlnA6BvQlHUciPW7u8PdEKBsSM_7D131NL6dGbStxicxkA9ZL9CX0zbSf5FnPobEiaDWkXa6Hzr4tiqm34UKpOdyNwWgsqW7urQ_l&sai=AMfl-YQVpDb13MJ4NlQvTNWmGxblYGgIa_faTHWhrTXp89VaGrQOY6V-xPp7KHd5jQOCXMU_QwdiVEjJgyfOhTNQR4a4rmbjlZrcBec&sig=Cg0ArKJSzMOCXBBt7CMDEAE&cid=CAQSKQBygQiDUEBG-lDTVksJKISqIJc7M8wgZJnD6fkecBhrL4ToFL8TDQfKGAE&id=lidar2&mcvt=1062&p=0,0,90,728&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2332837411&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686017185222&rpt=328&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 krdzte8ufgu51qqjrrln.mp4
cdn.taboola.com/libtrc/static/video/v1681841411/ Frame 89F6 1 MB
1 MB 26ms
26ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1681841411/krdzte8ufgu51qqjrrln.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a95ba1b152ea21a823ee9e88a40569edb553218975b0ff0ea1b45617dec2e7a

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: mfodETxjS_zFiosZ2ZNPoeSliYvGi0mG
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish
x-amz-request-id: 4RHC6R5TNS694BAH
age: 28
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1398102/1398103
x-amz-replication-status: COMPLETED
Content-Length: 1398103
x-amz-id-2: btXxKtsMsYPHo7AfcvTqT6P9dOyaqU5Tl5ThvvliA5mPAfXQw4zx3YXgsXy6k5tuyQDBAFnw4eo=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Tue, 18 Apr 2023 18:10:19 GMT
server: AmazonS3
x-timer: S1686017187.638880,VS0,VE1
etag: "10e9df485d0bfaf561432f2fcaddcc30"
content-type: video/mp4;codecs=avc1
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 qjqwbfphgdxce9cxk6cn.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1677856833/ Frame 89F6 1 MB
1 MB 23ms
23ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1677856833/qjqwbfphgdxce9cxk6cn.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b91d518fb5690f97593c93e0e94f1b413988ba52d3f8e39b19d59a92ef7289ca

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: FUXhoNNmbauAh1oqCwPq6uTTz9xVeH44
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish
x-amz-request-id: SHAGA6S5GH0X9BG7
age: 66
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1467158/1467159
x-amz-replication-status: COMPLETED
Content-Length: 1467159
x-amz-id-2: XqBNl5S7Xr0XHgN7c5f2QR1b90iOZL92IENgDY4b5zlXoF8EndCiC4iCactev6uQ+dCvN2B2fqY=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Fri, 03 Mar 2023 15:20:52 GMT
server: AmazonS3
x-timer: S1686017187.639108,VS0,VE1
etag: "bffb13c7b1b9f081eb4d2047a48ea313"
content-type: video/mp4;codecs=avc1
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 bsns15g9iifsmmhtzxk2.mp4
cdn.taboola.com/libtrc/static/video/v1683615806/ Frame 89F6 199 KB
199 KB 61ms
61ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1683615806/bsns15g9iifsmmhtzxk2.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2bb510a8cd07d4caf12d0328b4ec6c144b27989b558754e2aa1c7b7713ac913

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: KsAq3fvgIAT7yyZdXmIlvFZ3TavJfVK0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish
x-amz-request-id: HB5MYFH04EFAZJ00
age: 43
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-203833/203834
x-amz-replication-status: COMPLETED
Content-Length: 203834
x-amz-id-2: 6wzIg0V2ugBe2gx4U53zgWVHPWwfCcOoZzH2oqGdIssxyDSioznGJxEcEOy84Peg1iz/kIgLh6s=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Tue, 09 May 2023 07:03:31 GMT
server: AmazonS3
x-timer: S1686017187.639643,VS0,VE1
etag: "0a198545fee20ca01d21b2a1ca36f085"
content-type: video/mp4;codecs=avc1
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 502F 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 89F6 0
0 59ms
59ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306010101&jk=2939887975097746&bg=!WFulWw_NAAY9J7QfHSc7ADkAdvg8WvYg-251ROd22AtXS7Ya5IPvIdaPsxa2oelSp13UnvUEt5_i-Bj9xS5EYpyGJnLnQVGALgYCAAAByFIAAAADaAEHCgBu5lXAxoJcUVO01bmvKxbzu06uIou-KBhWZQf34PnvbMXZweTtkuBzqYdwq7Df0d7qQmlwAdwpCzEeAu8GcV0NmybhzxvVItf66cNdKq_PDdOOE9t0PPL-NCXHx686vwXIubQlijfc2pqwbonqaNWZAvr9LBJJqbfZfiLmY6avSZjx036LniEtApsCEveKX6IBbCmlOnfSvVRmsgB3Xmm3ATcGae7C1bU4MUHy7aYHG-K1-DROjmkiimb_8bFQCXJY16haOADmztnGWslSXBwlxEkgsjQgg4KpdIEQu-6zLSJl-_9GhR-Grzh1i86N7eX91jFpHl5r3b7rjPrJOc0wAagWR39kQ7wEihJnFDxpbob1o8DsrWH50dxpaDcHy1-lDpDkAU7F170hSwJWCjGB_YV5q5eE_rinJXxNEFa7EIRFZbVjblnvVdcZun7h_Eq3YMFieQK5fs9m-s1yHTawAEdSXu-Ijg0n4e-0xoKpNJHnjGHNGqAZiBcl8_WgJiijPSE8P1J9H7HDdBJBE1B4YHgN_UXZ7XGzcS-qGPGQQAadkfVdn2_-4bKkWu9uCvcCHL0I1NKOLhDBdEetYYh4QiGdon0qdLZdm3yT1rwE_8rcK3Ite1bf5PTEkC_-WcxN9G9sbFged-BK7McULxHL6woTzvgf8AqjAs8J7i6TpVdiCUFUTy5qz4UL96cOZqYaRT4k1as75TfGHj9vECGz31s8oJCxACDpRhx8B3aWT-JMnTMQsA3qcLii_QPNSbpF6mnKn6-Ewqxcosz10Wq0i0XieXbgjhrANnLbrReQQRtuXJN4zPOak5Sarzf_-xDCE9u8V9eTqQsVkxAqKlt_nGSzsZkBHDCQrdeKvsLClvSOTCGWQYf8CZ3b2TmFev7Xb95DCy-6LocAPbjloHzvquruf6Vq7pJLtebfdwpiYM5R4clDrpMmXfKwyOchAC4cV0mtHRPJblh70RMmDL4_jcL1I7Q3F5iwkQEuuk8YQf4QkaAXvHWb5sItWcsvWbltSmJFwTUIOYz12JR9ezJ99PDIFgka7-JdMjptYkErI1H19H8MG79dSQrVeim26YjplimAlS_HL41PYQFoe4a7nTke0u5fayUDqfik2UcNA-zV-iXN7l61knz09YnG6vpWk500D92758z_klA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0364 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAyHRS9I6SofNOSwdEICvT6AWFgscP1a-EZIa1qR7Pwh5ISEkiAx098ifP0bb3s2sfjt36tJudd517kj0g4oFGTolnNje47UvYTPXw306t7BOR09pYn_Qsss11Q0HlBVQ67R5ZFV75D-6W&sai=AMfl-YTFQ0r-X0_g4hW4p6Ebgd7XpkWH0j-d8TsG5MuhetmXnU3n_JYvjd_N-Cc0qec0J5UkTKQWemBDq1jtSw1p99E39LCZOB1wWPU&sig=Cg0ArKJSzE6jHX8CNOZoEAE&cid=CAQSKQBygQiDfBsyF7KtK3m9odaIzcbc2od1nnDPMHz4WGxDSXvYCbLKgUm6GAE&id=lidar2&mcvt=1031&p=0,0,250,300&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3485359229&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686017185204&rpt=433&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bd5fd06026ee711952c5a1890dedc3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1288c65873146fe18afa37b1e7dceaab28decb02310d0016c6b303512d13d86e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bd5fd06026ee711952c5a1890dedc3.jpg
age: 465416
edge-cache-tag: 585238590223238505254998803227407996621,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 585238590223238505254998803227407996621,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 248
req-referer: https://www.balkanweb.com/
content-length: 66540
x-request-id: e0258d6d9f503846584d71f53220735b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200163-IAD, cache-iad-kiad7000036-IAD, cache-sna10736-LGB, cache-iad-kjyo7100129-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 31 May 2023 13:50:32 GMT
server: nginx
x-timer: S1686017187.750257,VS0,VE0
etag: "61aaf7e5a9b4fd23e1bffe53381ac105"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fb979b7c1a71ee4d96b57ec0e66db49b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af8bd2b36f5dbf0d3fb36666100fc398d8e96d4c797287bac0a77410e6f2a35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fb979b7c1a71ee4d96b57ec0e66db49b.png
age: 1519824
edge-cache-tag: 295908682541581499949937002428313318001,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 295908682541581499949937002428313318001,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 367
expiration: expiry-date="Mon, 12 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://onedio.com/
content-length: 47350
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200165-IAD, cache-iad-kjyo7100115-IAD, cache-lax10635-LGB, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 12 May 2023 22:26:23 GMT
server: nginx
x-timer: S1686017187.758840,VS0,VE0
etag: "8e1c0fb56aad0b39313b303e14132837"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1963e5d189b38d587c69fdfde884f522.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92655d7f9e691bf84075994186589543713e7cb9e65e478c85b8c9d320a2ba21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1963e5d189b38d587c69fdfde884f522.png
age: 2382801
edge-cache-tag: 572367841627956997915668938194787209827,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 572367841627956997915668938194787209827,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 354
expiration: expiry-date="Fri, 02 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kicker.de/
content-length: 30268
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100087-IAD, cache-iad-kcgs7200176-IAD, cache-lax10628-LGB, cache-iad-kjyo7100119-IAD, cache-fra-eddf8230094-FRA
last-modified: Tue, 02 May 2023 16:29:52 GMT
server: nginx
x-timer: S1686017187.759982,VS0,VE0
etag: "89ef44e478f2dab7a279e2c39dd79477"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a88eb448ce4821c1aa37a22c5259bcb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c99843cb1ca29688cea0a8b4275d00c233c97224925f9f4c8e9cfe62b83bf967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a88eb448ce4821c1aa37a22c5259bcb.jpg
age: 2378454
edge-cache-tag: 369149822877023270911519674041601509149,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369149822877023270911519674041601509149,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Wed, 17 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://d-2474102948308413284.ampproject.net/
content-length: 31658
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000136-IAD, cache-iad-kiad7000174-IAD, cache-chi-klot8100177-CHI, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230094-FRA
last-modified: Sun, 16 Apr 2023 14:00:46 GMT
server: nginx
x-timer: S1686017187.814997,VS0,VE0
etag: "6a8c7c3e793b12ae9e0619b980282bf5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 4, 2

