www.ontaheen.com Open in urlscan Pro
2a05:d014:776:a63e:931e:6ac2:944b:f27e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ontaheen.com/
Effective URL:
https://www.ontaheen.com/
Submission Tags: analytics-framework
Submission: On April 23 via api (April 23rd 2023, 4:14:00 am UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 80 HTTP transactions. The main IP is 2a05:d014:776:a63e:931e:6ac2:944b:f27e, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.ontaheen.com.
TLS certificate: Issued by R3 on March 24th 2023. Valid for: 3 months.

This is the only time www.ontaheen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2a05:d014:776... 2a05:d014:776:a63e:931e:6ac2:944b:f27e	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3033::ac43:903e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	65.9.66.74 65.9.66.74	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.104 143.204.89.104	16509 (AMAZON-02) (AMAZON-02)
1 5	172.64.154.204 172.64.154.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.251.154.165 34.251.154.165	16509 (AMAZON-02) (AMAZON-02)
80	23

30 2a05:d014:776:a63e:931e:6ac2:944b:f27e (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ontaheen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ontaheen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:903e (United States)

ASN13335 (CLOUDFLARENET, US)

privacy.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
the.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gvl.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-104.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.154.204 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.251.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

s.srvsynd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	ontaheen.com 1 redirects ontaheen.com www.ontaheen.com	243 KB
6	srvsynd.com s.srvsynd.com — Cisco Umbrella Rank: 17773	58 KB
6	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 12820 ezodn.com — Cisco Umbrella Rank: 11066 g.ezodn.com — Cisco Umbrella Rank: 15904 basher.ezodn.com — Cisco Umbrella Rank: 13245	199 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	179 KB
5	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 3474 cd.connatix.com — Cisco Umbrella Rank: 4107 cds.connatix.com — Cisco Umbrella Rank: 4289	282 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3572 onesignal.com — Cisco Umbrella Rank: 1047	83 KB
4	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4666 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5724 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6329	16 KB
4	gatekeeperconsent.com privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 53432 the.gatekeeperconsent.com — Cisco Umbrella Rank: 57051 gvl.gatekeeperconsent.com — Cisco Umbrella Rank: 59082	146 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	163 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3425	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 16	408 B
1	w.org s.w.org — Cisco Umbrella Rank: 2915	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 imasdk.googleapis.com Failed	1 KB
80	16

	Domain	Requested by
29	www.ontaheen.com	www.ontaheen.com
6	s.srvsynd.com	cd.connatix.com s.srvsynd.com
4	securepubads.g.doubleclick.net	www.ontaheen.com securepubads.g.doubleclick.net cd.connatix.com
3	onesignal.com	cdn.onesignal.com
3	pagead2.googlesyndication.com	www.ontaheen.com pagead2.googlesyndication.com
2	cds.connatix.com	cd.connatix.com
2	capi.connatix.com	cd.connatix.com
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	basher.ezodn.com	www.ontaheen.com
2	gvl.gatekeeperconsent.com	the.gatekeeperconsent.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.onesignal.com	www.ontaheen.com cdn.onesignal.com
2	go.ezodn.com	www.ontaheen.com
1	cd.connatix.com	1 redirects
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	www.google.de
1	www.google.com
1	get.s-onetag.com	www.ontaheen.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	s.w.org	www.ontaheen.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	g.ezodn.com	www.ontaheen.com
1	the.gatekeeperconsent.com	www.ontaheen.com
1	ezodn.com	www.ontaheen.com
1	www.googletagmanager.com	www.ontaheen.com
1	fonts.googleapis.com	www.ontaheen.com
1	privacy.gatekeeperconsent.com	www.ontaheen.com
1	ontaheen.com	1 redirects
0	imasdk.googleapis.com Failed	cd.connatix.com
80	30

This site contains no links.

Subject Issuer	Validity	Valid
ontaheen.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.gatekeeperconsent.com GTS CA 1P5	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
post.srvsynd.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.ontaheen.com/
Frame ID: B7C12896A8F0499EF517737880DF590A
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 38C31DD2E24DEDB7A7C666A5D3049363
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/260105/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Frame ID: A353CE8441B5AD54FDC29C2B4FBD64C0
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.ontaheen.com/9fecfc9f-a8cc-4694-b639-4883240fe696
Frame ID: 982684CF6367D0512F15F21C2CC40CF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ontaheen.com/ HTTP 301
https://www.ontaheen.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

94 %
HTTPS

73 %
IPv6

16
Domains

30
Subdomains

23
IPs

4
Countries

1465 kB
Transfer

5185 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ontaheen.com/ HTTP 301
https://www.ontaheen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
https://cds.connatix.com/p/260105/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ontaheen.com/
Redirect Chain

https://ontaheen.com/
https://www.ontaheen.com/

172 KB
38 KB

373ms
348ms

Document
text/html

2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

e7b4571947b0834f44ef4108ce95f863b7611b94754871aae2ef5f8ef0743de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 23 Apr 2023 04:13:55 UTC
display: pub_site_sol
expires: Sat, 22 Apr 2023 04:13:55 GMT
link: <https://www.ontaheen.com/wp-json/>; rel="https://api.w.org/"
pagespeed: off
response: 200
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding,User-Agent
x-ezoic-cdn: Hit ds;mm;efd8b261d3d9906c4822e5da264bed4e;2-78764-70;e388afce-2e25-4e0f-7f48-bf766741f54a
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control
x-sol: pub_site

Redirect headers

cache-control: public, max-age=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 23 Apr 2023 04:13:55 UTC
display: staticcontent_sol
location: https://www.ontaheen.com/
pagespeed: off
response: 301
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;8d9fc174c86fba4575b3bc3f6d826dee;2-78764-70;af640d8a-03e5-49d9-68d9-bd97ec321fe1
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-origin-cache-control
x-redirect-by: WordPress
x-sol: pub_site

