pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Submission: On June 26 via api (June 26th 2023, 11:11:19 pm UTC) from US — Scanned from DE

Summary HTTP 385 Redirects Behaviour Indicators

Summary

This website contacted 71 IPs in 12 countries across 52 domains to perform 385 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
39	185.102.219.172 185.102.219.172	60068 (CDN77 ^_^) (CDN77 ^_^)
17	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
13	2606:4700:10:... 2606:4700:10::6814:e25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3	34.117.159.110 34.117.159.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6814:f25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4 6	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
4	34.111.136.72 34.111.136.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	2a02:26f0:170... 2a02:26f0:1700:890::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
8	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
55	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
13 29	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 7	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
6	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
19	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4 6	3.122.77.224 3.122.77.224	16509 (AMAZON-02) (AMAZON-02)
1	54.92.8.61 54.92.8.61	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	172.105.221.240 172.105.221.240	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2600:9000:245... 2600:9000:2450:ae00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.196.130.47 18.196.130.47	16509 (AMAZON-02) (AMAZON-02)
2 3	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
3 3	44.195.215.121 44.195.215.121	14618 (AMAZON-AES) (AMAZON-AES)
2	141.101.90.98 141.101.90.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.235.215.224 34.235.215.224	14618 (AMAZON-AES) (AMAZON-AES)
1 1	124.146.215.42 124.146.215.42	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3605:c153:9878:d174:5b1b	16509 (AMAZON-02) (AMAZON-02)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	35.157.179.180 35.157.179.180	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.226.224.32 141.226.224.32	() ()
1	18.196.91.239 18.196.91.239	16509 (AMAZON-02) (AMAZON-02)
385	71

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com

onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-s3.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-s1.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6814:e25 (United States)

ASN13335 (CLOUDFLARENET, US)

srv-cdn.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-onedio-production.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.159.110 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.159.117.34.bc.googleusercontent.com

event-collector.analytics.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:f25 (United States)

ASN13335 (CLOUDFLARENET, US)

services.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.136.72 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.136.111.34.bc.googleusercontent.com

recommendation-api.analytics.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:890::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.186.34 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.85 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.122.77.224 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-77-224.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.92.8.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-8-61.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.221.240 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2450:ae00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.130.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-130-47.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.195.215.121 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-215-121.compute-1.amazonaws.com

dc.arrivalist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.215.224 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-215-224.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.42 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:c153:9878:d174:5b1b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.179.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com

tpx.tesseradigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.91.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-91-239.eu-central-1.compute.amazonaws.com

fd.tesseradigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 pagead2.googlesyndication.com — Cisco Umbrella Rank: 133	461 KB
60	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359 ad.doubleclick.net — Cisco Umbrella Rank: 184	350 KB
60	onedio.com onedio.com — Cisco Umbrella Rank: 62009 static.onedio.com — Cisco Umbrella Rank: 294241 img-s3.onedio.com — Cisco Umbrella Rank: 273850 srv-cdn.onedio.com — Cisco Umbrella Rank: 300979 img-s1.onedio.com — Cisco Umbrella Rank: 181318 event-collector.analytics.onedio.com — Cisco Umbrella Rank: 330165 services.onedio.com — Cisco Umbrella Rank: 300404 recommendation-api.analytics.onedio.com — Cisco Umbrella Rank: 326794 api-onedio-production.onedio.com — Cisco Umbrella Rank: 291733	1 MB
44	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 949 pm-widget.taboola.com — Cisco Umbrella Rank: 4879 trc.taboola.com — Cisco Umbrella Rank: 650 vidstat.taboola.com — Cisco Umbrella Rank: 2894 am-trc-events.taboola.com — Cisco Umbrella Rank: 12637 images.taboola.com — Cisco Umbrella Rank: 2011 imprammp.taboola.com — Cisco Umbrella Rank: 12368 am-vid-events.taboola.com — Cisco Umbrella Rank: 11638 am-match.taboola.com — Cisco Umbrella Rank: 12411 wf.taboola.com — Cisco Umbrella Rank: 2926 vidstatb.taboola.com — Cisco Umbrella Rank: 5236 pips.taboola.com — Cisco Umbrella Rank: 1621 cds.taboola.com	3 MB
21	adform.net 4 redirects dmp.adform.net — Cisco Umbrella Rank: 3522 s2.adform.net — Cisco Umbrella Rank: 6490 adx.adform.net — Cisco Umbrella Rank: 4222 track.adform.net — Cisco Umbrella Rank: 3621 s1.adform.net — Cisco Umbrella Rank: 7783 c1.adform.net — Cisco Umbrella Rank: 635	233 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	688 KB
17	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 407 dis.criteo.com — Cisco Umbrella Rank: 601 mug.criteo.com — Cisco Umbrella Rank: 2114	10 KB
10	teads.tv a.teads.tv — Cisco Umbrella Rank: 1495 s8t.teads.tv — Cisco Umbrella Rank: 5725 t.teads.tv — Cisco Umbrella Rank: 2597 sync.teads.tv — Cisco Umbrella Rank: 1404	138 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	6 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	8 KB
7	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 2322 adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
6	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	251 KB
5	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	42 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1039 r.turn.com — Cisco Umbrella Rank: 3929	2 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 785	2 KB
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6707	689 B
4	windows.net pcloak.blob.core.windows.net	3 KB
3	tesseradigital.com tpx.tesseradigital.com — Cisco Umbrella Rank: 219999 fd.tesseradigital.com — Cisco Umbrella Rank: 232593	27 KB
3	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 639 token.rubiconproject.com — Cisco Umbrella Rank: 656	11 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	793 B
3	arrivalist.com 3 redirects dc.arrivalist.com — Cisco Umbrella Rank: 6599	2 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5036	953 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	284 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	228 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 874	489 B
2	o2online.de portal.o2online.de — Cisco Umbrella Rank: 67590	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 492	418 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	133 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	22 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 434	1 KB
2	cloakan.co www.cloakan.co	773 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1091	1017 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5707	612 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2376	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 976	714 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	104 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1493	63 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 572	364 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 805	438 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 9107	233 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 16506	594 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	583 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 8176	44 B
1	gstatic.com fonts.gstatic.com	48 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 52867	364 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1117	397 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1129	65 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	1 KB
385	52

	Domain	Requested by
55	pagead2.googlesyndication.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net s0.2mdn.net onedio.com www.googletagservices.com pcloak.blob.core.windows.net
31	onedio.com	www.cloakan.co onedio.com
29	cm.g.doubleclick.net	13 redirects googleads.g.doubleclick.net 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com onedio.com
25	tpc.googlesyndication.com	onedio.com 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net pcloak.blob.core.windows.net tpc.googlesyndication.com ad.doubleclick.net s0.2mdn.net securepubads.g.doubleclick.net
19	s0.2mdn.net	pcloak.blob.core.windows.net s0.2mdn.net 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com onedio.com
14	cdn.taboola.com	onedio.com cdn.taboola.com
12	bidder.criteo.com	onedio.com static.criteo.net
11	securepubads.g.doubleclick.net	onedio.com securepubads.g.doubleclick.net
10	images.taboola.com	onedio.com
9	googleads.g.doubleclick.net	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com pagead2.googlesyndication.com onedio.com
9	srv-cdn.onedio.com	onedio.com
8	googleads4.g.doubleclick.net	googleads.g.doubleclick.net pcloak.blob.core.windows.net ad.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
6	x.bidswitch.net	4 redirects imprammp.taboola.com am-match.taboola.com
6	s1.adform.net	track.adform.net s1.adform.net pcloak.blob.core.windows.net onedio.com
6	www.googletagservices.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	static.onedio.com	onedio.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	static.criteo.net	onedio.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	1 redirects 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com tpc.googlesyndication.com
4	track.adform.net	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com s1.adform.net
4	adx.adform.net	onedio.com
4	prebid-eu.creativecdn.com	onedio.com
4	api-onedio-production.onedio.com	onedio.com
4	recommendation-api.analytics.onedio.com	onedio.com
4	dmp.adform.net	2 redirects onedio.com
4	a.teads.tv	onedio.com a.teads.tv
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	dc.arrivalist.com	3 redirects
3	ad.doubleclick.net	2 redirects www.googletagservices.com
3	an.yandex.ru	2 redirects onedio.com
3	www.facebook.com	onedio.com
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	t.teads.tv	onedio.com
3	event-collector.analytics.onedio.com	onedio.com
3	www.googletagmanager.com	onedio.com www.googletagmanager.com
2	tpx.tesseradigital.com	www.googletagmanager.com pcloak.blob.core.windows.net
2	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
2	am-match.taboola.com	vidstat.taboola.com
2	onetag-sys.com	1 redirects 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
2	am-vid-events.taboola.com	onedio.com
2	portal.o2online.de	onedio.com s0.2mdn.net
2	r.turn.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	c1.adform.net	2 redirects
2	am-trc-events.taboola.com	onedio.com
2	trc.taboola.com	onedio.com
2	ups.analytics.yahoo.com	googleads.g.doubleclick.net 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net cdn.taboola.com
2	adservice.google.com	securepubads.g.doubleclick.net 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	connect.facebook.net	pcloak.blob.core.windows.net connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	id5-sync.com	onedio.com
2	www.cloakan.co	pcloak.blob.core.windows.net
1	fd.tesseradigital.com	tpx.tesseradigital.com
1	cds.taboola.com	onedio.com
1	pips.taboola.com	onedio.com
1	mug.criteo.com	pcloak.blob.core.windows.net
1	vidstatb.taboola.com	onedio.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	wf.taboola.com	onedio.com
1	tg.socdm.com	1 redirects
1	fksnk.com	1 redirects
1	tr.blismedia.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
1	code.createjs.com	s1.adform.net
1	imprammp.taboola.com	vidstat.taboola.com
1	match.sharethrough.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	dsp.adkernel.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
1	dis.criteo.com	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
1	a.c.appier.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cc.adingo.jp	697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ampcid.google.de	onedio.com
1	ampcid.google.com	onedio.com
1	s8t.teads.tv	onedio.com
1	lb.eu-1-id5-sync.com	onedio.com
1	s2.adform.net	onedio.com
1	www.googleoptimize.com	www.googletagmanager.com
1	cdn.jsdelivr.net	onedio.com
1	services.onedio.com	onedio.com
1	img-s1.onedio.com	onedio.com
1	img-s3.onedio.com	onedio.com
385	95