GET
H2 200 s-9468d99e6ee8f8bcfbebc3092672917c98036a53.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647a04b30af2453c88d9914c/rev-0/raw/ Frame 89F6 32 KB
32 KB 22ms
22ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647a04b30af2453c88d9914c/rev-0/raw/s-9468d99e6ee8f8bcfbebc3092672917c98036a53.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e69464caeb102cc3ef4e6fec4206471bc9ecbee5226fa1a5aaf146dc072547b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647a04b30af2453c88d9914c/rev-0/raw/s-9468d99e6ee8f8bcfbebc3092672917c98036a53.jpg
age: 298491
edge-cache-tag: 595607388231838060938435146886323194109,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595607388231838060938435146886323194109,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 512
req-referer: https://onedio.com/
content-length: 32466
x-request-id: b3fd938f60cf6248436a3a3b2bc4c0f8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000158-IAD, cache-iad-kiad7000056-IAD, cache-sna10736-LGB, cache-iad-kcgs7200136-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 02 Jun 2023 15:07:41 GMT
server: nginx
x-timer: S1686017187.817083,VS0,VE0
etag: "ba693a21dc250d707b85039f44255215"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b683166e0da9af52c1b826ca3ea31c0c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70865cda878d32a1590401371c1bdaa4fc5e9de404a39de7ac156d6d357502b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b683166e0da9af52c1b826ca3ea31c0c.png
age: 49550
edge-cache-tag: 399076634748012388703817651183830766465,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 399076634748012388703817651183830766465,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 283
req-referer: https://intouch.wunderweib.de/
content-length: 56748
x-request-id: 840b54d723c66e83dbc7c29a4f53b9fa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100037-IAD, cache-iad-kiad7000103-IAD, cache-lga21982-LGA, cache-iad-kiad7000144-IAD, cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 12:20:34 GMT
server: nginx
x-timer: S1686017187.817647,VS0,VE0
etag: "070c297ac8b4fb2ace492f87e20f55ac"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d7857a12e72340e4d7c1bcf6e6330da.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a5ea123261f7947e84605e3bd6a3d689986a2d95cc2c550e94f5bab5572e052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d7857a12e72340e4d7c1bcf6e6330da.png
age: 2003148
edge-cache-tag: 472499167655769110684359121848319962942,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 472499167655769110684359121848319962942,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 241
req-referer: https://www.lkz.de/
content-length: 11276
x-request-id: 2d0a938506fa1bd83814724811193b58
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100149-IAD, cache-iad-kjyo7100090-IAD, cache-lax10652-LGB, cache-iad-kiad7000075-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 10 May 2023 14:48:57 GMT
server: nginx
x-timer: S1686017187.818632,VS0,VE0
etag: "1551c4f0d7d096462be6bfc620adba87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 8, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29171c9dfdd90e96d5647a0b48202d95.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40b1b257a5ddb9dd8a44482f560de047b9c5e0eb5641d38d66b1a6c53a518455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29171c9dfdd90e96d5647a0b48202d95.jpg
age: 2546946
edge-cache-tag: 487176723977015298214548089071149786492,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 487176723977015298214548089071149786492,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 53
expiration: expiry-date="Mon, 15 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.unsere-helden.com/
content-length: 41270
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200126-IAD, cache-iad-kiad7000025-IAD, cache-lax10651-LGB, cache-iad-kiad7000071-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 14 Apr 2023 08:16:50 GMT
server: nginx
x-timer: S1686017187.819729,VS0,VE0
etag: "0dd467894b447c16c6f333307eca4fa8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 14, 2

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 89F6 43 B
365 B 35ms
35ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 31 May 2024 02:06:26 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 89F6 43 B
365 B 36ms
35ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 31 May 2024 02:06:26 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a452622c8c779c9e8fd734bcc30cdc9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 949ed2610175c55732c6b7c7a3e0f97708b388bae37b40a92174ee21499da7df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a452622c8c779c9e8fd734bcc30cdc9.jpg
age: 4622848
edge-cache-tag: 325296411604045038155768274685645290975,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 325296411604045038155768274685645290975,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 116
expiration: expiry-date="Sat, 15 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gladbachlive.de/
content-length: 10364
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100060-IAD, cache-lga21961-LGA, cache-iad-kiad7000042-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 15 Mar 2023 10:37:54 GMT
server: nginx
x-timer: S1686017187.842743,VS0,VE0
etag: "32db6900bef9ab23159867719d642393"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 309, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1da15864542e45b6e17743e8327352d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f7619b8346cd550765079cdf4b6009d4cd36c1ebea801c3913275849acce565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1da15864542e45b6e17743e8327352d.jpg
age: 1803803
edge-cache-tag: 625901216007334440808381849926614730268,294988366559602151404204213160503502958,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625901216007334440808381849926614730268,294988366559602151404204213160503502958,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1246
req-referer: https://www.derwesten.de/
content-length: 35038
x-request-id: 0c1fb2f3dea3f2fe4bd06fbf924f053e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200074-IAD, cache-iad-kiad7000179-IAD, cache-lga21967-LGA, cache-iad-kiad7000179-IAD, cache-fra-eddf8230094-FRA
last-modified: Wed, 03 May 2023 03:13:09 GMT
server: nginx
x-timer: S1686017187.842967,VS0,VE0
etag: "eea0359e80acf16426123638ed0c65e9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 2