GET
H2 200 tcf2_stub.js Show response
privacy.gatekeeperconsent.com/ 1 KB
1 KB 124ms
45ms Script
application/javascript 2606:4700:3033::ac43:903e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.gatekeeperconsent.com/tcf2_stub.js
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rE6MUAGj0%2F%2B%2BIwOSINSZlRW32xZN2RMkC6S3QOOZLolJLxKDJg6JDuIDpNxSoHPTEd7uCiS01HFwmYtWW9%2F5J9bmPvB5v%2FqgtDaG2P1G4O0ib5Behwmux5jo%2FMEz4tgOLrLqcGCa80maKLKxjlcb1xEfHfOO9JfRDm%2FXQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000, public
cf-ray: 7bc346d63eab9b28-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 224ms
93ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3cf49f2064d079c020ee185c09c6f7af5b5f268030a59edc4b5c46ed08bc312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ontaheen.com/
Origin: https://www.ontaheen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47759
x-xss-protection: 0
server: cafe
etag: 12020319477077209149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 04:13:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 178ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3172d43a26974589f4c0ac2403fee49c9fc6b913b492206a3233a927ca99986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25054
x-xss-protection: 0
server: cafe
etag: 326 / 19470 / m202304180101 / config-hash: 6342739278968460252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 04:13:55 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 660 KB
192 KB 180ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-11-55
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 23:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2091139
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUu%2F188jDxMKa2kELecHpxVp5kJuN0HDEOsPTksiiIEydLnTR1UuudgJxizRMpMkq5je7dPwTj6%2BthLy8oE1hb4boHvWvqqZxYO2HmrE5wd5ixf%2F7SqO0vxi05bW111IFFQqlfKFxBaBa%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7bc346d68d8135e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
www.ontaheen.com/porpoiseant/ 8 KB
2 KB 50ms
50ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/porpoiseant/fads.js?gcb=195-11&cb=8
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 style.css
www.ontaheen.com/wp-content/themes/education-pro/ 52 KB
9 KB 80ms
77ms Stylesheet
text/css 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-content/themes/education-pro/style.css?ver=3.0.2

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

3f82ef6e989e2be8a61a5472ea39e03b4d477bd073f96172eba6ec0d4599f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;b08b787e2ebbbbadc2595d6a3e258367;2-78764-70;2fd5c12e-4fb3-4579-5e61-2b76f91b2923
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "d020-58994c01f5fc0-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 style.min.css
www.ontaheen.com/wp-includes/css/dist/block-library/ 95 KB
12 KB 59ms
56ms Stylesheet
text/css 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;155af162c2b1b5795bef94dc82731d0b;2-78764-70;4ac54ad1-1585-49e6-59d2-8ed5d2348e1e
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "17ced-5f8170c71a478-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 classic-themes.min.css
www.ontaheen.com/wp-includes/css/ 291 B
365 B 59ms
57ms Stylesheet
text/css 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;c9f1c3f4e42f84204a9c01143936677e;2-78764-70;8da36a26-9c43-4ec7-4712-d0ac8c197727
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
content-length: 165
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "123-5f8170c75e923-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 dashicons.min.css
www.ontaheen.com/wp-includes/css/ 58 KB
34 KB 80ms
77ms Stylesheet
text/css 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-includes/css/dashicons.min.css?ver=6.2

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;37bd5c473ccc8f9bdfd35f2e333dc5e3;2-78764-70;3cca8ffa-a7c0-4b1f-49d9-81f02ee4fd58
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "e688-5bffbb3471c56-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 136ms
38ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C700&ver=3.0.2

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c4ec7630516b8e2b5f02caf191d0bf0376ca7f87c19800c7c6201c9aa019c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 04:13:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Apr 2023 04:13:55 GMT

GET
H2 200 jquery.min.js Show response
www.ontaheen.com/wp-includes/js/jquery/ 88 KB
30 KB 60ms
58ms Script
text/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "15ed7-5f8170c7e9cbd-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;ae8295dea7b4fff9b9cc3bfda7fc1369;2-78764-70;435f3959-e1e4-4254-5c95-8b15c6dc7a6a
content-type: text/javascript
x-middleton-display: staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200

GET
H2 200 jquery-migrate.min.js Show response
www.ontaheen.com/wp-includes/js/jquery/ 13 KB
5 KB 46ms
44ms Script
text/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "3470-5f8170c7e75fc-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;70c947d3226267e6dc5bd7da0c32bf67;2-78764-70;b86fc3f3-4363-4ba4-4250-72dcdfb02bb7
content-type: text/javascript
x-middleton-display: staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200

GET
H2 200 advanced.min.js Show response
www.ontaheen.com/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
2 KB 131ms
129ms Script
text/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.42.0

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "1c67-5f80ce1650a51-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;ds;a613fdb5483ba7bdeb05e325b9bcdab9;2-78764-70;85ff987a-ba84-49b7-7fba-18894d62ebfe
content-type: text/javascript
x-middleton-display: staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200

GET
H2 200 responsive-menu.js Show response
www.ontaheen.com/wp-content/themes/education-pro/js/ 765 B
412 B 77ms
76ms Script
text/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-content/themes/education-pro/js/responsive-menu.js?ver=1.0.0

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

e6b9e2a111a02600e8e0f48610a521300d66431c4f907cdccc0b0fa162018c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
x-ezoic-cdn: Hit ds;dm;dafa1c73a8fb7cae0d3188aca710b747;2-78764-70;4f693d6d-6742-40fb-72b9-3a71c1dce183
x-middleton-display: staticcontent_sol
x-middleton-response: 200
content-length: 271
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "2fd-5613902c442c0-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
content-type: text/javascript
cache-control: public, max-age=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 158ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26742868-1

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdcd84ef9abe656811aa66823785421a2100f54ad8bcc992115ddf03f7233fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45118
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Apr 2023 04:13:55 GMT