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
*.onedio.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-29` - `2023-09-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
srv-cdn.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
event-collector.analytics.onedio.com GTS CA 1D4	`2023-05-31` - `2023-08-29`	3 months	crt.sh
services.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
recommendation-api.analytics.onedio.com GTS CA 1D4	`2023-06-11` - `2023-09-09`	3 months	crt.sh
api-onedio-production.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-05` - `2023-07-04`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
portal.o2online.de E1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
tpx.tesseradigital.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
fd.tesseradigital.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Frame ID: 517A2856E70F2838F06B60A6609F3C18
Requests: 6 HTTP requests in this frame

Frame: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Frame ID: F2C86E6DCF6FB5466ADD5E8F99D58A55
Requests: 172 HTTP requests in this frame

Frame: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 097F480CC3EE932949931C18AC4C05D7
Requests: 1 HTTP requests in this frame

Frame: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5CD29EDD8151E03FF09C8147CF50D093
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: 6E06675B78055B8E57F4ECB1F4C26A34
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY54aR6QEwAQ&v=APEucNWVZbORZb3WLkOk5oveETzCkRRFp0lQhXMIIioqwCESnUCDW8lruitCYGeBeR-bs_Nmh1PMhYM0yxv-1sgtYOLg7ueI1zm7gCHo2RPj1_VZ8X5ajxVPP5TBLGa8CUvI2iYhrroyooecI74K4fW6pr50NQktLnCIr6PHsJTNOy_nM-W1Nrpl8tg8WhesdObirlAkq8lUoF5CFOAFQckbnveshY1pFw
Frame ID: D128B90C7445160E059E1239C1E0C1CE
Requests: 5 HTTP requests in this frame

Frame: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 922E3F10A11CD0127DA2C19CE962878F
Requests: 19 HTTP requests in this frame

Frame: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7F10C98F4DE732123BEFA4F927F6B2CB
Requests: 19 HTTP requests in this frame

Frame: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 85DABAD57C8BE83C59B8B441F570139F
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXgYYpsiInqXjuZs1VF573l5XNOFBNU2HgXwp3V5EtYE-ay7z0qYNuWgH76Uo_LwRKmkzXyVi2Ek9XcLqbvGCms8tuRq3h49FhLEt1RWMRk1GSX4yOSLhBnTTATavwl5V3QId1dSl4pDxaujfuZhaWsV4GKS_dz1P-amM5LKehfZsdETnVkTFqxpiT0wzgePYW_C4stqhuoFdk6vYjsDTfVyGINoA
Frame ID: 36395C196E6B796A8EE72BB98A4FEC5C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW0LjoRNL6PJyChO09bzfjlRkyii7_QfymhuG5Ds9RYoz1M6KU27RfSw5Uzp2owjs3FfTckVX2EZ7iT3n3IZruHgeH-9zyBd2E0k0npAgtRggmMue-ARTQYxzbBwuqPb-NlKAF7bFKcpWuwCIc4nDxI8AzT3YUWiHRbSoZBABmjRNV-QUiyQanGCj_HbSnYdgcIb_Q-NiQviZ-xvoyEqe11BUiG2Q
Frame ID: 7DA675DD9B36D7AD4B6BBC6F52F8FDD4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CELD8y-QCGKW_qukBMAE&v=APEucNWkWhVfG2Mb2qGXrAOZwogsxxhRoGYqlavdNVN0vPvoyRMMhQRL4s6UtKlIC5uNboGiZ6LRVsiFefNZ4IIaBOWmXqhv2McBS-XiwfwfM4K78A7kRWMVDP7Ks6gQJZDHWfA1iqE8SnFJNMtZRyXY_Y8sCAVM92PxHStDGaAKjBSviK4UPCzh3p_3AopV1-EZiNJa1f34SLpiNXLO3PVGhca5eN9qVA
Frame ID: 74FC428BB39DC42F399E6B8FEA78AB90
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 97108DC3D286331FF39BADD057F294EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8047502123D85907DD94D784881280BC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 504C0A5A08BE2DBE55066540AB68AD7C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 534857DA3F915FE966B4DBE9E159974A
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
Frame ID: F71C1A91CBE687587C6AF7AFD0AD6047
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 298D6BCE01FD246BF6544AB5FD1F16AE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
Frame ID: AB1268F7B58A81295DDC6B431B71CB4D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B49690ABACC2DE2794BC4733211764C5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8A7F06E1AE81D284F2DE041EB7DE744
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2105327/12566611/12566611.js?ADFassetID=12566611&bv=257
Frame ID: 43C3548FA9473EDF82ABCF33A9F09098
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1687821076504&uv=3290&tms=1687821076504&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm_vD!ul137296-322_vB&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=763b25de-b228-4172-87f8-9afa2104a7fb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 006926C09926D66A3BE28D9DDAD31A2E
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F51DBF54F4BE610BD1A9A10863CE829C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6DEAF3F554F4870DE38F528CB98E1A1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 77F99144DA2C1F0D9BE061E1F96B8374
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
Frame ID: 566F68A8B02B5FCC5DF8E21B4138C341
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
Frame ID: 3E9BE9C603A2449DF160AA3B5A5706B6
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: EFD42B3E5348A674CD998D169F9F990D
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 0EBC4B3D7AE2FAFBE8A56E95B7EA6C13
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DFFBC6EA16016C9BEAB6EDC73A3A1124
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 775967E9AFB8C7A6BAFBD3CCB304D34D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

385
Requests

92 %
HTTPS

40 %
IPv6

52
Domains

95
Subdomains

71
IPs

12
Countries

7144 kB
Transfer

16474 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://dmp.adform.net/dmp/profile/?pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1687821073675 HTTP 302
https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1687821073675

Request Chain 74

https://dmp.adform.net/audiencetag/adformat.js HTTP 301
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJobExSXFwgZ78erpnNvuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

Request Chain 192

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJobExSXFwgZ78erpnNvuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1

Request Chain 194

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVpS8HOoi8Z-ARZA3ePvA8&google_cver=1

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEL7xz8tjieBllGWzmN8jPkI&google_cver=1

Request Chain 202

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFWbI44SjIKdmoRRfQSLSGs&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFWbI44SjIKdmoRRfQSLSGs&google_cver=1&__user_check__=1&sync_id=bffd381b-1476-11ee-b31c-1ce730eb0306

Request Chain 206

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=bff3e35d-1476-11ee-b233-19da87bf0206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmZmZDM3ZTEtMTQ3Ni0xMWVlLWIzMWMtMWNlNzMwZWIwMzA2

Request Chain 246

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFHtfKMonS3Mtlk3aSbocao&google_cver=1&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mCSwkPbOE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFHtfKMonS3Mtlk3aSbocao&google_cver=1&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mCSwkPbOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mCSwkPbOE&google_hm=QWoQLQ-nR1eyrOZQPLZ-bA==

Request Chain 247

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJoaiGmTMzrnJDGvF58aklc&google_cver=1&google_push=ATf1kGMiIySz0kratLCkV3lwUEyKbxHXiJZjrygm-7IG2gdPGxV8Zm5AoGCOxaa9DcNUITnz_W-cARTd9K07zvNG_mPH8NrJLIY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGMiIySz0kratLCkV3lwUEyKbxHXiJZjrygm-7IG2gdPGxV8Zm5AoGCOxaa9DcNUITnz_W-cARTd9K07zvNG_mPH8NrJLIY

Request Chain 248

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJoaiGmTMzrnJDGvF58aklc&google_cver=1&google_push=ATf1kGOP3nojJZGHvROGHHNlScK08o_C7GQgsteeH_gC_hsrwY3p0sNTSOsW7hpa5y-xF3YtBiNMDHCtoLA9ETyAtR5fhUNEFvE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGOP3nojJZGHvROGHHNlScK08o_C7GQgsteeH_gC_hsrwY3p0sNTSOsW7hpa5y-xF3YtBiNMDHCtoLA9ETyAtR5fhUNEFvE

Request Chain 251

https://an.yandex.ru/mapuid/google/CAESEOAFlthMELOFdQ9Z6QIaYik?ext-param=ATf1kGOmE0wZyYdb8juY4Lfh2_lkMmu2SECrqrB1bnelBFmVQqFRcl7yeGjQKCcDGofapezbqZT-XncZI8DH5KOktbrnwuoWpaAn7w&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEOAFlthMELOFdQ9Z6QIaYik?redir-setuniq=1&ext-param=ATf1kGOmE0wZyYdb8juY4Lfh2_lkMmu2SECrqrB1bnelBFmVQqFRcl7yeGjQKCcDGofapezbqZT-XncZI8DH5KOktbrnwuoWpaAn7w&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOAFlthMELOFdQ9Z6QIaYik&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 252

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECam8330KtuU3IfsCb8vd6c&google_cver=1&google_push=ATf1kGO6yJ90V7p2kaS-nIbZSFVhn5kp5r1OmdnsdKHr9C8ytdKncQtj4HBv5MmK9rXuMKo0Azmn44bC7QcIAvhYKR95dMMlOh3ayg HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECam8330KtuU3IfsCb8vd6c&google_cver=1&google_push=ATf1kGO6yJ90V7p2kaS-nIbZSFVhn5kp5r1OmdnsdKHr9C8ytdKncQtj4HBv5MmK9rXuMKo0Azmn44bC7QcIAvhYKR95dMMlOh3ayg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=416a102d-0fa7-4757-b2ac-e6503cb67e6c&%%GOOGLE_PUSH_PAIR%%