GET
H2 200 44ae1dfb1846cb293b60bcfcb8af8146.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 50 KB
51 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83997aeb0e94bdfbda81f9b9c2e3f017f0bc4d46b8c63fe6d8a094852c1258c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
age: 2401202
edge-cache-tag: 454935260536200774699196780106844800854,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 454935260536200774699196780106844800854,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 190
req-referer: https://www.poradnikzdrowie.pl/ciaza-i-dziecko/zdrowie-dziecka/przyczyny-objawy-i-diagnozowanie-dysleksji-aa-QEQh-kUbE-pXYi.html
content-length: 50902
x-request-id: fa6a659aee1436f0a8d75ce17a5a8763
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kjyo7100138-IAD, cache-chi-kigq8000068-CHI, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230094-FRA
last-modified: Tue, 09 May 2023 07:04:10 GMT
server: nginx
x-timer: S1686017187.842962,VS0,VE0
etag: "63eae4ae7bc108d87f6db0a99fae6cae"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 29, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55d596660f3bc7624c6ac91c9ab723a4.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca53ad087b0b145ebc020293681fa808a42c99c37d1b4c254a147e97c812a60f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55d596660f3bc7624c6ac91c9ab723a4.png
age: 311680
edge-cache-tag: 480724281358025770252772315197338385586,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 480724281358025770252772315197338385586,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 201
req-referer: https://www.derwesten.de/
content-length: 48104
x-request-id: 1e7bced7310ba6b3fb71dae643a3f05d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100054-IAD, cache-sna10740-LGB, cache-iad-kiad7000104-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 02 Jun 2023 11:02:31 GMT
server: nginx
x-timer: S1686017187.842936,VS0,VE0
etag: "0c74bd1ccf6c3b98b1369a10c791ff0d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f7c1ff3969c94bda04e391c8f3748cb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 54af59cd5a41c8f66a3c0326d7f86f85cff13ef03ea8a45850bdda35bdea6485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f7c1ff3969c94bda04e391c8f3748cb.jpg
age: 1576630
edge-cache-tag: 579581286073238310115538067143073048842,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 579581286073238310115538067143073048842,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 149
req-referer: https://gameofglam.com/
content-length: 19068
x-request-id: 7880aab5833f57e99d2564d07286299e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kcgs7200165-IAD, cache-lax10631-LGB, cache-iad-kiad7000026-IAD, cache-fra-eddf8230094-FRA
last-modified: Thu, 18 May 2023 20:09:18 GMT
server: nginx
x-timer: S1686017187.850819,VS0,VE0
etag: "4b16e6e11c05b563fb8188721024275d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_325,y_356/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52c7158f64911b4870c44bd556b724af.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91791b332c8d5c4432fff373a1847c2708e29dec9adffac3c4791077ed75d459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_325,y_356/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52c7158f64911b4870c44bd556b724af.png
age: 641027
edge-cache-tag: 573568061484645625465060507128859924024,293485692961724156391798994617785504949,29ecf9b93bbf306179626feeda1fab70
cache-tag: 573568061484645625465060507128859924024,293485692961724156391798994617785504949,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 387
req-referer: https://www.9tv.co.il/
content-length: 26968
x-request-id: b7fd4ee281fe87f85a02427ab9b8b36b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100126-IAD, cache-iad-kjyo7100059-IAD, cache-sna10720-LGB, cache-iad-kiad7000020-IAD, cache-fra-eddf8230094-FRA
last-modified: Sat, 27 May 2023 13:36:10 GMT
server: nginx
x-timer: S1686017187.850809,VS0,VE0
etag: "49261ac3b07bf3ca6fca6ed7f0904f5a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 4, 2

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A069 42 B
64 B 64ms
64ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv77ckz-EZQ_ZZzY51IJZcsZQik1wVnq4gPYqEX29vNn-Pi-aUHmYH05p_TKJCpblfddX7IdJFZ312gBdmENySFpepnPNgU3GNrW0n2SVsaPrqMl0gWVKG0aB0u97DxfyXkdQpS3BNH6A8C&sai=AMfl-YTli3JyObj65WOHugomvUQk4tPthWoS0fwUqqBU-8SLwhAW6PohOif244jGgwnhzKYBq2EEzs1PqVL7xu_QIgqBkTGq_mwt0Rc&sig=Cg0ArKJSzE3CEgXh9Y2WEAE&cid=CAQSKQBygQiDWT3BTMH4HgAcm65Ddudp8nzoCe_7a_8Js50XmSSbxOYIYvj7GAE&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1029&mtos=0,0,1029,1029,1029&tos=0,0,1029,0,0&tfs=514&tls=1543&g=100&h=100&tt=1543&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b851d539814ba0a3ccd2e9c574f2a8fb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 977b523e2c3207450bc44e30ac993db1a376f7dffa97d07548d353e7175b2927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_478%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b851d539814ba0a3ccd2e9c574f2a8fb.jpg
age: 2478898
edge-cache-tag: 606929099839038826013186881621884422005,303068983218745094797658622059825425347,29ecf9b93bbf306179626feeda1fab70
cache-tag: 606929099839038826013186881621884422005,303068983218745094797658622059825425347,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1041
req-referer: https://www.derwesten.de/
content-length: 79274
x-request-id: 6618213523a7269d28d849c3930484b5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000087-IAD, cache-iad-kiad7000116-IAD, cache-lga21952-LGA, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230094-FRA
last-modified: Fri, 05 May 2023 14:42:20 GMT
server: nginx
x-timer: S1686017187.876322,VS0,VE0
etag: "9181ad591b21be5204043be35d47e1e2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 38, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647d985a0af245796411bf40/rev-0/raw/s-4089d744e7a3437687571c68f70444d0bbe9e5c1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e35f60239e010746f62a96ea78f6196cbd974287e2ce51f4c555a2dc268e2d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647d985a0af245796411bf40/rev-0/raw/s-4089d744e7a3437687571c68f70444d0bbe9e5c1.jpg
age: 63370
edge-cache-tag: 613336299191691955399711587723142155158,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 613336299191691955399711587723142155158,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 882
req-referer: https://onedio.com/
content-length: 40882
x-request-id: 309794f251c1d3a4d7b78f4e281abe37
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kcgs7200039-IAD, cache-sna10732-LGB, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 08:24:06 GMT
server: nginx
x-timer: S1686017187.876427,VS0,VE0
etag: "1ffecab1670d3229ba3676b678ff8b35"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 41, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647df6ea0af24519ca229b73/rev-0/raw/s-1a7b7d8183c7467d0046789f54296f07770e3f5f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1672e073d0c9bc9371e75e3e54777b0008f769d46d2d4937deb47a416700f580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-647df6ea0af24519ca229b73/rev-0/raw/s-1a7b7d8183c7467d0046789f54296f07770e3f5f.jpg
age: 39256
edge-cache-tag: 342711302261373584687102473369682146962,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 342711302261373584687102473369682146962,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 817
req-referer: https://onedio.com/
content-length: 26040
x-request-id: a7ddcc80f7e27cb3af23fa5212e80ac8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200024-IAD, cache-iad-kcgs7200041-IAD, cache-sna10720-LGB, cache-iad-kjyo7100069-IAD, cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 15:01:00 GMT
server: nginx
x-timer: S1686017187.876524,VS0,VE0
etag: "01ffc946df5e8d573d091b46531f2045"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_357,y_256/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27405c621c592f3d076e9b7af9bebbf.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b500ab1e5b4b551b9c7589011dd14fccd0ab371631644a18f790b4659b2470a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_430,w_860,c_fill,g_xy_center,x_357,y_256/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27405c621c592f3d076e9b7af9bebbf.jpg
age: 495160
edge-cache-tag: 545339158571486405593244428622716769644,568333867061882278150107818091167214166,29ecf9b93bbf306179626feeda1fab70
cache-tag: 545339158571486405593244428622716769644,568333867061882278150107818091167214166,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 146
req-referer: https://dl.web.de/
content-length: 13520
x-request-id: ff0ada4200489dfdab3749080c973dfd
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000060-IAD, cache-iad-kjyo7100157-IAD, cache-chi-klot8100065-CHI, cache-iad-kiad7000161-IAD, cache-fra-eddf8230094-FRA
last-modified: Tue, 30 May 2023 15:47:26 GMT
server: nginx
x-timer: S1686017187.876721,VS0,VE0
etag: "bea71b92713ac65049946089b398200c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 2