GET
H2 200 consentsettings.js Show response
ezodn.com/detroitchicago/ 1 KB
1 KB 206ms
46ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/detroitchicago/consentsettings.js?cb=2
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 18:46:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8066578
etag: W/"5be-5f2158a5ae140;5f2158a5ae140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YS3U3vkVMuAxfxkBiMFFTKPO8E%2BCpwCRLX5%2BQpa5zRkB8zhTi9M67zj5xOV9XAJXANnl%2FZIYUfFd5t3YaYYzANt4uSDwbRyDULuwkF7jJBu7c5%2FsgCcG8CeQORbmLr%2B%2Bdc0AiZmPB7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7bc346d6ec7c9247-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cmp.js Show response
the.gatekeeperconsent.com/v2/ 343 KB
83 KB 76ms
41ms Script
text/javascript 2606:4700:3033::ac43:903e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=106
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c19defdafb93491774aa4bcf29d7400b143e45a8f68809ddbd99f80aa22f9dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 10 Apr 2023 14:49:11 GMT
server: cloudflare
age: 811728
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmGOLLvit3Q%2BkPMQrCj8P5PZ6ELKLQHah1855qFtrkr7BzYJHYC1FYy53gQlqitk8JnZ%2ByxMKWCFd2zK8JHhDn19qPypsnKzGHEOWVEbaSqLk2b3b9lRv4Fsh%2FGXoWBu6TAeQhDFIcbgF9Q6FQw30dBiO9QdL6vy"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7bc346d77f869b28-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 122ms
43ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2771
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7bc346d7cdc82c33-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Apr 2023 04:13:55 GMT

GET
H2 200 v.js Show response
g.ezodn.com/cmp/v2/ 5 KB
2 KB 55ms
37ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 19:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5125568
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tL1AHAaDI6CvCVQPoCjt4zmZfCVyTDnLsEC9n%2BdOXvj%2FdOb%2BQCCZbrVHA8%2BO3BVC5VlcDBYSoesFmJJ2WYE%2FnWAHfp84jGizbwkmv525hxBHW9E8%2FQMY%2FQtldUOCJaFmic04QCyW7HZPQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7bc346d76e1535e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 augusta.js Show response
www.ontaheen.com/detroitchicago/ 2 KB
990 B 33ms
31ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/augusta.js?cb=24
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 958

GET
H2 200 banger.js Show response
www.ontaheen.com/porpoiseant/ 55 KB
14 KB 39ms
38ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/porpoiseant/banger.js?cb=195-11&bv=214&v=74&PageSpeed=off
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 11be5f486e8b166c79f0583658abe2b896a56e0828d866a820273d48413f837d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 wp-emoji-release.min.js Show response
www.ontaheen.com/wp-includes/js/ 18 KB
5 KB 48ms
46ms Script
text/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontaheen.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "4904-5f8170c81f7d3-gzip-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;cb616ee5add9d2cb16f79d3ab23121d8;2-78764-70;0752a639-3f6d-466b-5bab-af5d5f1b55ce
content-type: text/javascript
x-middleton-display: staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200

GET
H2 200 cmbv2.js Show response
www.ontaheen.com/detroitchicago/ 76 KB
22 KB 47ms
45ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/cmbv2.js?gcb=195-11&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx23x25x26x27x33x3ax3bx61x68&abt=Banger
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 8fcc34d33dcbeba3c57bb8e04082dd96cd275fcaae549f99faf3ebd4f5ca7658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 113ms
36ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C700&ver=3.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ontaheen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:23:44 GMT
x-content-type-options: nosniff
age: 49811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 14:23:44 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 81ms
29ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C700&ver=3.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ontaheen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:49 GMT
x-content-type-options: nosniff
age: 16986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:30:49 GMT

GET
H2 200 Shab-E-Barat-2017-in-India-Sub-Continent-300x113.jpg
www.ontaheen.com/wp-content/uploads/2017/04/ 11 KB
11 KB 202ms
199ms Image
image/jpeg 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ontaheen.com/wp-content/uploads/2017/04/Shab-E-Barat-2017-in-India-Sub-Continent-300x113.jpg

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

62fb45036b10de1567a39bbc4c92926891a7d22219e37959caccc41d1763c0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "2ac9-54dad821a5cc0-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;ds;cdb4cb32ffb907988815d5d11cd2e30d;2-78764-70;9754a2fb-c824-4a80-661b-f14e52d4d377
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=15552000
x-middleton-response: 200

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 177ms
99ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4247924984838610&plah=www.ontaheen.com&bust=31074008

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e87d4d0759677029f1556b7ada9978cecb056c4fdbd2d5faebe21a57a5bf30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 5256784135778161416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 04:13:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 38C3 10 KB
5 KB 112ms
27ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ontaheen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 14:08:38 GMT
etag: 2378337311435320485
expires: Sat, 06 May 2023 14:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 kenai.js Show response
www.ontaheen.com/detroitchicago/ 3 KB
1 KB 34ms
32ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/kenai.js?gcb=11&cb=5
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1058

GET
H2 200 portland.js Show response
www.ontaheen.com/detroitchicago/ 29 KB
9 KB 36ms
34ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/portland.js?gcb=11&cb=2
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 Shab-E-Barat-2017-Images-300x113.jpg
www.ontaheen.com/wp-content/uploads/2017/05/ 9 KB
9 KB 307ms
302ms Image
image/jpeg 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ontaheen.com/wp-content/uploads/2017/05/Shab-E-Barat-2017-Images-300x113.jpg

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

127a2e2ac27d29886d48ece4edff32400aa6344ad973311446a3cd8cad4920c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "23cf-54f16b7053580-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;ds;ba17dfa50db3d41d82f5564184f0e998;2-78764-70;a34715b6-42ef-4a37-659a-87a9cddbd02a
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=15552000
x-middleton-response: 200

GET
H2 200 Essay-on-Dengue-300x134.jpg
www.ontaheen.com/wp-content/uploads/2018/12/ 10 KB
10 KB 218ms
213ms Image
image/jpeg 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ontaheen.com/wp-content/uploads/2018/12/Essay-on-Dengue-300x134.jpg

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

150aa45c5c7bab00b33b1cd4b146a0f3a36f942bf845da81828b267f37bd6b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "2668-57f6d4a674d00-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;ds;58d2a653b3242a5b2f379467164aa3c2;2-78764-70;56ffaf32-12fe-41e3-53de-e89d3e98c342
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=15552000
x-middleton-response: 200