Request Chain 268

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMAUoY1aHQONcmmUG_2-LRw&google_cver=1&google_push=ATf1kGMaUNW43WAO_4fBI2pstVaneHQ0DN6g_v2vS987ziawJxKB59EwpZg_x19RY6IP2r1A19bk52JavhyQoRcI6-6pSlsTYEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNjQ4MjU2NTU4ODAxOTc0Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1

Request Chain 269

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC9LRKH-BHt6VBOi4x4NUpQ&google_cver=1&google_push=ATf1kGOgeYwPXppULHDdR__f_PxHq7LIrkGPJTZIwReZ1yyCNxajUns9MMcSJytbmTHyIyi7nrXEKTZ4qWxP5V3DQiL9ZatPnYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0OTEzNjMxODY0MjMyMTU1MQ%3D%3D&google_push=ATf1kGOgeYwPXppULHDdR__f_PxHq7LIrkGPJTZIwReZ1yyCNxajUns9MMcSJytbmTHyIyi7nrXEKTZ4qWxP5V3DQiL9ZatPnYg

Request Chain 270

https://a.c.appier.net/gcm?google_gid=CAESEAE87m07zbCek8EvFhCp9iM&google_cver=1&google_push=ATf1kGMA5ArQhxaxXRUeS5SPYSxtPWn61dKk0P71g0YjCyJL-_R8AeC_qWQPtsCrVKc6WvMo_NZ0oqo5P7aZybp2b_iQM4njgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWd2NDRHREtCa3EyekVXYkZSdWFaQQ%3D%3D&google_push=ATf1kGMA5ArQhxaxXRUeS5SPYSxtPWn61dKk0P71g0YjCyJL-_R8AeC_qWQPtsCrVKc6WvMo_NZ0oqo5P7aZybp2b_iQM4njgQ

Request Chain 273

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEZZGAbUry52vdpeKg1UxLc&google_cver=1&google_push=ATf1kGNkI_OOsVgyyUyX1TUcyu24Hc8HUxR28oltwedQ1Zbi2CUz1Q-tHn3xnZMm6Wv3AN_Z6kDQkXI5Nlqpels3an8iRXVQQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNkI_OOsVgyyUyX1TUcyu24Hc8HUxR28oltwedQ1Zbi2CUz1Q-tHn3xnZMm6Wv3AN_Z6kDQkXI5Nlqpels3an8iRXVQQQ

Request Chain 294

https://dc.arrivalist.com/px/?pixel_id=1102&a_source=1612728&a_medium=TD&a_campaign=FY23_Shopping_ct=DE&st=&city=0&dma=0&zp=88090&bw=4&a_content=191466213&a_type=Paid HTTP 302
https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-194649a1b14a89216.57774391649a1b14a9cc10.22450042 HTTP 302
https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-194649a1b14a89216.57774391649a1b14a9cc10.22450042 HTTP 302
https://dc.arrivalist.com/pj/proc.php?auid=8332244428281608687&rk=ckip-10-0-1-194649a1b14a89216.57774391649a1b14a9cc10.22450042 HTTP 302
https://ib.adnxs.com/seg?add=5938683&redir=https://ad.doubleclick.net/ddm/activity/src=5387547;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5387547;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5387547;dc_pre=CKObhb6H4v8CFVZOHgIdQLkCrQ;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=5387547;dc_pre=CKObhb6H4v8CFVZOHgIdQLkCrQ;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 324

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1&google_push=ATf1kGPSahSxU7t0AlqFVkEulKFeBi0TZtHfAAcNi3gv6MwNu8dPc0nKb58WVrkapcTsReaJXagtXf_PCoPa7wFzUB5nI5VxtiXV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNjQ4MjU2NTU4ODAxOTc0Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1

Request Chain 326

https://um.simpli.fi/gp_match?google_gid=CAESEGkSdZtaEVnhz45qmH7hMg4&google_cver=1&google_push=ATf1kGPmRH127Pp-YFU-xvsGdUn8ke5yRCBWtG--CM5xJ4KNakwmd_-By5N8Upi8i6XrEejgO34JW4qNCkr6Gv9JygtIc1O6S-EY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFC7154B9E7B4E28A75A1E2364C7D0B6&google_push=ATf1kGPmRH127Pp-YFU-xvsGdUn8ke5yRCBWtG--CM5xJ4KNakwmd_-By5N8Upi8i6XrEejgO34JW4qNCkr6Gv9JygtIc1O6S-EY

Request Chain 328

https://fksnk.com/cs/google?google_gid=CAESEJ7i6_9Z9TVRO2STYkYnR7E&google_cver=1&google_push=ATf1kGMS2hxjckiqzUJI54v4UVqaNuVQSO0sGvapfP1BU0NDXBtBwVNxGfGjwNhIdcy05CLGmPX5chuS2W43-9NOIIHW-iXbqXEl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0UxMEQ3MkU2OEY5OThBQQ==

Request Chain 329

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEBNEQ2-O1aNTDoEQCrvD-bM&google_cver=1&google_push=ATf1kGMkz64QXV6Z-jsaDV_BBjb9ARqdfO3I_xIK1mbPGExDYSOSIQNFikSAZIGah-tnMjjP4vd-qy1d0aMT6Pl-HMMz3I9mqMa8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMkz64QXV6Z-jsaDV_BBjb9ARqdfO3I_xIK1mbPGExDYSOSIQNFikSAZIGah-tnMjjP4vd-qy1d0aMT6Pl-HMMz3I9mqMa8&google_hm=WkpvYkZjQ284WGNBQU9FbHluQUFBQUFB

Request Chain 330

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE4CcNEDdF0aIWmrZn_mB_0&google_cver=1&google_push=ATf1kGO_zwBy0EfQy1MLB7AiCs8ib_ICnGTjsjKwnvRwMC15cD8Gji668NGHuT_4vmlUJI9LwIDkfvJw1FbEmyHKOr-r90pLNWDwug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGO_zwBy0EfQy1MLB7AiCs8ib_ICnGTjsjKwnvRwMC15cD8Gji668NGHuT_4vmlUJI9LwIDkfvJw1FbEmyHKOr-r90pLNWDwug HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 376

https://gum.criteo.com/sid/json?origin=publishertag&domain=onedio.com&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=dgUkcHxLbFJ3YW9vVHFCSVl6U0piaEhuNk5BejhLZmkvb0xPaXBtalNyeENPNVFEYURMSVhreStLaElIVlFIMjIyRTBjdGtlTkFONnNOcVVFUzNUMVQraGxKVVdwU282aHZiMUtOVTFQUmlweU1LR3JIMkRXMTdKMWkyckVvanQ5Ums2UHl5REFHcW9Yako2eWlVRmpySzBrM2czYWRHdjc0Rkx1SVVxaURac09pQzJyNmlueUxzMjBQSkYrWVBXSnBoQXhva2RoT3JLR3BzckhSNmJGK05PZUg4aE1kVkloV0NzMlBjTkF1QnBLMHRXeGhvelJQTk1IbmJWL05yWW9PMWdVRVJWZGNUVXZsd3prZFQyaGJiNG56c2RNUjNhdlZjWElVUC9yLzJqbldnYz18&cppv=2

385 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6y592zf1gbg.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 475ms
116ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 52e537502f71005147165cfb8c67081bcbd6580b86fb92c891dcfabdfac1ffac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: phA55yVw0gHyoxDHiNsKtQ==
Content-Type: text/html
Date: Mon, 26 Jun 2023 23:11:10 GMT
ETag: 0x8DB5ED0A53C8096
Last-Modified: Sat, 27 May 2023 16:37:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ae53853a-301e-0078-0c83-a8e1f5000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 110ms
110ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-request-id: ae538587-301e-0078-5083-a8e1f5000000
Date: Mon, 26 Jun 2023 23:11:11 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 334ms
111ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 26 Jun 2023 23:11:11 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: ae53860a-301e-0078-4883-a8e1f5000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 222ms
112ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 26 Jun 2023 23:11:11 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: ae5385c6-301e-0078-0e83-a8e1f5000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 55 B
321 B 356ms
164ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6y592zf1gbg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:09 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 45

GET
H2 200 nv.php Show response
www.cloakan.co/ 338 B
452 B 298ms
152ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6y592zf1gbg-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: cb217d0e8ae247684c0dd02ff520bf734a39ad6ea5ec1124286bf47e0f42ec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:10 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 178

GET
H2 200 kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Show response
onedio.com/haber/ Frame F2C8 325 KB
63 KB 94ms
37ms Document
text/html 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6y592zf1gbg-m
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 7ee8b20ce18299a6b6f95a8ee65b7e45a77628cc9d92b5744b6042093a2096c8

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11698
allow: GET, HEAD, POST
cache-control: public, max-age=60
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 23:11:13 GMT
etag: W/"513b2-VPxsYwr+mV4FQoh+xnBhuZiuVLk"
server: MerlinCDN
vary: Accept-Encoding
via: HTTP/2.0 Merlin CDN
x-amz-cf-id: taMZLuUpygXDm322MZdeLT9xkn3tFRfZtLlgX8mvOCiNqltaCCsFvA==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-cache-status: STALE
x-edge: de-fra-dp-s03
x-midtier: de-fra-lea-s01
x-varnish: 959731656

GET
H2 200 Inter-Light.woff2
static.onedio.com/fonts/Inter/ Frame F2C8 35 KB
35 KB 131ms
53ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Light.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 41dd65e5d60b12bfae966238332a9260800d9faa4d6b2dd96c1d04050fbaed02

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 35440
last-modified: Fri, 07 Jan 2022 12:12:27 GMT
server: MerlinCDN
etag: "ded6cc07e59d818372f76b530e7c7aaf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: jlZ7TlN9pdPHFoGuoR5rEx_IVTtMM0Ljbd49AdtXv3cgU-fVXGM4_Q==

GET
H2 200 Inter-Regular.woff2
static.onedio.com/fonts/Inter/ Frame F2C8 33 KB
33 KB 155ms
77ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Regular.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-lea-s01
x-cache-status: EXPIRED
x-cache: Hit from cloudfront
content-length: 33580
last-modified: Fri, 07 Jan 2022 12:12:29 GMT
server: MerlinCDN
etag: "e423db9dfdab27cbe7e6d5d1905c001b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: a40OABYK6kH84MgFIOLkAhljVQqpQhcJB7Dbiwy4IWlYMEExrzsQUA==