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 8484 439 B
364 B 60ms
59ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1686017186911&uv=3288&tms=1686017186911&abt=esv_vB!nonrv_vA!ntvc_vA!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6b9a6671-d51a-4856-a3ef-72e2ef68e509&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8729ca54fcad83251f6cfbd0c4a8429c612bf2f053712827e0429b5b467f5efc

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 06 Jun 2023 02:06:26 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230094-FRA
x-timer: S1686017187.922321,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 5903 577 B
671 B 122ms
31ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4386fcc43ea4883f57760fcc4cf69f459aec5d941c39f5e9b5cc5f1905603d63

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 06 Jun 2023 02:06:27 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 89F6 2 KB
836 B 169ms
150ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1686017186916&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1523&pt=857036313&tz=0&viewable=true&ddast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=2&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1386735&dpubid=251245&abtst=esv_vB!nonrv_vA!ntvc_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fonedio.com&en=1&subu=3
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b506770f69ad0a537a81eb36902c0757328c403826b2b43d5d055934c8a643a

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 06 Jun 2023 02:06:27 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1448
x-cache: MISS
x-served-by: cache-fra-eddf8230094-FRA
pragma: no-cache
server: nginx
x-timer: S1686017187.986039,VS0,VE86
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame 89F6 0
43 B 144ms
31ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&cmcv=&pix=31589837&cb=1686017186911&uv=3288&tms=1686017186911&abt=esv_vB!nonrv_vA!ntvc_vA!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1686017183490!ts:1686017186911&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
content-length: 0
server: nginx

GET
H2 206 krdzte8ufgu51qqjrrln.mp4
cdn.taboola.com/libtrc/static/video/v1681841411/ Frame 89F6 207 KB
0 26ms
25ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1681841411/krdzte8ufgu51qqjrrln.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: mfodETxjS_zFiosZ2ZNPoeSliYvGi0mG
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish
x-amz-request-id: 4RHC6R5TNS694BAH
age: 28
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1398102/1398103
x-amz-replication-status: COMPLETED
Content-Length: 1398103
x-amz-id-2: btXxKtsMsYPHo7AfcvTqT6P9dOyaqU5Tl5ThvvliA5mPAfXQw4zx3YXgsXy6k5tuyQDBAFnw4eo=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Tue, 18 Apr 2023 18:10:19 GMT
server: AmazonS3
x-timer: S1686017187.928808,VS0,VE1
etag: "10e9df485d0bfaf561432f2fcaddcc30"
content-type: video/mp4;codecs=avc1
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 qjqwbfphgdxce9cxk6cn.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1677856833/ Frame 89F6 64 KB
0 23ms
22ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1677856833/qjqwbfphgdxce9cxk6cn.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: FUXhoNNmbauAh1oqCwPq6uTTz9xVeH44
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish
x-amz-request-id: SHAGA6S5GH0X9BG7
age: 66
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1467158/1467159
x-amz-replication-status: COMPLETED
Content-Length: 1467159
x-amz-id-2: XqBNl5S7Xr0XHgN7c5f2QR1b90iOZL92IENgDY4b5zlXoF8EndCiC4iCactev6uQ+dCvN2B2fqY=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Fri, 03 Mar 2023 15:20:52 GMT
server: AmazonS3
x-timer: S1686017187.928905,VS0,VE1
etag: "bffb13c7b1b9f081eb4d2047a48ea313"
content-type: video/mp4;codecs=avc1
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 bsns15g9iifsmmhtzxk2.mp4
cdn.taboola.com/libtrc/static/video/v1683615806/ Frame 89F6 79 KB
0 25ms
24ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1683615806/bsns15g9iifsmmhtzxk2.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: KsAq3fvgIAT7yyZdXmIlvFZ3TavJfVK0
date: Tue, 06 Jun 2023 02:06:26 GMT
via: 1.1 varnish
x-amz-request-id: HB5MYFH04EFAZJ00
age: 43
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-203833/203834
x-amz-replication-status: COMPLETED
Content-Length: 203834
x-amz-id-2: 6wzIg0V2ugBe2gx4U53zgWVHPWwfCcOoZzH2oqGdIssxyDSioznGJxEcEOy84Peg1iz/kIgLh6s=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Tue, 09 May 2023 07:03:31 GMT
server: AmazonS3
x-timer: S1686017187.928914,VS0,VE1
etag: "0a198545fee20ca01d21b2a1ca36f085"
content-type: video/mp4;codecs=avc1
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0364 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7444227107550&version=m202301230201&ct=76&x=1&cor=4206301833863873500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8484 70 B
264 B 47ms
47ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1686017186911&uv=3288&tms=1686017186911&abt=esv_vB!nonrv_vA!ntvc_vA!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6b9a6671-d51a-4856-a3ef-72e2ef68e509&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 8484
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A

0
98 B

170ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1686017186911&uv=3288&tms=1686017186911&abt=esv_vB!nonrv_vA!ntvc_vA!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6b9a6671-d51a-4856-a3ef-72e2ef68e509&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33122

Redirect headers

date: Tue, 06 Jun 2023 02:06:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 8484 0
125 B 77ms
26ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1686017186911&uv=3288&tms=1686017186911&abt=esv_vB!nonrv_vA!ntvc_vA!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6b9a6671-d51a-4856-a3ef-72e2ef68e509&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3524 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6825975950228&version=m202301230201&ct=76&x=1&cor=14635048039928787000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C9 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5906382096107&version=m202301230201&ct=76&x=1&cor=2991849046863992000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5903 70 B
264 B 47ms
47ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 5903
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A

0
98 B

117ms
30ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33122

Redirect headers

date: Tue, 06 Jun 2023 02:06:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2CB4 281 B
554 B 84ms
23ms Document
text/html 23.212.211.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-211-47.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Jun 2023 02:06:27 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_8_8/infra/ Frame 89F6 887 KB
147 KB 72ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c6806f8379c0a4da9fa955f55465b1babb9c824187e711495d3a619546a36483