GET
H2 200 Multinational-Companies-of--300x129.jpg
www.ontaheen.com/wp-content/uploads/2017/06/ 8 KB
8 KB 274ms
269ms Image
image/webp 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ontaheen.com/wp-content/uploads/2017/06/Multinational-Companies-of--300x129.jpg

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.39 (Ubuntu) /

Resource Hash

7a353bd40a09954080db80fb123370f8e171db10af39cb587449476f2117de1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 UTC
content-encoding: br
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: Apache/2.4.39 (Ubuntu)
strict-transport-security: max-age=15724800; includeSubDomains
display: staticcontent_sol
etag: "3142-5514fc735a080-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;ds;5b9b66d553d3b445e86f327177cbd840;2-78764-70;0a5b4178-47a0-4272-6d69-e613615a180f
content-type: image/webp
x-middleton-display: staticcontent_sol
cache-control: public, max-age=15552000
x-middleton-response: 200

GET
H2 200 ezoic.png
go.ezodn.com/utilcave_com/img/ 1 KB
2 KB 62ms
57ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
cf-cache-status: BYPASS
x-sol: middleton
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRqHqTaYIVCCIXigMWbL3kPUMXCPc9e%2FE618yFePQbSGK%2BfxfRjtlSFnZgqVBtb8EIfMdVtg8u3f2L7%2B2cmr2SiJgBqrzgVPIPdycUH1Evbnf0yHm0GZ389kISI6z%2BnFPdPyx8yzT4r7P2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7bc346d8aef335e1-FRA
expires: Sun, 30 Apr 2023 04:13:55 GMT

POST
H2 200 imp.gif
www.ontaheen.com/detroitchicago/ 43 B
315 B 219ms
218ms Ping
image/gif 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod46%22%2C%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C39%2C38%2C5%2C1%2C2%2C0%2C99%2C21%2C21%22%2C%22adx_ad_count%22%3A6%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A4%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A78764%2C%22domain_test_group%22%3A20230805%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22132%22%2C%22iab_category_1%22%3A%22146%22%2C%22iab_category_2%22%3A%22123%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1102%2C1106%2C1147%2C1170%2C1170%2C1181%2C1975%2C1976%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2213e4b83f-c70e-4cfd-514b-c95eaaf49f94%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A78927%2C%22response_time_orig%22%3A6%2C%22serverid%22%3A%22i-0d93b9c64c565e53b%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1102%2C1106%2C1147%2C1170%2C1170%2C1181%2C1975%2C1976%22%2C%22t_epoch%22%3A1682223235%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.ontaheen.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1568%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/detroitchicago/cmbv2.js?gcb=195-11&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx23x25x26x27x33x3ax3bx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:59 GMT
content-encoding: br
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.ontaheen.com
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type
content-length: 47
expires: Sat, 22 Apr 2023 04:13:59 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 cmbdv2.js Show response
www.ontaheen.com/detroitchicago/ 41 KB
10 KB 41ms
39ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/cmbdv2.js?gcb=195-11&cb=03-8y0c-6y1c-5y62-22&cmbcb=136&sj=x03x0cx1cx62&abt=Banger
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 75603b66859cad77ad1148f6e3454c0a50b9cdcf0319f2ecb34f58b8106ed9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/ 398 KB
124 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18008
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126571
x-xss-protection: 0
server: cafe
etag: 16530882680372410927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:13:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 892 B
412 B 129ms
67ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ontaheen.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edd0411505101c8e787c7094fd442727b2034a269b66fabe96a024ff251a0887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 387
x-xss-protection: 0
expires: Sun, 23 Apr 2023 04:13:56 GMT

GET
H2 200 sidebarwall.js Show response
www.ontaheen.com/detroitchicago/ 9 KB
3 KB 32ms
31ms Script
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/sidebarwall.js?gcb=11&cb=19
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 GVL.json Show response
gvl.gatekeeperconsent.com/gvlcache/ 410 KB
56 KB 122ms
51ms XHR
application/json 2606:4700:3033::ac43:903e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gvl.gatekeeperconsent.com/gvlcache/GVL.json?gvlSpecificationVersion=2&language=en&cmpv=2
Requested by: Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b1cde599e343e41f8db1e5e6bbaefe249c4b27c1b1cdd0d7b36e46314ae27c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
gvlcache-hit: true
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xecZ1yDEiyXlTf9IEFkS9AgwIV0D34CfoNcrLIbzARfDbretQCC3o3f2LJtya9RaIb2vxUrxmggmlOU4Jigs6LteW5jJDJac6oJhpwVCPvQFaWTKNNzgxkW4FygCkCFnLj1KuuVdufdEZg9xbKstXoh8waSzwXDU"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-ray: 7bc346d97fb19072-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 144ms
39ms Preflight
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=78764&bf=140&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://www.ontaheen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ontaheen.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7bc346d9fd8e2c6d-FRA
content-length: 0
content-type: application/json
date: Sun, 23 Apr 2023 04:13:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4ud%2Fvbz6%2B4X6gtHZNq4I1%2BkVj0ws%2Bmrlqt0I4QCNSguib4P8rTT4QnBE1Hn%2FbibtqahjDsVV1z%2FP1Bg9ZslKSG1hjHp3fZqMKgkL3jA1%2BMzkO7PWquqXdgaQyadfYtukNZLsmLIGGCPxWITojiL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 / Show response
basher.ezodn.com/ 2 KB
2 KB 35ms
34ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=78764&bf=140&dc=1254144
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/porpoiseant/banger.js?cb=195-11&bv=214&v=74&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110a853300e0e603cf341795e1e7728b1922ce1b1e60b5369539f16892181d4

Request headers

Referer: https://www.ontaheen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ontaheen.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqnPqw%2Bq6B%2FS1WLldvIufC6LYThLDrAaCMSkosBhgY%2B%2F5jZyLV7F6zSnSB5kKRo3VJ0ac2ENrEgSqucX4n0ZJa5D1pjImXz8J%2BQx72clm3CHc5vbmawRqVrj5rzYv0Kd5Bfup8ADJMlV8melPwys"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 7bc346da4dc82c6d-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ontaheen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 1f36a.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 125ms
30ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f36a.svg