GET
H2 200 Inter-Italic.woff2
static.onedio.com/fonts/Inter/ Frame F2C8 104 KB
105 KB 980ms
902ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Italic.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 106876
last-modified: Fri, 07 Jan 2022 12:12:26 GMT
server: MerlinCDN
etag: "fd26ff23f831db9ae85a805386529385"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: MCvusHhKsm1ELDW2P0iUlKHZTnYMF9bQ_JzJsZFGrujjDfEY3O1ZtQ==

GET
H2 200 Inter-Medium.woff2
static.onedio.com/fonts/Inter/ Frame F2C8 35 KB
36 KB 115ms
37ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Medium.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 36304
last-modified: Fri, 07 Jan 2022 12:12:28 GMT
server: MerlinCDN
etag: "209c34a0fe25256a1d61f4b87f0bdf41"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: ojXQF8Qd0WZ91-wZ-YnmZSAzxbKDj_RFlc4KV4ejvj-D4uWyfDheOw==

GET
H2 200 Inter-Semi-bold.woff2
static.onedio.com/fonts/Inter/ Frame F2C8 36 KB
36 KB 144ms
67ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Semi-bold.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-dp-s02
x-cache-status: EXPIRED
x-cache: Hit from cloudfront
content-length: 36488
last-modified: Fri, 07 Jan 2022 12:12:30 GMT
server: MerlinCDN
etag: "4d3237c6955b3611432f2cf951990f8b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: 5itH_N9qQ_gnvF3yFjb6jXpAhNUAxnNoenLcRdp2ZtZfMR6RKb3avQ==

GET
H2 200 Inter-Bold.woff2
static.onedio.com/fonts/Inter/ Frame F2C8 36 KB
36 KB 159ms
81ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Bold.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: DUS51-P3
age: 0
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 36520
last-modified: Fri, 07 Jan 2022 12:12:24 GMT
server: MerlinCDN
etag: "86ec6e568f088fdabcca077caa60f99c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
allow: GET, HEAD
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: fI8zgpdnA7al_LoxGoP1Pr_81pyAzhOrpvRCyfGPFxjotRrPeAha3w==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F2C8 77 KB
26 KB 148ms
49ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cd42d9b26ec40128c15c3e9a6bd1aa4e5ee58171dc7bde3cde62c21684a7736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26353
x-xss-protection: 0
server: cafe
etag: 318 / 19534 / 31075685 / config-hash: 10331222794083646183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:13 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame F2C8 126 KB
41 KB 151ms
65ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 27 Jun 2023 23:11:13 GMT

GET
H2 200 pbd7.47.0.js Show response
onedio.com/scripts/ Frame F2C8 232 KB
74 KB 81ms
80ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/scripts/pbd7.47.0.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: fee5feedcf117324972d35126e99e4d11d098c6437293d2bbd04c7d6153af2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 1098
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 23 Jun 2023 12:58:07 GMT
server: MerlinCDN
etag: W/"39fef-188e8555718"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 931087950
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=3600
x-amz-cf-id: 9cd8iY12G368LE1uEoUe7W4CpyjfV8aNTqnOz368vBgMlUT1KY0iaQ==

GET
H2 200 8883385.js Show response
onedio.com/_nuxt/ Frame F2C8 4 KB
3 KB 24ms
19ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/8883385.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 452606c9f6a3466e1055a944cf5fac7eaf6af76927d10b6d14139da6427ebc74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 295291
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Fri, 23 Jun 2023 13:02:12 GMT
server: MerlinCDN
etag: W/"10c0-188e8591420"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 905151843 901302987
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: Yc7hG_kY3J3dUvLKmJmyob_A5nUmM6mn4w-fnnm1GLXSnlwDpr05PA==

GET
H2 200 2c983e9.js Show response
onedio.com/_nuxt/ Frame F2C8 271 KB
91 KB 34ms
30ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/2c983e9.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: ff98ae0f4737ae8354bce5807218b881fae0d9fe3edc295c37c93726eb094c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999644
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"43cda-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 856052474 834851703
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: PF1mKNcY5bPiyT0dtvtDOqDM6GDFB3es0zPk34QoTNAv4Y-3hnpFDw==

GET
H2 200 ec87d37.js Show response
onedio.com/_nuxt/ Frame F2C8 438 KB
131 KB 53ms
48ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/ec87d37.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: c1390c08f2ad9b3d5e5b83456dca76a42beaea002a88625627f3cd16dcfe0e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 999656
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:33 GMT
server: MerlinCDN
etag: W/"6d8d3-188be5e0608"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 823108777
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 3W07XsAA9hJfGQqpV3MlmoohQiwx-ZClQn-wG_l3Aj78Mj9TPSNtpQ==

GET
H2 200 45df3ef.js Show response
onedio.com/_nuxt/ Frame F2C8 793 KB
196 KB 70ms
66ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/45df3ef.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 34248150d4e7884e26ad1576502ca331e945c5e778e01860af19dd1a5116b4e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 295306
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 23 Jun 2023 13:02:12 GMT
server: MerlinCDN
etag: W/"c63d2-188e8591420"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 928998356 932814372
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 0lZbNio_WCnm-bOGRGsZIwMT9-gU5yazu4Dns1nBwWJqh1DQquqdxA==

GET
H2 200 dce817f.js Show response
onedio.com/_nuxt/ Frame F2C8 318 KB
71 KB 82ms
78ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/dce817f.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: c6d56b3addafd99887333318efc4e493386cdb33ec8d4636975bc2315c186802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 458451
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 21 Jun 2023 15:39:11 GMT
server: MerlinCDN
etag: W/"4f9aa-188de9c1518"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 919119213 918950591
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: FVWZEi99sXvuj7D-idtaiXL-EQp-BkwYxcdFoBidm4ca0YjhlTS5zg==

GET
H2 200 cb7d719.js Show response
onedio.com/_nuxt/ Frame F2C8 5 KB
2 KB 86ms
82ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/cb7d719.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 2e3d1ff6714a592eaaa8beb5caab6132f8552884bfca83f52211aec0706ec37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999656
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"143e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 860401250 861610780
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 9Q40WKpOTEbE3QPP5HFmn9WfApQG75FeeZtJ52tzD5JcvjyLcIc-vA==

GET
H2 200 ec5765c.js Show response
onedio.com/_nuxt/ Frame F2C8 23 KB
10 KB 86ms
83ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/ec5765c.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 1068448aad848bacd4586d0100c41f15b99e3bbd0d808bbb18fa0abd4eb17c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999656
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"5df7-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 862010096
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: Lr8Ma2Xc1oPEZkwGdKFYQ0-ybR__bMT5qvpUehkBmGzKJa3Y61-6Kg==

GET
H2 200 de3d7e5.js Show response
onedio.com/_nuxt/ Frame F2C8 95 KB
33 KB 87ms
84ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/de3d7e5.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 37e36c252e75ac6304964c0e13474b369452f559467167337dfcce4e2862b0ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999795
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"17d85-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 825650452
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: CxK7ERYlyf8obwzzv7wNEPhgwvk9O6BWDU4BQoznMQc7qlf8fzahHA==

GET
H2 200 dfff877.js Show response
onedio.com/_nuxt/ Frame F2C8 17 KB
6 KB 89ms
85ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/dfff877.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: d19dca040e74cd8fc30291933896f5efb2183715484442e5160e8a5a149426fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA53-C1
age: 2709975
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"4359-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 682900342
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: XY8O4B4WvhJ9OPCKV_F-n81K_ltg1zf2vn5TGPOCS4HXwdElwzG_1Q==

GET
H2 200 7e2e7f6.js Show response
onedio.com/_nuxt/ Frame F2C8 6 KB
3 KB 89ms
86ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/7e2e7f6.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 4ed54f5ff509297da74f1655ec64b321016c40d2656414ec6f0279d952c35b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999655
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"199e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 862332716 862260919
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: RHxlcq9ISTrTBzQTQN_hM9SQ9MbcPfIdP-K_KmuzFRv23biwdiiH-w==

GET
H2 200 0d109f0.js Show response
onedio.com/_nuxt/ Frame F2C8 107 KB
25 KB 90ms
87ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/0d109f0.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: b1e254a7cc54e3d17cd4c02d5a96ef0b71601ff6d16629980bb833545b214021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999656
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"1ab5b-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 823736864 829401396
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: zC9J83fN9kCD4HCjalc384LLn0ZXUuAmZL3NBmcgq5KunbrL77-EgQ==

GET
H2 200 c3b07ec.js Show response
onedio.com/_nuxt/ Frame F2C8 68 KB
21 KB 92ms
89ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/c3b07ec.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: a165991f6211fccecd49c3e9303c642947b95baa6d82be861f78e921ea9f7ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999617
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"111a4-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 861120331 860633187
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: G3OtU6qBfTSVZ6pqAPgXsODsNMLxyfVIkTa92IZiJb-n7n-TnaoHGA==

GET
H2 200 72051f9.js Show response
onedio.com/_nuxt/ Frame F2C8 12 KB
4 KB 93ms
90ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/72051f9.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 3f354e097022f46b1a0d9705858b8060064da6fdbb21933c35c81027a8e4671e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 999656
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"306e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 830147523
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: AE2gCfGnLijMa37DF0Kd12D0MUI4XGViXwZNBeGcMPNWlE4Eff5BuA==

GET
H2 200 c2345ed.js Show response
onedio.com/_nuxt/ Frame F2C8 1 KB
1020 B 94ms
91ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/c2345ed.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 73776eff86ca177c94173b46bccd0f5e22034be029c332d1f119c181bb64efc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999656
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"456-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 823108785
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: wr_rVEg8OmDJy6j4o3LONLPmisdI1eXJnkjFCeOXLY0AG20Vq5Tssw==