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-meta-mtime: 1685956623
date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: QGVTFBBC8E9CP3K7
age: 60445
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685956624
x-amz-meta-mode: 33188
content-length: 150072
x-amz-id-2: aleayPJZVWL0pxyliM8TdhK02NCzbyn9wOSpORbqYM+lUYzF3JgUsWy3seIa9qhZrGreDh195BY=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Mon, 05 Jun 2023 09:17:05 GMT
server: AmazonS3-br
x-timer: S1686017187.146412,VS0,VE0
etag: "81348113b2ca9b12b7205372f6653437"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 53910

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_8_8/assets/css/ Frame 89F6 60 KB
8 KB 22ms
22ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-meta-mtime: 1685956642
date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 88G1W7FC0N0XDB2B
age: 60445
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685956642
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: GcCXD8KdYBb+g5Vtk9wQ4x27v2HOc+dszuQv5xGzqSXRFMrTMu5VUVKloNv8X7kjr+70Cn2r9zI=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Jun 2023 09:17:24 GMT
server: AmazonS3-br
x-timer: S1686017187.098036,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 74815

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2CB4 34 KB
10 KB 22ms
22ms Script
text/html 23.212.211.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-211-47.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 972755983c98afbfb107d5b6da02f1eaef49d9bef146531bf655142633effb76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 02:06:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 19:17:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61843
Connection: keep-alive
Content-Length: 10113
Expires: Tue, 06 Jun 2023 19:17:10 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2CB4 284 B
536 B 93ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ Frame 89F6 16 KB
5 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1997528
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1686017187.299515,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 197910

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.2.3/ Frame 89F6 446 KB
84 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.2.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a2b2f6d642ba935218db5321dc3d3dd9c9f7533f13b2287c950f0209b12705e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-meta-mtime: 1685350863
date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 3WETE7RTXK0QW7JD
age: 666279
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685350878
x-amz-meta-mode: 33188
content-length: 85237
x-amz-id-2: U9MHM33d8zu1bcyAANixDCXsbgcb/go4MqSdvyxukPs4cokt28lsTvBQrYKgyRwmUwnbOtH8+aY=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 29 May 2023 09:01:19 GMT
server: AmazonS3-br
x-timer: S1686017187.316765,VS0,VE0
etag: "db81aec73ffe8dee8ae2e395a095e3a9"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 620077

GET
H2 200 sync Show response
am-match.taboola.com/ Frame F8EA 439 B
524 B 31ms
31ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8729ca54fcad83251f6cfbd0c4a8429c612bf2f053712827e0429b5b467f5efc

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 06 Jun 2023 02:06:27 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ Frame 89F6 0
43 B 31ms
31ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&cmcv=&pix=31579697&cb=1686017187312&uv=3288&tms=1686017187312&su=3&abt=esv_vB!nonrv_vA!ntvc_vA!ufm_vG&ru=https://pcloak.blob.core.windows.net/&ft=2&unm=FEED_MANAGER&su=3&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 89F6 89 KB
89 KB 40ms
22ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 8f6bdaf52990daaab8fe7162027bdec4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: VIE50-C2
age: 1556479
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1686017187.371164,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: KeRHC3LKLO0XQKojJBbD0tHrBXvvLrHwZKSWav-ATh5HE9Ep3r-cOw==
x-cache-hits: 753382

GET
H2 200 cms-2c-rubicon.html Show response
cti.w55c.net/ct/ Frame 61CE 52 KB
13 KB 130ms
23ms Document
text/html 192.229.233.53
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eus.rubiconproject.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 176085
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 12841
content-type: text/html
date: Tue, 06 Jun 2023 02:06:27 GMT
etag: "3055990060+gzip"
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 14 Oct 2021 17:36:30 GMT
p3p: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
pragma: no-cache
server: ECS (frb/6752)
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
x-cache: HIT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2CB4 0
239 B 450ms
112ms Image
image/gif 8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F8EA 70 B
264 B 47ms
47ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame F8EA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A

0
98 B

31ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31569

Redirect headers

date: Tue, 06 Jun 2023 02:06:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pHI1hqlE2oTmFDJ5tp0zHSB.juvsvU8qz_zsHQ--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame F8EA 0
15 B 26ms
25ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CIgCLAZYElXHGTNOEBCwJKqOM2acICgAAABgYID-AIlNnAvbbLdYi1yLhVs0XM3WCs_K5tZNVpaVzTZcuQbLISCxiXNhm-0Wa5FrsXCLhqvZWuFZ2dy6ycqystmGK9dgOQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQx4-ioPABdCoiBZpFGAEAAACgmngtPTJJJ6hYVPn__--3AnAFACAA0ZHuUjyL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxis1tMVquTEIPNZLFcLBazAwAAAHDn____Xw_IOJaLmc0yWWw8G5vNs1vtNouNzTQYORbOicPk8B7atJpFTz-BoD4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgYOawTRzLxVrhsE3Wot3KsJaYnBO3ZjGYLTbOyWa4mKxFr4_p4hsuFpbFFgkG7O1F8rRIJ7LhxuMxzlaGxW42nA02JsvEOBoNdwvbcDJbuHYTsURzskgnssu-41guZjbLZLHxbGw2z2612yw2NtNg5Fg4Jw6Tw1-YOWwTx3KxVjhsk7VotzKsJSbnxK1ZDGaLjXOyGS4ma9HrY7r4houFZbFvzIazwWK3GK72jdlwNljsFsPVvkNn-K4-Z6MxJbx4bMrqMPsz2ZwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDw_Q7bjTE50ryu41vjYFDEEsFFOtHbXSan3yKWKE0X6UQvdFhclr_W8jI53VqH5fR0K5wmh-lpd1qfbp3L8nQrzA6L0-y0fJ52p_WttbxMTrfWYTk93UqHyeV5upVmn9PsdEucZrfL7rS-dS7Ly-uyu4Uuy1vzcr4Vg8VguBtOxBLB6SKdiF7G00X9Rw04miuWc8VuNVfMVqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9vJ5KokPO5uy6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgToCLF_f___48DAAAgI4ceAAAA_T6gKNlHLpT6YX4DrRrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg
srv-cdn.onedio.com/store/ Frame 89F6 5 KB
2 KB 36ms
36ms Image
image/svg+xml 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2456ef3475fff167027aecdbf0400a036b2f383db83707c3234103d0f03d9421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 e19aed1f6c91c2644d0ca17ce8be7af2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 906055
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"1341-HkNNtvvRHBHy5muqVr6wRTl+u2M"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d2d189db92c368c-FRA
x-amz-cf-id: ZaqwjAXdyeFXG6xqit4yqjpB1hdRlxhcq5acrSIQWOT3RtYZWd9FAA==

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 2CB4
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

49ms
49ms

Image
image/gif

52.95.118.179

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

52.95.118.179 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6XV9H6X5WZN1HXPT4WFX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:06:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DAJ543C8QK37TF4HRA6K
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2CB4 0
239 B 92ms
23ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CB4
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:06:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 2CB4 0
214 B 47ms
23ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2CB4 0
239 B 91ms
22ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 403 ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 2CB4 0
0 86ms
22ms Image
text/html 52.222.214.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-69.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2CB4
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7241388670085560469&expires=730&gdpr=1

0
239 B

87ms
23ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7241388670085560469&expires=730&gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7241388670085560469&expires=730&gdpr=1
Date: Tue, 06 Jun 2023 02:06:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

POST
H2 204 bulk Show response
trc.taboola.com/onedio/log/3/ Frame 89F6 0
274 B 56ms
56ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onedio/log/3/bulk?tvi2=4410&route=AM%3AAM%3AV&lti=deflated&bulkSize=14
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 13
pragma: no-cache
date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230094-FRA
server: nginx
x-timer: S1686017188.599340,VS0,VE13
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://onedio.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F6 254 B
704 B 22ms
22ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 06 Jun 2023 02:06:27 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 13201
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1686017188.748362,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 953

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 89F6 3 KB
2 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230604-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Jun 2023 02:06:28 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1549
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1686017188.452635,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 2
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1013