Requested by

Host: www.ontaheen.com
URL: https://www.ontaheen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 23 Apr 2023 04:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 44ms
43ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2788
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7bc346d97f332c33-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Apr 2023 04:13:56 GMT

GET
H2 200 nmash.js
www.ontaheen.com/porpoiseant/ 21 KB
6 KB 33ms
32ms Other
application/javascript 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/porpoiseant/nmash.js?v=214
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 2a2aa47ff6ebbee8584b31c7175a0ab255e714ffe21090b28718d2d3ef24630e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=0, public
x-robots-tag: noindex

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 108ms
29ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26742868-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Apr 2023 02:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6371
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 23 Apr 2023 04:27:45 GMT

GET
H2 200 GVL.json Show response
gvl.gatekeeperconsent.com/gvlcache/ 31 KB
5 KB 51ms
49ms XHR
application/json 2606:4700:3033::ac43:903e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gvl.gatekeeperconsent.com/gvlcache/GVL.json?gvlSpecificationVersion=2&language=de&cmpv=2
Requested by: Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 707681e67d6f9a7480fee2a981f9bbe8d83bd4bddabec301429798e26755aa9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
gvlcache-hit: true
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOQbw9uN86MwRPfPu8pOYk1nH0ZUp1Re1h8KH6E6BjwSKwaGWtu8Vx%2BLd3IBdaLgyx163AvxyIBuA2zD6RY4BoZmSDiM%2BCo7kUn%2BYMtzok3YDppnB%2FSdoZWYPOhz5dD2anaL9pMaTbX3NeXeu%2F1g48rKEDRMphVB"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-ray: 7bc346da88549072-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 web Show response
onesignal.com/api/v1/sync/bad398ce-8760-4332-a8d8-4cc7a86c1a3e/ 3 KB
2 KB 120ms
109ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/bad398ce-8760-4332-a8d8-4cc7a86c1a3e/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90994c244e269429daeeb680b689c053072cb30b21d81923cc00f2d7cb4f3676

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a884f380-8f84-42ce-989c-cf30fa348b9b
x-runtime: 0.033849
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"90994c244e269429daeeb680b689c053"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7bc346dae8532c33-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 23 Apr 2023 05:13:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 37ms
36ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1939707383&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ontaheen.com%2F&ul=en-us&de=UTF-8&dt=Ontaheen%20%7C%20The%20Endless%20Journey%20Of%20Knowledge%20%26%20Enlightenment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=518200815&gjid=1769631751&cid=399440373.1682223236&tid=UA-26742868-1&_gid=408382851.1682223236&_r=1&gtm=457e34j0&jsscut=1&z=1349769727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ontaheen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 04:13:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ontaheen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
www.ontaheen.com/porpoiseant/ 0
23 B 31ms
30ms Ping
text/plain 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM1Mjg5MTg1OTkxODU1OCIsImRvbWFpbl9pZCI6Ijc4NzY0IiwidW5pdCI6ImRpdi1ncHQtYWQtb250YWhlZW5fY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgyMjIzMjM1LCJhZF9wb3NpdGlvbiI6MTE0NywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjEzZTRiODNmLWM3MGUtNGNmZC01MTRiLWM5NWVhYWY0OWY5NCIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjQ0In1dLCJpc19vcmlnIjowfV0=
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/detroitchicago/cmbv2.js?gcb=195-11&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx23x25x26x27x33x3ax3bx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.ontaheen.com
x-middleton-display: ezp_sol
date: Sun, 23 Apr 2023 04:13:59 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 22 Apr 2023 04:13:59 GMT

POST
H2 204 army.gif
www.ontaheen.com/porpoiseant/ 0
39 B 31ms
31ms Ping
text/plain 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM1Mjg5MTg1OTkxODU1OCIsImRvbWFpbl9pZCI6Ijc4NzY0IiwidW5pdCI6ImRpdi1ncHQtYWQtb250YWhlZW5fY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgyMjIzMjM1LCJhZF9wb3NpdGlvbiI6MTE0NywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjEzZTRiODNmLWM3MGUtNGNmZC01MTRiLWM5NWVhYWY0OWY5NCIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJhZHNlbnNldHlwZSIsInZhbCI6IjEifV0sImlzX29yaWciOjB9XQ==
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/detroitchicago/cmbv2.js?gcb=195-11&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx23x25x26x27x33x3ax3bx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.ontaheen.com
x-middleton-display: ezp_sol
date: Sun, 23 Apr 2023 04:13:56 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 22 Apr 2023 04:13:56 GMT

POST
H2 204 army.gif
www.ontaheen.com/porpoiseant/ 0
16 B 30ms
30ms Ping
text/plain 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjc2MTQ0NTE5NjY0MTMiLCJkb21haW5faWQiOiI3ODc2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLW9udGFoZWVuX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTY4MjIyMzIzNSwiYWRfcG9zaXRpb24iOjExMDYsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiIxM2U0YjgzZi1jNzBlLTRjZmQtNTE0Yi1jOTVlYWFmNDlmOTQiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiI0NCJ9XSwiaXNfb3JpZyI6MH1d
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/detroitchicago/cmbv2.js?gcb=195-11&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx23x25x26x27x33x3ax3bx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.ontaheen.com
x-middleton-display: ezp_sol
date: Sun, 23 Apr 2023 04:13:56 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 22 Apr 2023 04:13:56 GMT

POST
H2 204 army.gif
www.ontaheen.com/porpoiseant/ 0
62 B 31ms
30ms Ping
text/plain 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjc2MTQ0NTE5NjY0MTMiLCJkb21haW5faWQiOiI3ODc2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLW9udGFoZWVuX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTY4MjIyMzIzNSwiYWRfcG9zaXRpb24iOjExMDYsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiIxM2U0YjgzZi1jNzBlLTRjZmQtNTE0Yi1jOTVlYWFmNDlmOTQiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoiYWRzZW5zZXR5cGUiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjowfV0=
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/detroitchicago/cmbv2.js?gcb=195-11&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx23x25x26x27x33x3ax3bx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.ontaheen.com
x-middleton-display: ezp_sol
date: Sun, 23 Apr 2023 04:13:55 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 22 Apr 2023 04:13:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 120ms
39ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26742868-1&cid=399440373.1682223236&jid=518200815&gjid=1769631751&_gid=408382851.1682223236&_u=YEBAAUAAAAAAACAAI~&z=1349401167