GET
H2 200 4878ebb.js Show response
onedio.com/_nuxt/ Frame F2C8 14 KB
5 KB 95ms
92ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/4878ebb.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 7218d4c9020c050d9bd04809f8073a752639cb3362f1493dd7e6aa380f870ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 464450
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 21 Jun 2023 14:01:12 GMT
server: MerlinCDN
etag: W/"3928-188de426040"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 914314441 914452403
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: KLoszgVJU7TpkOD4pnlyk-kToyYIJ1KXpOG50o-jC5ZHuAlARzt8lA==

GET
H2 200 943decf.js Show response
onedio.com/_nuxt/ Frame F2C8 33 KB
7 KB 95ms
92ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/943decf.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 6d6a81816d592a41ef7ac452300246b8947162cf584498486eb8711a6164a296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 458451
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 21 Jun 2023 15:39:11 GMT
server: MerlinCDN
etag: W/"82e0-188de9c1518"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 886157548 890472583
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: vzoA09jNZ098C_YeSM6LF7R4Ed5xQOUFbh9BjT-FEG6J7TFO4w8qmQ==

GET
H2 200 eba3f3f.js Show response
onedio.com/_nuxt/ Frame F2C8 2 KB
1 KB 96ms
93ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/eba3f3f.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 7fdabb3c4047b5538cb0396037b74e2df9a6cf2435c6fbd5588f7374864d438f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999656
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"87b-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 826010050
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: Rj4Dpmowf8P4i41cyp4zUIjlvmWzXqG_Tb4rSBwmmeHNyBvHSe71WA==

GET
H2 200 428efe4.js Show response
onedio.com/_nuxt/ Frame F2C8 1 KB
1 KB 96ms
93ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/428efe4.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 93f7bf325600df308529816d46a693eba94bf56c62231d7863561b4e5b485057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 999656
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"4e6-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 828418209
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: 67sSCryijIZknaIih49jL_3Ecyd6h7_h72zy9CjgfUYZc8PEunL44A==

GET
H2 200 1705d0c.js Show response
onedio.com/_nuxt/ Frame F2C8 8 KB
3 KB 96ms
94ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/1705d0c.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: e5b6cc7b00fe92d3a4af4c9ba7db8488ca5308c97bd20e501fd72795830d32cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999656
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"1f41-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 826010052 829564698
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: l28_xcpDgb3V3XrdKtObLKnzVdDixbj_07HIpqVDUdd4LnDXWQRm_A==

GET
H2 200 04dbfe5.js Show response
onedio.com/_nuxt/ Frame F2C8 559 B
798 B 97ms
94ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/04dbfe5.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 01afa1ad1afa1e170e923ac3fc28e70f033f5e74659ebed6608aaeb7200d8adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999545
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"22f-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 827018238
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: HvD-mXnLl2QIbSkOybD7_jVFhag28b1qDwSphVNtnUar6aDkzE5CRw==

GET
H2 200 19ffef3.js Show response
onedio.com/_nuxt/ Frame F2C8 4 KB
2 KB 97ms
95ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/19ffef3.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 8a360dd78c99927f4b72e1277d60df80774c5f9a248bfc37c3444c43b9cbc02c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999656
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"1175-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 859756380 859787781
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: O52K25q8hlBmGuEPBStByD3LIQumQMd8nZoJHexDaXEz8Ptv8pOEXA==

GET
H2 200 2414da9.js Show response
onedio.com/_nuxt/ Frame F2C8 31 KB
9 KB 98ms
96ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/2414da9.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 5c0c5d259722512879f917320565cbf0145bd9ecb26ec7df477cd3a1878a945f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999655
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"7a7e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 859693450 862588044
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: BxKIA3Ac3Ri_CoMHgJOc4qnjVjqzU1HCOvrm8V99EnbOrS-iEF5NlQ==

GET
H2 200 5617942.js Show response
onedio.com/_nuxt/ Frame F2C8 2 KB
1 KB 99ms
96ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/5617942.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 3aa6f4040b6587f7ea3d4f1610000cc2b33a0e99621ebabafae342cdca22dab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 999656
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:33 GMT
server: MerlinCDN
etag: W/"71c-188be5e0608"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 830147520 822849688
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: D1AeIy5wdc6kxLh9uiqNQuREnbh33v1mmioJpiBKX4bRg1jYhRB_wQ==

GET
H2 200 5c74064.js Show response
onedio.com/_nuxt/ Frame F2C8 6 KB
2 KB 100ms
98ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/5c74064.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 86031077493229099d4d888a95ab6adc9c0fb4d98282275abd17825c8a85596b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: PMO50-C1
age: 999656
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"161e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 860633029
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: XAc-e9UvAExlfPX8DuFMcHTjCRNuQapnF1I8fCtKWHHPB1QbqTJOMQ==

GET
H2 200 3b5f68a.js Show response
onedio.com/_nuxt/ Frame F2C8 3 KB
2 KB 101ms
99ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/3b5f68a.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 7f1255a2f606a65de5b7e373bd205bca2f5271778212970f9579a253ed5e0927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999655
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"cd0-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 862332872 861545412
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: fHjPU2VA2ui2Xex5FCCEV3R4ByI2Ov-jadIZzjVIAIqXUJWZ0ca-0Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame F2C8 323 KB
105 KB 83ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b53aba3a1c4100308d0e148348e557b4b870abfc2869a54415d6dfaf8e890e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106659
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 22:24:39 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 23:11:13 GMT

GET
H2 200 s-4de8fff2b24096cdd84cee5c1967660d9a1ee555.jpg
img-s3.onedio.com/id-6124df1c620bb90314d7c362/rev-0/w-50/f-jpg/ Frame F2C8 920 B
1 KB 77ms
47ms Image
image/webp 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s3.onedio.com/id-6124df1c620bb90314d7c362/rev-0/w-50/f-jpg/s-4de8fff2b24096cdd84cee5c1967660d9a1ee555.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN / Express
Resource Hash: be77d7730a869cb3e7f47175ccef5a7e92c95cde385080e283003379153e497b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: DUS51-P1
age: 3996811
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: de-fra-dp-s02
content-length: 920
server: MerlinCDN
etag: W/"5a9-uJK5dDmbFbimVLs+jsrQSErI2lM"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kXxDtMMcEu9EdBBw0caV_AypivjgmMLWoiLH-RHzedPlsxsmLczY3w==

GET
H2 200 254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png
srv-cdn.onedio.com/store/ Frame F2C8 986 B
1 KB 97ms
34ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4445041a5221550830f31fa42e138f881676a468e4fedb939c1e0ab0a07eae17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 f4d51e15043614df5b1100d2964816a8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 2709739
cf-polished: origFmt=png, origSize=1953
x-powered-by: Express
x-cache: Miss from cloudfront
content-disposition: inline; filename="254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.webp"
content-length: 986
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"7a1-sa6tAltsWoc5wA5UpY0Z1rF27aQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7dd920cc5d021959-FRA
x-amz-cf-id: oZVOcdfsCatlRdbJ5ZYU_KOPUQVrqz-66D2Iso3oPhGQGLPMtO0uZg==

GET
H2 200 5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg
srv-cdn.onedio.com/store/ Frame F2C8 5 KB
2 KB 99ms
35ms Image
image/svg+xml 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c28e62ec408f34ca18b76298f690009e78700af3010365f6a6e7226e924416e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 69bd99223bbe7be5d36f0fa13d71bf84.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 2709868
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"1567-Gf2hzU325PtbOomKigrNqYY2reY"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7dd920cc5d041959-FRA
x-amz-cf-id: H4VgMESF_hMswHIa22XLp9IYz4PBiC1BHoitruNOIdm65LC_YMGxkA==

GET
H2 200 6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png
srv-cdn.onedio.com/store/ Frame F2C8 878 B
1 KB 98ms
35ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 36de549fa81b509bf426b8c57b5842e2857f1ac66456c567d552ac5a890dcd85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 6f5ac69c39e434663876b6bbf4ccb97e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: OTP50-C1
age: 2709739
cf-polished: origFmt=png, origSize=1902
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.webp"
content-length: 878
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"76e-8ctQNEopR+fZIMwoSznLo2H5szA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7dd920cc5d061959-FRA
x-amz-cf-id: rvhaUnCsivDMeQ8p2_PNXqIRcQsktz2D-6KRF1gDfn0veKcYqqy8hg==

GET
H2 200 18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg
srv-cdn.onedio.com/store/ Frame F2C8 12 KB
5 KB 96ms
33ms Image
image/svg+xml 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 39dce9bed1229c0ea63b578fa41d43deedadad5a254d1c109a6b9befab766f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 7d1d59e1d7c17682b3d50dee49f3f96c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 2709739
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"2f8e-DhNaZwN/38b45yAT1OpnoNY30CE"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7dd920cc5d071959-FRA
x-amz-cf-id: nSF_u2JRnPs8WCq4G3lcouZQ-UgPFETltECk3KZ3Ss0SUtnTCQgVuA==

GET
H2 200 cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png
srv-cdn.onedio.com/store/ Frame F2C8 814 B
1 KB 101ms
38ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 15726d6a6db473c829365e69e31d4e97604cd5cafe876d8597b3fbc869719b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 c3e62b5fb62dc34600994deeae6bb470.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 2709868
cf-polished: origFmt=png, origSize=1578
x-powered-by: Express
x-cache: Miss from cloudfront
content-disposition: inline; filename="cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.webp"
content-length: 814
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"62a-Thg0vcfkZSwukYv6/Pk6DHGPLVU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7dd920cc5d091959-FRA
x-amz-cf-id: FnoDZ0iaTQE61vEUKQyOuQ4SWJyO0ab7aIw5tPubgCfJYlAodvJc6w==

GET
H2 200 76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp
srv-cdn.onedio.com/store/ Frame F2C8 4 KB
4 KB 97ms
34ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 944089b44ec5f876426cd30b5cd76e18a09d4178aa06f2acea7b50f9fd61e67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 77c9518ff58162b5acfe6c69f9a24ec8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 2709868
x-powered-by: Express
x-cache: Miss from cloudfront
content-length: 4338
server: cloudflare
etag: W/"10f2-SvE1aR+U5T/v7oqvI4RKhTf5zFU"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7dd920cc5d0d1959-FRA
x-amz-cf-id: Me1jlPoJ7Hgg-1WlYW2y8jppRWepIW6yUqG2dJBtUornccNQD9eU1w==