GET
H2 200 / Show response
pips.taboola.com/ Frame 89F6 4 B
118 B 24ms
23ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230041-FRA
date: Tue, 06 Jun 2023 02:06:28 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://onedio.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame 89F6 0
82 B 565ms
110ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=0fa6b191-aa62-47e0-bd9b-31061c923812-tuctb781a21&mbl=ZmFsc2U=
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/33c1330.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 02:06:28 GMT
cache-control: no-store
server: nginx

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-20 13:03:29	Name: C Value: 1
.adform.net/	1970-01-20 13:46:41	Name: uid Value: 381789943287271150
.criteo.com/	1970-01-20 21:41:53	Name: uid Value: 580cb5fb-f919-462e-b56f-76824192124c
.doubleclick.net/	1970-01-20 21:41:53	Name: IDE Value: AHWqTUmS9EiygywXBWqFWamY1t3otCKYCP-2xKTt9EWpKIibvGAOudrceaIRyWNbrTY
.tesseradigital.com/	1970-01-20 21:56:17	Name: tpuuid Value: KK3SLI0f4Vunf58wkSM3MAgCdBLb03teBHfXAxUy3Bzu
.adnxs.com/	1970-01-20 14:29:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ei`2zZ!]tbPl1M>e)ZlrFUfJ+tGXxp)<##0aL-P2':ruSZAjN[q?.]l!Nab0kcHA1M3If)y3KL9D3I?+p*+N#q
.casalemedia.com/	1970-01-20 14:29:53	Name: CMPS Value: 3162
.casalemedia.com/	1970-01-20 14:29:53	Name: CMPRO Value: 3162
.adnxs.com/	1970-01-20 14:29:53	Name: uuid2 Value: 1542885924568820017
.casalemedia.com/	1970-01-20 21:05:53	Name: CMID Value: ZH6UoeDdER2x98G1RlSWzgAA
.doubleclick.net/	1970-01-20 12:20:20	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 16:39:29	Name: uid Value: 3329767022734505352
.quantserve.com/	1970-01-20 14:29:53	Name: d Value: ECQBCQGVKYEA
.quantserve.com/	1970-01-20 21:50:31	Name: mc Value: 647e94a1-bd63b-50630-c8dbb
.mathtag.com/	1970-01-20 13:03:29	Name: mt_mop Value: 4:1686017185
.mathtag.com/	1970-01-20 21:46:12	Name: uuid Value: 1ca6647e-94a1-4600-bb4b-c4a1fa842818
.simpli.fi/	1970-01-20 21:07:19	Name: suid Value: 7FD85C7178444EDF8AADA5843046D51F
.adfarm1.adition.com/	1970-01-20 14:29:53	Name: UserID1 Value: 7241388670085560469
.de17a.com/	1970-01-20 20:58:41	Name: guid Value: 1.4984622985420081864
.yahoo.com/	1970-01-20 21:06:14	Name: A3 Value: d=AQABBKGUfmQCEJqe1uzlxbvSzJ28jx6IouQFEgEBAQHmf2SIZAAAAAAA_eMAAA&S=AQAAAnaUmtUY8KfMiMjZPyyPbiI
.360yield.com/	1970-01-20 14:29:53	Name: tuuid_lu Value: 1686017185
.360yield.com/	1970-01-20 14:29:53	Name: tuuid Value: 3efa99e5-4c97-49c7-8f4e-f5f1321f250c
.linkedin.com/	1970-01-20 21:05:53	Name: bcookie Value: "v=2&26e34d76-d6ba-44f2-851d-6d5b9136d777"
.linkedin.com/	1970-01-20 16:39:29	Name: li_gc Value: MTswOzE2ODYwMTcxODU7MjswMjEQ1m/sn5ay0v7kYydcL8vPlHf92oKqgpnnrsNh9fcE1A==
.linkedin.com/	1970-01-20 12:21:43	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2577:u=1:x=1:i=1686017185:t=1686103585:v=2:sig=AQE0O36PEfIGZekVM2g8FUGSxPAGfL0m"
.getrockerbox.com/	1970-01-20 13:03:29	Name: uuid Value: rbcr-0cff6826-8793-423c-840c-80cd0fd4935d