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ontaheen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 23 Apr 2023 04:13:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ontaheen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 greenoaks.gif
www.ontaheen.com/detroitchicago/ 0
16 B 32ms
30ms Ping
text/plain 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontaheen.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxM2U0YjgzZi1jNzBlLTRjZmQtNTE0Yi1jOTVlYWFmNDlmOTQiLCJkb21haW5faWQiOiI3ODc2NCIsInRfZXBvY2giOjE2ODIyMjMyMzUsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxM2U0YjgzZi1jNzBlLTRjZmQtNTE0Yi1jOTVlYWFmNDlmOTQiLCJkb21haW5faWQiOiI3ODc2NCIsInRfZXBvY2giOjE2ODIyMjMyMzUsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA0LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxM2U0YjgzZi1jNzBlLTRjZmQtNTE0Yi1jOTVlYWFmNDlmOTQiLCJkb21haW5faWQiOiI3ODc2NCIsInRfZXBvY2giOjE2ODIyMjMyMzUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjEzZTRiODNmLWM3MGUtNGNmZC01MTRiLWM5NWVhYWY0OWY5NCIsImRvbWFpbl9pZCI6Ijc4NzY0IiwidF9lcG9jaCI6MTY4MjIyMzIzNSwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3ByaW1hcnlfc3VidGFnIiwidmFsIjoiZW4ifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxM2U0YjgzZi1jNzBlLTRjZmQtNTE0Yi1jOTVlYWFmNDlmOTQiLCJkb21haW5faWQiOiI3ODc2NCIsInRfZXBvY2giOjE2ODIyMjMyMzUsImRhdGEiOlt7Im5hbWUiOiJpc19hZF9ibG9ja2VkIiwidmFsIjoiZmFsc2UifV19XQ==
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/detroitchicago/cmbv2.js?gcb=195-11&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx23x25x26x27x33x3ax3bx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.ontaheen.com
x-middleton-display: ezp_sol
date: Sun, 23 Apr 2023 04:13:59 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 22 Apr 2023 04:13:59 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/ 18 KB
6 KB 120ms
35ms Script
text/javascript 65.9.66.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Requested by: Host: www.ontaheen.com
URL: https://www.ontaheen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-74.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: SHNpl_8wt2p1PJfKLDG5Nc7BxQDTckiK
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
date: Sun, 23 Apr 2023 03:56:08 GMT
last-modified: Wed, 19 Oct 2022 18:09:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2476
x-amz-server-side-encryption: AES256
etag: W/"32d4340999995f7e75434869149ee50c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: sK6YRAUVee6yJ_9CVcf-IIGzTLGlce3MvIlRKlDIRSDO3lB0bsMISw==

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 44ms
44ms Stylesheet
text/css 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2767
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7bc346dbcc582c39-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 23 May 2023 04:13:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 110ms
41ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26742868-1&cid=399440373.1682223236&jid=518200815&_u=YEBAAUAAAAAAACAAI~&z=655353148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 04:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 108ms
40ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26742868-1&cid=399440373.1682223236&jid=518200815&_u=YEBAAUAAAAAAACAAI~&z=655353148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 04:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/bad398ce-8760-4332-a8d8-4cc7a86c1a3e/ 44 B
723 B 100ms
65ms Fetch
application/json 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/bad398ce-8760-4332-a8d8-4cc7a86c1a3e/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
x-request-id: 15f9461b-72e4-4922-8bad-9a777e0ccc6e
x-runtime: 0.012549
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e51140cdcd044ad76335646936ec5319"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
cf-ray: 7bc346dc680f9025-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
962 B 423ms
339ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 20f3a2f9-99c2-4b74-b48a-c9cc4c56586e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: D0CEzG2hCYcFrOQ=
content-length: 555
x-amz-cf-id: LouptDL6kSEpwfmQxVadYBM8ZTRhTKzzmt5J17fCzMUyH748ooeEKQ==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 22 KB
7 KB 120ms
35ms Script
application/javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding: gzip
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date: Sun, 23 Apr 2023 01:28:09 GMT
last-modified: Wed, 01 Mar 2023 12:13:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 9948
x-amz-server-side-encryption: AES256
etag: W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: vO3R9-6vxGRZLcpXcaLxBKcl2hZj3q_fXbqcwzsUL7xWgW2gbBI-8g==

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
960 B 296ms
295ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:56 GMT
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 20f3a2f9-99c2-4b74-b48a-c9cc4c56586e
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: D0CEzG2hCYcFrOQ=
content-length: 555
x-amz-cf-id: VgHGn2qbKBwz1LGBBWIickILb2r9JrV7b0b6haAXxLdonRPyJXn38w==

GET
H2 200 si
capi.connatix.com/tr/ 0
330 B 250ms
166ms Image
application/json 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7bc346ec2f2b3680-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/260105/ Frame A353
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
https://cds.connatix.com/p/260105/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1

1 MB
265 KB

72ms
49ms

Script
application/javascript

172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/260105/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Protocol: H2
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16a1376cb39b9da4b72cdea1a1a1be37392f99470be8707d56308c543aa3c8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:59 GMT
x-amz-version-id: fFknL.ZmjSrWjp6lFWzS83niIM7IE8pN
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:42 GMT
server: cloudflare
etag: W/"bce81d579dfc8dc1f25cb99d9df3c129"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7bc346ed4d9f993f-FRA
access-control-allow-headers: range
expires: Mon, 22 Apr 2024 04:13:59 GMT