GET
H2 200 a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png
srv-cdn.onedio.com/store/ Frame F2C8 2 KB
2 KB 33ms
32ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dba49107edbd020f83668ba1c661b3d240621d37c01a6d3d4a8078300b9a4069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 7564e806c7d8686b031d863cf92ad6d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MAD56-P3
age: 370094
cf-polished: origFmt=png, origSize=4862
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.webp"
content-length: 2182
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"12fe-uBEf34GH694nTuxfI9tSHWFjr0Q"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7dd920cc8d361959-FRA
x-amz-cf-id: P47Vnx61eoPe6g63etHJmsayRkHtZrtGIozvUr7nmtQaaBH0rjmMkA==

GET
H2 200 f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png
srv-cdn.onedio.com/store/ Frame F2C8 3 KB
4 KB 35ms
35ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 55fe4e70c417bb19b37d1824c282a9ec1804103d00436f3236c173a51a2f85b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 6f35c519b101df1a1b9031120a6b276c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: OTP50-C1
age: 2709739
cf-polished: origFmt=png, origSize=4340
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.webp"
content-length: 3480
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"10f4-gsbWFHWJPHVpHvoITTXJalPjJ6s"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7dd920cc8d371959-FRA
x-amz-cf-id: ToPscPXs8xoLj-NqdeCgRhtiU58DUZxuVFQbZ-MsJFk1KbDYfmDHRA==

GET
H2 200 667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg
srv-cdn.onedio.com/store/ Frame F2C8 5 KB
2 KB 36ms
36ms Image
image/svg+xml 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2456ef3475fff167027aecdbf0400a036b2f383db83707c3234103d0f03d9421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 e19aed1f6c91c2644d0ca17ce8be7af2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 2709868
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"1341-HkNNtvvRHBHy5muqVr6wRTl+u2M"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7dd920cc8d381959-FRA
x-amz-cf-id: ZaqwjAXdyeFXG6xqit4yqjpB1hdRlxhcq5acrSIQWOT3RtYZWd9FAA==

GET
H2 200 s-6733f109504dec046a91ea51d989d1bef076ae35.jpg
img-s1.onedio.com/id-617049563479d0fc41763e90/rev-0/w-1200/h-800/f-jpg/ Frame F2C8 22 KB
22 KB 44ms
22ms Image
image/webp 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s1.onedio.com/id-617049563479d0fc41763e90/rev-0/w-1200/h-800/f-jpg/s-6733f109504dec046a91ea51d989d1bef076ae35.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN / Express
Resource Hash: 3f153b38fd5e00d6bdb8249dd0d7532ec47a758e6bf7ce26c2ca59a3f46b35de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P2
age: 1386156
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: de-fra-dp-s02
content-length: 22196
server: MerlinCDN
etag: W/"c43b-zUgjIWOquD0x3TVFmWyFKRDLisc"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4lQYpxuq_xPsxhyZWduS2M6ev0JwmXXynA5ab-VdAsNSyOc1rLs7vQ==

GET
H2 200 7daaa5a.js Show response
onedio.com/_nuxt/ Frame F2C8 5 KB
2 KB 21ms
21ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/7daaa5a.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/8883385.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 467150f57e3950f97d315a86791fa22e24d1a4f2e3b515bb2898a44cc7e0d494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999642
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"1486-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 838775581 715109205
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: eHuSalCEn6uUgxHn7HJKtAC2C6kb-1H-JxSNhW1OfixnHOK6PqbqGw==

GET
H2 200 d8aac31.js Show response
onedio.com/_nuxt/ Frame F2C8 1 KB
1 KB 20ms
19ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/d8aac31.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/8883385.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 2e41f9946ceda33fce9bba3f4a1702e2a52e2cfa7bb6b600661a7333523f9e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999616
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"444-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 857729211 861705254
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: oaETctA3Z5_S8oe2ej9vUwKpHH8Ej_eWA__x1Zs4wABtHR4AD_IOFw==

GET
H2 200 tag Show response
a.teads.tv/page/118539/ Frame F2C8 752 B
802 B 138ms
50ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/118539/tag
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 887a3a4f200a899e84097749a9412f749c61744b76f287de50a76cb532308166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 469
expires: Tue, 27 Jun 2023 00:11:13 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ Frame F2C8 11 KB
4 KB 108ms
21ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 7M143009WAXN3Q25
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=

GET
H2 200 status Show response
event-collector.analytics.onedio.com/ Frame F2C8 52 B
241 B 92ms
25ms Fetch
application/json 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/status
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/ec87d37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 56639c53fbc08d334e0001abb9cb4724cb57cb476150d64d7fc1211570d2bed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"34-LvmAuf9zCrGFmWivWzjtCzRpG+o"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52

GET
H2 200 91769df.js Show response
onedio.com/_nuxt/ Frame F2C8 141 KB
42 KB 26ms
25ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/91769df.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/8883385.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: ed1f184fa3d298aaf01b99d934858b3ecb6243cd4efdea6b0f14a0b3d1ae480f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999616
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:33 GMT
server: MerlinCDN
etag: W/"235da-188be5e0608"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 827969061 829267644
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: xxPkSXOezsB570jlukDEVEZJoh1dw7f0kZ71wLeYsZ6tt7BkgLOZZA==

GET
H2 200 hit Show response
services.onedio.com/prod/counters/ Frame F2C8 105 B
378 B 191ms
130ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.onedio.com/prod/counters/hit?key=article%3A61704b2b6e8a878b642c2aa3&referrer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4da7e15fa02074cfd3fd9128547223f53472736a5f7c5fa922cecdc00a1ccc6d

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cf-ray: 7dd920ce792b9176-FRA
apigw-requestid: HJkq0jDnjoEEMOQ=

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/onedio/ Frame F2C8 740 KB
59 KB 80ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/5617942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 695a5f97154f7ad73570f00c93bf0e844185b238e06ece903751234501f5c3f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kvLTlOWtV0dPYYzWRZInAzTOrIZDMZKK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:13 GMT
x-amz-request-id: MBH6NG1BTAWW0A1K
age: 7469
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 16
x-amz-replication-status: FAILED
content-length: 59979
x-amz-id-2: KtjQZm8MyXs7awlaUB2ZviWFD02PhI4GFbt+i5ddMRQZ8VJE1EMpDXbnz3c4HrxgW/ldaxVXNUY=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Mon, 26 Jun 2023 09:04:02 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821074.746004,VS0,VE1
etag: "f3b4ebdafd08696142bdf2eb0b1e904d7f75387b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 11
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 6c54fca.js Show response
onedio.com/_nuxt/ Frame F2C8 44 KB
9 KB 21ms
20ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/6c54fca.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/8883385.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: b1a393dbaba4b75f14c07d22beb75334206de35c996d594d20e246e8e8db7239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 999568
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"ae0e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 855712144 861451981
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s03
cache-control: public, max-age=31536000
x-amz-cf-id: J3HwIlIZjCZU7TOC6QBo-QKQb8QK7nwu5wk29wqBOUdoo47FxCCLPg==

GET
H2

200

/
dmp.adform.net/dmp/profile/ Frame F2C8
Redirect Chain

https://dmp.adform.net/dmp/profile/?pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1687821073675
https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1687821073675

35 B
231 B

37ms
37ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1687821073675

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

Redirect headers

location: https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1687821073675
date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0

GET
H2 200 recommendations Show response
recommendation-api.analytics.onedio.com/api/v1/ Frame F2C8 84 B
272 B 110ms
26ms XHR
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/recommendations?placementId=1&scopeId=1&organization=onedio&product=onedio&version=1.0.0&categories=Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F&page=1&limit=9&additionalFields=description%2Cauthor
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e3c5113869fed7cf5fbbb2fb64ba2e5c29fc9043e01e0d3a90b39024e0d0b20c

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"54-mjGPcqtI3tmtCT/QyDHmmCBl1DQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84

GET
H2 200 breaking-news Show response
api-onedio-production.onedio.com/v3.5/browse/ Frame F2C8 10 KB
4 KB 139ms
88ms XHR
application/json 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/browse/breaking-news
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12f6ca81745950ad8e0153d8eec3e628d1a6f23f6babf5df8f3850c538166e9

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 1ms
date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7dd920cf39b91e54-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame F2C8 2 KB
1 KB 70ms
19ms XHR
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230626

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a7ec3ad1dbefd1780bcb041c357ccef3e1072b787942366a5389820ade3ebcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 23:11:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 25825
x-jsd-version: 1.0.1733
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 844
x-served-by: cache-fra-etou8220023-FRA
x-jsd-version-type: version
etag: W/"637-g5ikeAv6ZeQ1af+viD493x6AIBM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ Frame F2C8 136 B
540 B 78ms
21ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

0322b00cb6bad591b726254678daf5a09db33b9f34db5fe69dbd4ae2095d2929

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/ Frame F2C8 392 KB
125 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9262e4f0004178b2eb384213e53dd3e0c71eb13584d3f6b6dba57437014c1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 10:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45227
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127813
x-xss-protection: 0
server: cafe
etag: 18191761431352456992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 25 Jun 2024 10:37:26 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F2C8 43 B
365 B 35ms
34ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 Jun 2024 23:11:13 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F2C8 43 B
365 B 34ms
33ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 Jun 2024 23:11:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F2C8 121 KB
47 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26809107-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

585a0b8a113e799c98a1b6fa34c69c1b29ed6c365d2301169ec6b04b0ea95ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47879
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 22:24:39 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 23:11:13 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame F2C8 197 KB
65 KB 96ms
36ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PGQP2CC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