67 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6f9eb6679895942cc2ab54858310142dba24a5e794a859cfbe9954f3c8905568.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6f9eb6679895942cc2ab54858310142dba24a5e794a859cfbe9954f3c8905568.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/da888495f7d88aff744f0061ae0ed96f90ef9f2e1e7298ee513fc7f991943f52.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/adcad43b3aa9adf261fd29a97ba586e4ed703cff8c40daeeaf5237d3d3ca1f5d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/7a78e650453961fafb46fa74dffc67e19c4470b8985cf5a12b8cc452b7837c07.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/c824b637c7e69f8b2b0c611fb2770c1b2221b0cef22c5b827c5cf28d0de9f30e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6f9eb6679895942cc2ab54858310142dba24a5e794a859cfbe9954f3c8905568.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1418) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6f9eb6679895942cc2ab54858310142dba24a5e794a859cfbe9954f3c8905568.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/c824b637c7e69f8b2b0c611fb2770c1b2221b0cef22c5b827c5cf28d0de9f30e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/7a78e650453961fafb46fa74dffc67e19c4470b8985cf5a12b8cc452b7837c07.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/adcad43b3aa9adf261fd29a97ba586e4ed703cff8c40daeeaf5237d3d3ca1f5d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=23301439127 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=38769317171 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=73206436719 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=58823460498 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=63745677040 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=86072546591 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=95003024002 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=86260710057 Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=1&us_privacy=1--- Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a7907dd8d698decbd129b875fdbc4adb.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.turn.com
adservice.google.com
adservice.google.de
adx.adform.net
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
api-onedio-production.onedio.com
bidder.criteo.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cti.w55c.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
event-collector.analytics.onedio.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.taboola.com
img-s1.onedio.com
img-s3.onedio.com
imprammp.taboola.com
lb.eu-1-id5-sync.com
match.360yield.com
match.adsrvr.org
metrics.getrockerbox.com
mug.criteo.com
onedio.com
onetag-sys.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
platform-lookaside.fbsbx.com
pm-widget.taboola.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
px.ads.linkedin.com
r.turn.com
recommendation-api.analytics.onedio.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
s2.adform.net
s8t.teads.tv
securepubads.g.doubleclick.net
services.onedio.com
srv-cdn.onedio.com
ssum-sec.casalemedia.com
static.criteo.net
static.onedio.com
sync.intentiq.com
sync.mathtag.com
sync.taboola.com
sync.teads.tv
t.teads.tv
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tpx.tesseradigital.com
trc-events.taboola.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
widget.perfectmarket.com
www.cloakan.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
124.146.215.46
141.101.90.98
141.226.224.32
141.226.228.48
141.95.98.65
142.250.185.162
142.250.186.130
151.101.129.44
151.101.193.44
162.19.138.116
172.64.165.10
178.250.1.11
178.250.1.9
185.102.219.172
185.184.8.90
185.29.134.244
185.80.39.216
192.229.233.53
2.18.161.51
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.184
23.212.211.47
23.212.89.35
23.52.123.144
2600:9000:20c3:1200:1b:5138:8a40:93a1
2606:4700:10::6814:f25
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:195::26e5
2a02:fa8:8806:12::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f084:a:face:b00c:0:2
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::485
2a05:d018:d29:3601:78d2:f403:256d:1a22
3.33.220.150
3.75.62.37
34.111.136.72
34.117.159.110
34.249.110.120
35.157.179.180
35.204.158.49
35.227.252.103
37.157.3.20
37.157.6.234
37.157.6.241
37.252.171.53
51.89.9.252
52.222.214.69
52.95.118.179
69.173.144.138
69.173.144.165
77.245.159.14
8.43.72.97
85.114.159.118
0056bc13c2920133603b6bcbbaa252a8adb38251388ecefe5a7ccd05b2b39ce2
00867e4aa81a541e2fad8ba10b2c4e9a6b137bdbb4ba13fb1a38d2fea88cb41a
00a7c1d5d09276da3a8a8de89b137f19d9471814e512ad64a1778fb3e55eda96
0106b8d9d4a9e893fc65aaa89ac57aefd3a1ca7a257e7fe66d022dca718b514d
0284c1027d1504097ad8cba603f91a566ecbba1c0cc779c801f85d88238d5ad3
0322b00cb6bad591b726254678daf5a09db33b9f34db5fe69dbd4ae2095d2929
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
077a758c165eced3316ba482308d475ebebfecf3040daacf54558be0db9d19af
08892af5a00aaf36bb2c095f4ae4758db3a72fb1aa1f15099ba5e6af0d9ac1bf
0a95ba1b152ea21a823ee9e88a40569edb553218975b0ff0ea1b45617dec2e7a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
0d54fd601aa07edc6f327638d8e60abe8d98db96a590b05f287af7f3dbf1cdbd
0ff91fa73af9fccd1105f9536bc260e9d8b6cd59adb3120cff5f533ba3783de9
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
1034ccaed1f9dbb4c6c0d3895ee792b931e539ecad7d3e0491632dd4df068c65
119f23ab3158392e08fbd79e8ddd1df7a4ba7cd301152ffd798a7e1c7d0bf1d8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1288c65873146fe18afa37b1e7dceaab28decb02310d0016c6b303512d13d86e
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
15726d6a6db473c829365e69e31d4e97604cd5cafe876d8597b3fbc869719b42
1672e073d0c9bc9371e75e3e54777b0008f769d46d2d4937deb47a416700f580
17933b47c80ca2931eed5507e2ea12a2005dba781ac2d69f91f413e1377734fc
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
1e23091d05fedcc8b4984193c46b9bcdf59f03a5df63990137d4cc5b2e366ef5
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1ee5bf96b4a2da8c61ba646ce5bae4ffb8f3f7cc2df59fb537243a83b777c552
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
23c27462d7e512fbd1583c6312b51890b453fd8f48650da405e50bb84ba10c39
2456ef3475fff167027aecdbf0400a036b2f383db83707c3234103d0f03d9421
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25f3a1864ce02467f793769b7ed5315724faf63efe0d09a68fbfac1e7bf822bf
2a7a81bf39c3c7bb66ce695c178feb2f214373a84b269d18d5e6601f34da0121
2db29d2057e2f452e00dd7f8c3c041d1f427b466ad334bd4b70935b1431cb8b7
300cebb7385554067020de3ea474625004ca74f5c6548d0fa274a40125464d03
3121ae381725f7036ab25931c12b0a805abe44ed43eb0549e9a19023251101da
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329fca3d8ee333b8541f4f893d62d9f644917ca3efb585985dbea543e7ecfb84
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36de549fa81b509bf426b8c57b5842e2857f1ac66456c567d552ac5a890dcd85
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
37f7b288df5c0cb70123c10a8c8dacaf3189db0c96a5fc2693f18c80d75ae104
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39dce9bed1229c0ea63b578fa41d43deedadad5a254d1c109a6b9befab766f57
3c8f980d25529cac4e331e6cb3357bc3c26614679ee04ecc579f5e7bb385bec5
3e69464caeb102cc3ef4e6fec4206471bc9ecbee5226fa1a5aaf146dc072547b
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7619b8346cd550765079cdf4b6009d4cd36c1ebea801c3913275849acce565
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffee9c0bd9411def1f88e476cfc072629841a536edc0abf2927b35ebcaff4d9
40b1b257a5ddb9dd8a44482f560de047b9c5e0eb5641d38d66b1a6c53a518455
41dd65e5d60b12bfae966238332a9260800d9faa4d6b2dd96c1d04050fbaed02
422f44f37be3ad1dc211805c2f45188eb4a74e2bb9b6e4afe2379c8f0c239008
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
4386fcc43ea4883f57760fcc4cf69f459aec5d941c39f5e9b5cc5f1905603d63
4445041a5221550830f31fa42e138f881676a468e4fedb939c1e0ab0a07eae17
45884c00a9b638d52f6cd0b22b3ad6bcacf6e727b6e83d9390ed16a5c0d1fd79
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a0101e8babb477e69a0a018919b7124102ef84bd46bd51c1af97bd56fe06141
4a28bc0c0e49152ae29f9dcf2415a5b3d661c063d0572d94ad7d55a9aecacd32
4b506770f69ad0a537a81eb36902c0757328c403826b2b43d5d055934c8a643a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6f82576efee6483b4be47b15ba0079cc4acf76078682cf34ede7091221e6d9
4d7a0bfa44fd296b5f01d7ea149625a134d3efd59d66ac6cf6f676954d5d8ebb
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517b19e0b5b21597c149cdd3e802ac4680df295b26a394e73921e2d8f0ad5033
525ea0699cf7747d41a18c7b3fb0c536bd5e8ef49cb286e6d2e80d7102911b3a