Redirect headers

date: Sun, 23 Apr 2023 04:13:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/260105/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7bc346ec2ced993f-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 player.css
cds.connatix.com/p/260105/ 64 KB
11 KB 40ms
39ms Stylesheet
text/css 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/260105/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d83f396e908e3ab04c6a2d9efd5d40b64f68e888f7607388cf6511a25bf202ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:59 GMT
x-amz-version-id: oKF9BLy0ePUBGTvgQHp41EHMn5q.d7fs
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:42 GMT
server: cloudflare
etag: W/"b6b96520045e8018fd9557d258a3b296"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7bc346ee9e85993f-FRA
access-control-allow-headers: range
expires: Mon, 22 Apr 2024 04:13:59 GMT

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame A353 10 KB
4 KB 192ms
191ms XHR
application/x-protobuf 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=260105&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab4bb53fab4e49489f056f845300d876fd0728983be9bfcc541aa7aa2f708416

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 23 Apr 2023 04:13:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.ontaheen.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7bc346eee9193680-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST sr
capi.connatix.com/tr/ Frame A353 0
0

GET
H/1.1 200
OK analytics.js Show response
s.srvsynd.com/2/234175/ 6 KB
3 KB 258ms
52ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=980366428450022&ti=x1974997695006582111387826782208&de=2&to=3&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f51f2df9087bcc926d6f910acd34c5bf21319dcfc71a72897e00f161c5832315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Apr 2023 04:13:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2839
Expires: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
24 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27aaeacc5fc28e5fc1f2031f58ae2ce3b4ed50a03e5a67c6c77fe53643bf99db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ontaheen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 04:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25054
x-xss-protection: 0
server: cafe
etag: 99 / 19470 / m202304180101 / config-hash: 6342739278968460252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 04:13:59 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A353 0
0

GET elements.ui.b5b880a7c49b61bad744.js
cds.connatix.com/p/260105/ Frame A353 0
0

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/ 0
145 B 205ms
50ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/postback?oz_pl=1&di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&sr=connatix.com&pp=980366428450022&de=2&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928&ci=234175&dt=2341751597675869250012&md=2&ap=undefined&ti=x1974997695006582111387826782208&to=3&psv=2.91.0&_x=1
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=980366428450022&ti=x1974997695006582111387826782208&de=2&to=3&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 23 Apr 2023 04:13:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.srvsynd.com/2/2.91.0/ 171 KB
54 KB 51ms
51ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.srvsynd.com/2/2.91.0/main.js

Requested by

Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=980366428450022&ti=x1974997695006582111387826782208&de=2&to=3&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

92ae4e84bc78354fa23b9f0a45989817fe6a2242af3be667e0b9907903e568b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 04:13:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 55047
Expires: Wed, 30 Dec 2054 04:53:40 GMT

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/ 0
145 B 54ms
50ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/postback?oz_pl=1&di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&sr=connatix.com&pp=980366428450022&de=2&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928&ci=234175&dt=2341751597675869250012&md=2&ap=undefined&ti=x1974997695006582111387826782208&to=3&psv=2.91.0&_x=1
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=980366428450022&ti=x1974997695006582111387826782208&de=2&to=3&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 23 Apr 2023 04:13:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/ 0
145 B 95ms
50ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/postback?di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&sr=connatix.com&pp=980366428450022&de=2&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928&ci=234175&dt=2341751597675869250012&md=2&ap=undefined&ti=x1974997695006582111387826782208&to=3&sid=AfSnyR0DEAGyBqEW&oz_sc=23124ae63332eed2f9117d58&oz_df=1682223240195&oz_l=116&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 23 Apr 2023 04:13:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 9fecfc9f-a8cc-4694-b639-4883240fe696
https://www.ontaheen.com/ Frame 9826 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ontaheen.com/9fecfc9f-a8cc-4694-b639-4883240fe696
Requested by: Host: blank
URL: about:blank
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/ 0
145 B 51ms
50ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.91.0/234175/AfSnyR0DEAGyBqEW/postback?di=www.ontaheen.com&ui=00000000-0000-0000-0000-000000000000&sr=connatix.com&pp=980366428450022&de=2&pv=65f56ec5-ebeb-4945-93f1-586c1ddd8928&ci=234175&dt=2341751597675869250012&md=2&ap=undefined&ti=x1974997695006582111387826782208&to=3&sid=AfSnyR0DEAGyBqEW&oz_sc=23124ae63332eed2f9117d58&oz_df=1682223240379&oz_l=5464&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 23 Apr 2023 04:14:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/sr?v=260105&tier=2

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/260105/elements.ui.b5b880a7c49b61bad744.js

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ontaheen.com/	1970-01-20 20:04:05	Name: ezCMPCCS Value: false
.ontaheen.com/	1970-01-20 11:17:05	Name: ezoadgid_78764 Value: -1
.ontaheen.com/	1970-01-20 11:17:10	Name: ezoref_78764 Value:
.ontaheen.com/	1970-01-20 20:02:39	Name: ezosuibasgeneris-1 Value: 189a403a-17e6-449f-7edb-bdb975dc184b
.ontaheen.com/	1970-01-20 11:17:10	Name: ezoab_78764 Value: mod46
.ontaheen.com/	1970-01-20 11:19:56	Name: active_template::78764 Value: pub_site.1682223235
.ontaheen.com/	1970-01-20 11:17:10	Name: ezovab_78764 Value: vmod1-c
.ontaheen.com/	1970-01-20 11:17:05	Name: ezopvc_78764 Value: 1
.ontaheen.com/	1970-01-20 11:18:29	Name: ezepvv Value: 21
.ontaheen.com/	1970-01-20 11:17:05	Name: ezovid_78764 Value: 1437270717
.ontaheen.com/	1970-01-20 11:17:05	Name: lp_78764 Value: https://www.ontaheen.com/
.ontaheen.com/	1970-01-20 11:19:56	Name: ezovuuidtime_78764 Value: 1682223235
.ontaheen.com/	1970-01-20 11:17:05	Name: ezovuuid_78764 Value: 5aa38c13-0716-42f4-4e74-93dcfaa0016a
.onesignal.com/	1970-01-20 11:17:05	Name: __cf_bm Value: pq3vddx3or3_..d3GnYtAEt3d.ogyoDFBM3ftUPCGSk-1682223235-0-AbrDyh0TncTSopbzIgny5Kv1qDhMb9N/ubThd3gfrsS8YKOWkPJs8NiKe2RKvcAdWGiZh/9agrNAlMxkkvgr85Q=
www.ontaheen.com/	1970-01-20 20:53:03	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.ontaheen.com/	1970-01-20 20:53:03	Name: ezohw Value: w%3D1600%2Ch%3D1200
www.ontaheen.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
www.ontaheen.com/	1969-12-31 23:59:59	Name: ezouspva Value: 0
.ontaheen.com/	1970-01-20 20:53:03	Name: _ga Value: GA1.2.399440373.1682223236
.ontaheen.com/	1970-01-20 11:18:29	Name: _gid Value: GA1.2.408382851.1682223236
.ontaheen.com/	1970-01-20 11:17:03	Name: _gat_gtag_UA_26742868_1 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://www.ontaheen.com/9fecfc9f-a8cc-4694-b639-4883240fe696 Message: Mixed Content: The page at 'blob:https://www.ontaheen.com/9fecfc9f-a8cc-4694-b639-4883240fe696' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.ontaheen.com/9fecfc9f-a8cc-4694-b639-4883240fe696 Message: Mixed Content: The page at 'blob:https://www.ontaheen.com/9fecfc9f-a8cc-4694-b639-4883240fe696' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