083e1a52326761bd888b9ea769f2077fdd6dd9e979ad150b54bc3a48f50c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66000
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 23:11:13 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame F2C8 213 KB
76 KB 36ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-7NQXL6GR3D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f041c7d2e0dc9b549da07b2949094f34a017d2cd7c737ebe28ea360d35d2795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78123
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 23:11:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F2C8 52 KB
21 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Jun 2023 22:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2151
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Jun 2023 00:35:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame F2C8 170 KB
47 KB 65ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 23:11:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: DntAnP7L8ZFjmOjHV/ZujwwCDjzAfG/sJHQRglsvSXoBBfDKxzBQLF9eA3hrHBRiHvS+qb1OJHdKnXbuKrQTEA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

adformat.js Show response
s2.adform.net/banners/scripts/audiencetag/ Frame F2C8
Redirect Chain

https://dmp.adform.net/audiencetag/adformat.js
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

7 KB
3 KB

156ms
37ms

Script
application/javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 422f44f37be3ad1dc211805c2f45188eb4a74e2bb9b6e4afe2379c8f0c239008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
last-modified: Fri, 19 May 2023 06:39:14 GMT
server: nginx
x-amz-request-id: tx00000e5455ff7462cdfb4-0064671b3f-3295a825-default
etag: W/"2a3ea2bbef52aa72db12b0bc03214445"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
DATA 200
OK truncated
/ Frame F2C8 264 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1034ccaed1f9dbb4c6c0d3895ee792b931e539ecad7d3e0491632dd4df068c65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F2C8 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c85ff0d2c0dba739701435b4ecd7ff4c4139528bef936a19f28ac4ac7cd26065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame F2C8 33 B
397 B 95ms
22ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

998e6aadad190a486be8310130c56509f9481861fa4fbbdc1036e404ae313318

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ Frame F2C8 605 KB
132 KB 23ms
21ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/118539/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 95a0fed802e3139d5828f8b6f581e956f46d81f02f52a0035b7c5f673dd547ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 17:57:21 GMT
x-amz-request-id: W15HWZQP6JA4X4C7
etag: "7eec442ec0c91824e01e65b6f5a9bd2b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: f
accept-ranges: bytes
content-length: 135013
x-amz-id-2: McoG5ikPa3rKZ9YVlT9qNpzh14EcsBhblg+bV2YUieDSrocIdhpXJbwlojMjf8dfY2dKiO44CEA=
expires: Mon, 26 Jun 2023 23:41:13 GMT

OPTIONS
H2 204 events
event-collector.analytics.onedio.com/ Frame 0
0 28ms
26ms Preflight 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onedio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 26 Jun 2023 23:11:13 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

POST
H2 200 events Show response
event-collector.analytics.onedio.com/ Frame F2C8 32 B
124 B 27ms
25ms Fetch
application/json 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/events
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/ec87d37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash: adda67abf8e0f8731a86e3aefb53b93847656f20799f63d181ae0c9cd2638adb

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"20-LpvOmjUM2g6vtazb7wSJ11MN1rM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 interface
s8t.teads.tv/logs/publishers/ Frame F2C8 0
0 343ms
227ms Image
text/plain 2a02:26f0:1700:890::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/publishers/interface?%7B%22source%22%3A%22script-analytics-tag%22%2C%22errorMessage%22%3A%22not%20top%20window%22%2C%22exception%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22analyticsTagId%22%3A%22PUB_21080%22%2C%22scriptVersion%22%3A%228480ba3%22%7D
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:890::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame F2C8 13 KB
3 KB 92ms
91ms XHR
application/json 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=530bd809764e7634c69c39c9&page=1&limit=8&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0874b021e319f0a4f61ab79f4d7a4e4bea4187c3f211ded57fba06188e572cb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 2ms
date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7dd920d0fb871e54-FRA

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame F2C8 9 KB
3 KB 61ms
61ms XHR
application/json 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=50ce951f28e98bd23f000011&page=1&limit=4&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1ba18784dc977c714a5b55aba070e01ae269ab5f95a988ff2d41cadc936271

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 1ms
date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7dd920d0fb8a1e54-FRA

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame F2C8 11 KB
2 KB 95ms
95ms XHR
application/json 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=5f7c351b57dac2cfc44d7f78&page=1&limit=4&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 459ebbd7b5cbb3d007a973b20d740aac4003148187ccc181dcdeecc8f68fc564

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 1ms
date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7dd920d0fb8b1e54-FRA

GET
H2 200 status Show response
recommendation-api.analytics.onedio.com/api/v1/ Frame F2C8 91 B
186 B 30ms
29ms Fetch
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/status
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 96c248ed6596a211aebf66eca21eb95634a613c77b3aea467801aea400acb1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"5b-mfr+JSkeyM+9BEELxE6+6OT8+sU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91

POST
H/1.1 200 1291.json Show response
id5-sync.com/g/v2/ Frame F2C8 241 B
645 B 64ms
23ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1291.json

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

b2bc2f1968523b981d2b3da25565c98aa85da4556e4ec34662836b2183fbf4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 load.js Show response
pm-widget.taboola.com/onedio/ Frame F2C8 3 KB
2 KB 53ms
29ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/onedio/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6c21bbb6b819f7dba5c0b474b64535c13d53512c9c1e402a92b94b424dac95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: edibv5YY0QsddQPLEPWDiAieJ7baIXqS
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 26 Jun 2023 23:11:14 GMT
x-amz-request-id: 8W5CZMY53R0APNT2
age: 99
x-cache: HIT, HIT
content-length: 1314
x-amz-id-2: aEuxUep1Kcn/2gsrcvuLMq5vZ5JpCfcls6YX9qvCft+CZ+jARAwbQ/sCihVwiFiefQPksQ6qC6c=
x-served-by: cache-bur-kbur8200123-BUR, cache-fra-eddf8230097-FRA
last-modified: Fri, 28 Apr 2023 08:20:15 GMT
server: AmazonS3
x-timer: S1687821074.151519,VS0,VE1
etag: "a01bae8d0f5282875463a44413e5a731"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 18929, 1

GET
H2 200 impl.20230613-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame F2C8 778 KB
162 KB 22ms
21ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230613-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5d8f3b16878137d3d1867b7022fb248c00c3f84752138621a6fd37bf4b2bcbce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 3T7Mwn.1A96X6iW2819AYQZJWDmVmWZP
content-encoding: br
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:14 GMT
x-amz-request-id: CK558TF7XKRM79KE
age: 889
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 165807
x-amz-id-2: GF6PtyFn5bkkWcEi9t9JECOI1LaeqUWyG8VDwXyEJGVjk761CUtZaYE6kk34+8N5jojddwkJh6E=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 13 Jun 2023 08:26:13 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821074.129698,VS0,VE0
etag: "4744547244c759add1d83d4da30b4089"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 10

GET
H2 200 tr5
cdn.taboola.com/libtrc/ Frame F2C8 3 B
102 B 21ms
21ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=aa-test-vis_var
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230097-FRA
date: Mon, 26 Jun 2023 23:11:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687821074.129646,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
191 B 132ms
54ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=40481774977

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
192 B 130ms
53ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=61057656933

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
191 B 129ms
54ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=70098350706

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
191 B 126ms
55ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=2092814178

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F2C8 0
172 B 99ms
29ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Mon, 26 Jun 2023 23:11:14 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
191 B 81ms
54ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=32914929394

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F2C8 0
619 B 210ms
110ms XHR
text/plain 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://onedio.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F2C8 0
173 B 90ms
28ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Mon, 26 Jun 2023 23:11:14 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
191 B 77ms
55ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=96666262413

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame F2C8 3 KB
2 KB 206ms
111ms XHR
application/json 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e764b0e5e07c0ccad56adbbd40356d2562a9749739a5779969fa8161bd5e6dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F2C8 0
172 B 87ms
29ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Mon, 26 Jun 2023 23:11:14 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame F2C8 3 KB
2 KB 204ms
112ms XHR
application/json 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a454f4169caeb8fa44fb4944340fc2c9361d17fe83d97597c5c113ff677f76eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
191 B 73ms
56ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=67609380122

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame F2C8 3 KB
2 KB 188ms
99ms XHR
application/json 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8fef13ab2f860035fc87d045008b7cd9a128c425c52ea7d1ad5638db53534291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F2C8 0
172 B 83ms
30ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Mon, 26 Jun 2023 23:11:14 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame F2C8 0
191 B 69ms
55ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=20514570041

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame F2C8 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 22:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Jun 2023 23:41:18 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ Frame F2C8 74 B
435 B 107ms
29ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 418147985044065 Show response
connect.facebook.net/signals/config/ Frame F2C8 300 KB
86 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/418147985044065?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d8c85a1ac410f13b7a6aa3ca691d1f716189e04d6ecd734f64ee9e2e2a46d32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 23:11:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87943
x-xss-protection: 0
pragma: public
x-fb-debug: l+5HqKE0NcDNBcizooua1PE5UuH3GQ3TiT1L2pArSOLxIWtoYk7LY0X2KvoRG7M5YYTWZujeTI1hjxBQKFofyA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ Frame F2C8 23 B
104 B 142ms
47ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=5d89926c-d22e-4a5b-8010-1e30b67b5e07&pageId=118539&pid=128615&debug_metadata=wJHZjDNSFC&fv=1210&ts=1687821074397&f=1&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame F2C8 23 B
134 B 142ms
48ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=5d89926c-d22e-4a5b-8010-1e30b67b5e07&pageId=118539&pid=128615&slot=native&fv=1210&ts=1687821074403&f=1&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 26 Jun 2023 23:11:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 204 events
bidder.criteo.com/csm/ Frame F2C8 0
78 B 28ms
27ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F2C8 43 B
365 B 33ms
33ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 Jun 2024 23:11:14 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F2C8 43 B
365 B 35ms
35ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 Jun 2024 23:11:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F2C8 107 B
456 B 76ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onedio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 635 B
387 B 267ms
266ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=808963101864053&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Pageskin_Genel_Right&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C140x600&ifi=1&adks=3875572001&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074474&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=1360&adys=376&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=rvc1vj49mm7z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x4804&msz=160x-1&fws=768&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c318bd5144e8595b335e7f114e87511df4ab914c9add7918f830d8a29f6e075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 097F 6 KB
3 KB 355ms
33ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:14 GMT
expires: Tue, 25 Jun 2024 23:11:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame F2C8 0
78 B 28ms
27ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 420 B
205 B 215ms
214ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=4453979482054370&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Pageskin_Genel_Left&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C140x600&ifi=2&adks=2081268503&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074491&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=80&adys=376&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=2hsr899hx13e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x4804&msz=160x-1&fws=768&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1abfa23ef585d6313b33383cbef0e1fdd17621d286122a1aa633c18eb22d139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame F2C8 0
78 B 28ms
27ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 354 B
186 B 56ms
55ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=2784991431472798&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Data_Collect&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=511466349&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074500&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=251&adys=5180&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=s1d0x9bqjcir&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=1100x2&msz=1x-1&fws=256&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