52e0a6998548d6b1b01a6a4a60eb6314d5ef04022eb200ae5d5a02b59acd159d
52e537502f71005147165cfb8c67081bcbd6580b86fb92c891dcfabdfac1ffac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54af59cd5a41c8f66a3c0326d7f86f85cff13ef03ea8a45850bdda35bdea6485
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fe4e70c417bb19b37d1824c282a9ec1804103d00436f3236c173a51a2f85b2
56639c53fbc08d334e0001abb9cb4724cb57cb476150d64d7fc1211570d2bed6
568e73f4e5ff891a68adfceabbac7018a12989540e635365942323cee7b0f87a
57c1cadf6eabccdb20e7907b3b634d0dd368de752a4b33c3ff8bee224ae4db51
58c38e7517bf0e9345f24130c340442c8bee366ff6220bd1ab1415d757d241d7
5ba3e29b36392ab475d33c81fcb6a9d266e4edae0429534e64263624c693f92c
5f08b2ac990457ec38f53aec8df2f215fbafcffc4928424dcb03bc2c74cc4254
60f46bfd81485e775d3ba7208cd1de8eb706639b1aaa338f371676199625faa7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d5873b4e52d074791d9c3902e91e2b742f2588df93469aca4bafc8f06525f9
64b9a94df9e1c50392ba77dff3590239f5caa2b90abc5d0d6d931a4f9f423ddf
64e95700ca7a96120526898bac47ac272a33e88c77f4267fda0d25ebc22b9d45
6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5
67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6907d43a9e4b4307fc6f5d619fbd7b39f0b5b72f1578b6343d5c50b927438da8
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
6c71365e672443bf7a30423d604a651c4ae8be9d9be4b548edcf96a2a7d5f199
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f51cb8afe19a4f45f3aa5e6f69364c423657b1eda95bcc68f4558c96d69ddf1
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
70865cda878d32a1590401371c1bdaa4fc5e9de404a39de7ac156d6d357502b8
71e6e5d40b1ffb1785865f7e717587b63172e606f2ceb045b045543dee4ba8f3
753df3b078dc8c581a0ad80f66167b1c240fa0b92e72a1f1e7cee2765502be29
79500ea94916f6a2c47673c45b475092a9947a57adfa89d5d547274a124e6be2
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7dac5960e7ff1917456862e9d18dd56e336dae0e1467f251e0b17517b6266dbd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83997aeb0e94bdfbda81f9b9c2e3f017f0bc4d46b8c63fe6d8a094852c1258c7
864d7e3f9c8737edd2ecede7f9a49ed57106209fe810c315951002677af99795
869930390522ace791b79ef5f83ecbaca7e619e0fe8e40c9a0f1b37b4174f57b
8729ca54fcad83251f6cfbd0c4a8429c612bf2f053712827e0429b5b467f5efc
887a3a4f200a899e84097749a9412f749c61744b76f287de50a76cb532308166
89dda46c7bee1761ffec46d2e82f36b1aad76b17b80d39707d939291adda0f1f
8a86c0207437792a8da92976d69bbc360afd4623670e669bb4e84cf65d18dd51
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
906689198d18ef241996366383efbd6bacd658fd71406049e6dbd5a38895424b
91791b332c8d5c4432fff373a1847c2708e29dec9adffac3c4791077ed75d459
92655d7f9e691bf84075994186589543713e7cb9e65e478c85b8c9d320a2ba21
944089b44ec5f876426cd30b5cd76e18a09d4178aa06f2acea7b50f9fd61e67f
949ed2610175c55732c6b7c7a3e0f97708b388bae37b40a92174ee21499da7df
96c248ed6596a211aebf66eca21eb95634a613c77b3aea467801aea400acb1c2
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
972755983c98afbfb107d5b6da02f1eaef49d9bef146531bf655142633effb76
977b523e2c3207450bc44e30ac993db1a376f7dffa97d07548d353e7175b2927
990bb3be367ae44d6ebf4b42390d8bd9212c9cd09aef40547694175f47334629
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a5ea123261f7947e84605e3bd6a3d689986a2d95cc2c550e94f5bab5572e052
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9ec64a3732de734ca282a376b0b8048f50d246accf0d1367755166d08a5aef96
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2
a0c330d0c4c97738afe87556fff6b2a3c644b91dbea8d9f86bd206f3d792e84c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b2f6d642ba935218db5321dc3d3dd9c9f7533f13b2287c950f0209b12705e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60956365a6a6311ee46c7086f4f9ed805a7b4666b11f38f7d92ec4fa453543d
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a65e55dfb49fe7156c315e93e5667af83fa0dac3ceb915b5b7aa2a0d3855b79b
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9995395bf24161ca74c6155395eb9f8f6c62bda4015030125647e9471942e28
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
ac502088daf7b9e78258dfbbd2e0e809ca66c08513607d1814cb6f092bac1ab2
ac8f497789bafbe7a737ce673f789a3d7fea3b30efe9249424ffc0aaba6bce47
ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a
adda67abf8e0f8731a86e3aefb53b93847656f20799f63d181ae0c9cd2638adb
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812
af8bd2b36f5dbf0d3fb36666100fc398d8e96d4c797287bac0a77410e6f2a35d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ae3462308921ee5bebfa77c5f2200c9da063262c46a52aeca24ceea62a5403
b500ab1e5b4b551b9c7589011dd14fccd0ab371631644a18f790b4659b2470a8
b51288e6605a34673f02bc455dbc96bddd1c4893f506f85b1ed74b06dd7f198a
b6c21bbb6b819f7dba5c0b474b64535c13d53512c9c1e402a92b94b424dac95e
b861dae7ed25de0659f0997c43614ced1035bb5ce2b1bec82844bfc86ab287f0
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
b91d518fb5690f97593c93e0e94f1b413988ba52d3f8e39b19d59a92ef7289ca
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
bb3be51e62f2436e091b3efa33c5219773903979ef34100713f832c12e6633b4
bb3ffb51fc3d56eaeba14b8c1ca19565d05599818497ea43c1ca701e17ce3069
be77d7730a869cb3e7f47175ccef5a7e92c95cde385080e283003379153e497b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c264bcf4752257bbee9a41f984bca38e5dc35a521135b2b42fd68d38f48704d5
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c28e62ec408f34ca18b76298f690009e78700af3010365f6a6e7226e924416e9
c3ba075c31642cc901d55e654c19026b22922a0bff9d487cf73831fa9a0b98a5
c5bf067b111e2875dd3d9167e96f1c5b3f20f232dbbec4442ecf475b899c6178
c5c82cdaaf712ef3f60673aa1b1bbf882b328152bceb8ec69ba3814d33893802
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c6806f8379c0a4da9fa955f55465b1babb9c824187e711495d3a619546a36483
c7e3496a6d64fbfb8871820c4d560bbfb2b4ee8f8bee4636a06f0de54e5ffc25
c85ff0d2c0dba739701435b4ecd7ff4c4139528bef936a19f28ac4ac7cd26065
c99843cb1ca29688cea0a8b4275d00c233c97224925f9f4c8e9cfe62b83bf967
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca53ad087b0b145ebc020293681fa808a42c99c37d1b4c254a147e97c812a60f
ca6445fe2a60e5dbc1e6d30032a038752d6cce4ecf48b49d328378c07e4ad584
cb217d0e8ae247684c0dd02ff520bf734a39ad6ea5ec1124286bf47e0f42ec63
cb3c4c0b69349543c69be213f9b261cdbb3e09d801a90c5d2263e6cac07261c8
cbf32da7c041012e2d77c453d11e5d9443f4029ef0c0c0a505ddf358651e4e28
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
d19dca040e74cd8fc30291933896f5efb2183715484442e5160e8a5a149426fa
d587c2abe4e9efc774b42010e741c14d97183ce2d29d95c1f95a80c59c18817e
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
dba49107edbd020f83668ba1c661b3d240621d37c01a6d3d4a8078300b9a4069
dc24629ff95d21d65ec3ea91be7f037fd59f694a218fe9d4bada1ddef05fbb4d
de7713832e8617ed0535afa5ccf9ff63dc6b8bb4512664185a4b9e5d7f1abcc6
e0017d9faef36846d5862d4bff7d44d35281d137249edd129235bd82ea61ebda
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e35f60239e010746f62a96ea78f6196cbd974287e2ce51f4c555a2dc268e2d06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5113869fed7cf5fbbb2fb64ba2e5c29fc9043e01e0d3a90b39024e0d0b20c
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e86af19d7a5ad8c41b4bc3e7c9d831c035881994f142751b65c209e0724eeed7
e8c08b32be0c804ec39bfa769a7a23ab79171928b014e183b90aec02859c5019
e939dd040d5dbb39da8d8b2fb0dd02299d686819a6f694b436734cef4a976766
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
ecc5965ecaa67f60e26615c0d7df1051d4fb6aea3a8806dd5db2fc8c2b003a1e
ee193f3fbcab1daf0584e6e6f8ba661fb5be4812280d635a439b0c10664f1839
eef0332d53bef81595ef7d291e27607049daab5f25eaef986992ac8332076f0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17743453ad59cf73ecb4045e0fee5bda7df08c33c56cfa3354232630e6c9293
f1db54c121f4f16e227a6c3afe71f24ebd80c577e346d734b8bba7a7cd336cb2
f2a947f88a7db682f66064f0e4cd1a3daf98f78e9145893a6d935071aa0ee21d
f2bb510a8cd07d4caf12d0328b4ec6c144b27989b558754e2aa1c7b7713ac913
f35bb208aad1cf9096b29ad0f89f891f4446f6d7e69618d6d032604f9bd27208
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
fd268841271a7a193e86500967ec98cab937166dcf55e86ef1c1160635fb584e
fee5feedcf117324972d35126e99e4d11d098c6437293d2bbd04c7d6153af2d7
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

406 Requests

90 %HTTPS

42 %IPv6

51 Domains

96 Subdomains

66 IPs

12 Countries

9156 kBTransfer

18471 kBSize

26 Cookies

0 Outgoing links

Redirected requests

406 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

406
Requests

90 %
HTTPS

42 %
IPv6

51
Domains

96
Subdomains

66
IPs

12
Countries

9156 kB
Transfer

18471 kB
Size

26
Cookies

406 HTTP transactions
6 data transactions