basher.ezodn.com
capi.connatix.com
cd.connatix.com
cdn.onesignal.com
cds.connatix.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
get.s-onetag.com
go.ezodn.com
googleads.g.doubleclick.net
gvl.gatekeeperconsent.com
imasdk.googleapis.com
onesignal.com
onetag-geo.s-onetag.com
ontaheen.com
pagead2.googlesyndication.com
privacy.gatekeeperconsent.com
s.srvsynd.com
s.w.org
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
stats.g.doubleclick.net
the.gatekeeperconsent.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ontaheen.com
capi.connatix.com
cds.connatix.com
imasdk.googleapis.com
143.204.89.104
172.64.154.204
18.66.112.41
192.0.77.48
2001:4860:4802:36::178
2606:4700:3033::ac43:903e
2606:4700::6812:d63b
2606:4700::6812:d73b
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9b
2a05:d014:776:a63e:931e:6ac2:944b:f27e
2a06:98c1:3120::3
2a06:98c1:3121::3
34.251.154.165
65.9.66.74
11be5f486e8b166c79f0583658abe2b896a56e0828d866a820273d48413f837d
127a2e2ac27d29886d48ece4edff32400aa6344ad973311446a3cd8cad4920c3
150aa45c5c7bab00b33b1cd4b146a0f3a36f942bf845da81828b267f37bd6b70
16a1376cb39b9da4b72cdea1a1a1be37392f99470be8707d56308c543aa3c8c3
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875
1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2
27aaeacc5fc28e5fc1f2031f58ae2ce3b4ed50a03e5a67c6c77fe53643bf99db
2a2aa47ff6ebbee8584b31c7175a0ab255e714ffe21090b28718d2d3ef24630e
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3f82ef6e989e2be8a61a5472ea39e03b4d477bd073f96172eba6ec0d4599f154
4c4ec7630516b8e2b5f02caf191d0bf0376ca7f87c19800c7c6201c9aa019c33
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
62fb45036b10de1567a39bbc4c92926891a7d22219e37959caccc41d1763c0f5
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6c19defdafb93491774aa4bcf29d7400b143e45a8f68809ddbd99f80aa22f9dc
707681e67d6f9a7480fee2a981f9bbe8d83bd4bddabec301429798e26755aa9e
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
75603b66859cad77ad1148f6e3454c0a50b9cdcf0319f2ecb34f58b8106ed9e8
7a353bd40a09954080db80fb123370f8e171db10af39cb587449476f2117de1d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e87d4d0759677029f1556b7ada9978cecb056c4fdbd2d5faebe21a57a5bf30
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
8fcc34d33dcbeba3c57bb8e04082dd96cd275fcaae549f99faf3ebd4f5ca7658
90994c244e269429daeeb680b689c053072cb30b21d81923cc00f2d7cb4f3676
9110a853300e0e603cf341795e1e7728b1922ce1b1e60b5369539f16892181d4
91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731
92ae4e84bc78354fa23b9f0a45989817fe6a2242af3be667e0b9907903e568b7
93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
ab4bb53fab4e49489f056f845300d876fd0728983be9bfcc541aa7aa2f708416
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1b1cde599e343e41f8db1e5e6bbaefe249c4b27c1b1cdd0d7b36e46314ae27c
bdcd84ef9abe656811aa66823785421a2100f54ad8bcc992115ddf03f7233fc0
c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d3172d43a26974589f4c0ac2403fee49c9fc6b913b492206a3233a927ca99986
d3cf49f2064d079c020ee185c09c6f7af5b5f268030a59edc4b5c46ed08bc312
d83f396e908e3ab04c6a2d9efd5d40b64f68e888f7607388cf6511a25bf202ba
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e6b9e2a111a02600e8e0f48610a521300d66431c4f907cdccc0b0fa162018c14
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b4571947b0834f44ef4108ce95f863b7611b94754871aae2ef5f8ef0743de4
edd0411505101c8e787c7094fd442727b2034a269b66fabe96a024ff251a0887
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f51f2df9087bcc926d6f910acd34c5bf21319dcfc71a72897e00f161c5832315

www.ontaheen.com Open in urlscan Pro 2a05:d014:776:a63e:931e:6ac2:944b:f27e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

94 %HTTPS

73 %IPv6

16 Domains

30 Subdomains

23 IPs

4 Countries

1465 kBTransfer

5185 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ontaheen.com Open in urlscan Pro
2a05:d014:776:a63e:931e:6ac2:944b:f27e Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

94 %
HTTPS

73 %
IPv6

16
Domains

30
Subdomains

23
IPs

4
Countries

1465 kB
Transfer

5185 kB
Size

21
Cookies

80 HTTP transactions
2 data transactions