142585de3616a2b2aeda9199f67790f3a46d620d6eb93f88de9f81ec44874fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame F2C8 0
78 B 28ms
28ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 23:11:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 53 KB
12 KB 337ms
337ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=3872977797324708&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Sponsored_%C4%B0%C3%A7erikYan%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&adks=2318357959&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074508&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=1029&adys=541&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=f4n9of56g68m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b7df3c42840b6bfc54d5f5d9b8a30c9893825471860b29a63d0e3d4fe58409d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12709
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ad Show response
a.teads.tv/page/118539/ Frame F2C8 540 B
701 B 93ms
93ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/118539/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&auctid=5d89926c-d22e-4a5b-8010-1e30b67b5e07&formatVersion=1210&env=js-web&netBw=9.9&ttfb=37
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cdd13cb3fe2b189660e22ad818d8dcdc948ede141397224995d5d6e992d83ce3

Request headers

Accept: application/json; charset=UTF-8
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://onedio.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Mon, 26 Jun 2023 23:11:14 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ Frame F2C8 3 B
364 B 350ms
63ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame F2C8 46 B
288 B 308ms
30ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230613-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 187100
expires: 60

GET
H2 200 pmk-20220605.8.js Show response
pm-widget.taboola.com/onedio/ Frame F2C8 86 KB
24 KB 21ms
21ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/onedio/pmk-20220605.8.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/onedio/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 077a758c165eced3316ba482308d475ebebfecf3040daacf54558be0db9d19af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 8RaoF9DwyxjBcgKM6OBDbh1U_YlysD0g
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 26 Jun 2023 23:11:14 GMT
x-amz-request-id: DZRT7QECK5TNJTN7
age: 5151016
x-cache: HIT, HIT
content-length: 24009
x-amz-id-2: W/o/L7cS+NJrL0Lm/4+OteToJnHPAw9Hcn8dNdc/ZEpZUGAxz6dwRTf+U36cRd1c5m9slPuK6ww=
x-served-by: cache-bur-kbur8200113-BUR, cache-fra-eddf8230097-FRA
last-modified: Fri, 28 Apr 2023 08:20:12 GMT
server: AmazonS3
x-timer: S1687821075.540630,VS0,VE0
etag: "745d9593e177572ec01004762570e98c"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7757, 15606

POST
H3 200 push-notification-platform Show response
recommendation-api.analytics.onedio.com/api/v1/user/ Frame F2C8 69 B
85 B 27ms
27ms Fetch
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/user/push-notification-platform
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: de7713832e8617ed0535afa5ccf9ff63dc6b8bb4512664185a4b9e5d7f1abcc6

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"45-2rSfLWY0Uw0T3cV0z/i/mcLPZVo"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69

OPTIONS
H3 204 push-notification-platform
recommendation-api.analytics.onedio.com/api/v1/user/ Frame 0
0 26ms
25ms Preflight 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/user/push-notification-platform
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onedio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 26 Jun 2023 23:11:14 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 24 KB
10 KB 229ms
228ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=1213275644964237&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2Cmasthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1100x250%7C980x250%7C970x250%7C940x250%7C728x90%7C1100x1&fluid=height&ifi=5&adks=2332837411&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074550&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=250&adys=241&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ggarch32ybjt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=1100x-1&msz=1100x-1&fws=256&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d536f941e4e2b0ef3a3575d4d1e033638e63ba823d1c52001f635a8e50cc5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10178
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 23 KB
11 KB 290ms
290ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=1006095194883007&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikAras%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=6&adks=3485359229&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D1.25%26hb_adid_adf%3D26b8185d3aed36d%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.25%26hb_adid%3D26b8185d3aed36d%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074563&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=279&adys=907&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=y8whnzilto70&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=357x250&msz=300x250&fws=256&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52d9aafbcddc8ae466884e6dfd7915e39af35742fc0084606916540a9d50f1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10778
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 23 KB
11 KB 348ms
347ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=2325168040720349&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikAras%C4%B1_TopRight&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=7&adks=3569613027&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D1.25%26hb_adid_adf%3D270246178660a26%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.25%26hb_adid%3D270246178660a26%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074576&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=636&adys=907&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jrj1dvhjx3sm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=357x250&msz=300x250&fws=256&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fe86d7c6260a1348308c5fc2efa26dd3667d50f4ae30bb4bf9c3157a297655f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10812
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C8 23 KB
11 KB 322ms
322ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2803446206606070&correlator=4446577956636007&eid=31075615%2C31075685&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikYan%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=8&adks=1969900062&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D1.51%26hb_adid_adf%3D25796e7b1aa3d94%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.51%26hb_adid%3D25796e7b1aa3d94%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1687821074590&lmt=1687821074&dlt=1687821073100&idt=1093&adxs=1029&adys=1233&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=183l9kicf350&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ga_vid=550057870.1687821074&ga_sid=1687821074&ga_hid=1948183720&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea2dbc62b8ec4f46791448b828bf5b026d8ad28f87994e94bb874a9efe2391a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11034
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookiesegments Show response
dmp.adform.net/audiencetag/ Frame F2C8 2 B
246 B 41ms
40ms XHR
application/json 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDU0OF0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJkbXBfdXNlcnMiLCJleHAiOjE4MDE3MzQyNDUsIm5iZiI6MTQ4NjM3NDI0NX0.4SMC1tfOK3v649sBGDbZNaTlLE_E9L479UK90GsG6TI

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ Frame F2C8 0
185 B 155ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418147985044065&ev=PageView&dl=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1687821074668&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&it=1687821074333&coo=false&rqm=GET

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Jun 2023 23:11:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame F2C8 0
31 B 156ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418147985044065&ev=ViewContent&dl=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1687821074671&cd[content_name]=Kredi%20Kart%C4%B1%20Aidat%C4%B1n%C4%B1z%C4%B1%20Geri%20Alabilirsiniz%3A%20Kredi%20Kart%C4%B1%20%C4%B0adesi%20%C4%B0lgili%20Bilmeniz%20Gereken%20Her%20%C5%9Eey&cd[content_category]=Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F%20%3E%20&cd[content_ids]=%5B%221010878%22%5D&cd[content_type]=news&cd[content_editor]=ruready&cd[content_date]=2021-10-23&sw=1600&sh=1200&v=2.9.109&r=stable&ec=1&o=30&it=1687821074333&coo=false&rqm=GET

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Jun 2023 23:11:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 container.html Show response
697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5CD2 6 KB
3 KB 39ms
34ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:14 GMT
expires: Tue, 25 Jun 2024 23:11:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track
t.teads.tv/ Frame F2C8 23 B
134 B 48ms
48ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-browserInfos&fv=1210&ts=1687821074807&env=js-web&auctid=5d89926c-d22e-4a5b-8010-1e30b67b5e07&pid=128615&hb_provider=null&f=1&debug_metadata=orientation%3Alandscape-primary%2Cangle%3A0%2ChistoryLength%3A2%2CviewportHeight%3A1200%2CviewportWidth%3A1600%2ChardwareConcurrency%3A4%2CdeviceMemory%3A8%2Cbattery%3A%7B%22level%22%3A1%2C%22charging%22%3Atrue%7D&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 26 Jun 2023 23:11:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306200257000/ Frame 6E06 222 KB
61 KB 110ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 21468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61862
x-xss-protection: 0
server: sffe
etag: "bf95dc6813023782"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 6E06 15 KB
5 KB 149ms
63ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 21468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0
server: sffe
etag: "b6c1e0819a00bf67"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 6E06 94 KB
28 KB 150ms
64ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 21468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28873
x-xss-protection: 0
server: sffe
etag: "75041cf86819093a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 6E06 5 KB
2 KB 157ms
72ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 21468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5f86339daf79d63d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 6E06 40 KB
13 KB 153ms
68ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 21468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "bf1167c9eaa58b59"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6E06 8 KB
1 KB 87ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 21:16:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Jun 2023 23:11:14 GMT

GET
H2 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E06 3 KB
3 KB 80ms
24ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:28:09 GMT
x-content-type-options: nosniff
server: cafe
age: 70985
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Tue, 27 Jun 2023 03:28:09 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E06 344 B
474 B 79ms
24ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 34564
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 27 Jun 2023 13:35:10 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6E06 0
0 71ms
69ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBTX9EhuaZLvIIYfZ3wO4ubWwDrOngf9uwYrUs_IQn7yf7oI5EAEgoarIKmCV-vCBjAegAc7F3MUoyAEGqQLv4GmdP02yPuACAKgDAcgDCqoExgJP0B7oyyHLubI-4q_HEHm0mjPO4d-j9_6dkTHPyiU6fE_5GgHyDpMx2vnN085uNwlz9qjgDw3Fw-CsaCtkDYyx3aFowkOGpuXbWIbSPrG6Qe5gzhjYVZvVyLRhKggKYkhmQBQDYAIlNOp6iWSn2lx_rBUUvYUJAaaTbzFHkpVW-l-CQHqlb7CeKLPyZ46Wl3zHstbylsNdh74GMr3AEv7iSs8NYpd3Jb06xz7BVjoegXqjW87yHXaO6UPahEEuuQvJjdV_IwKojHgzbPOITpESWJSY6WXB6m-7B6mHxmxq1Xr62N5VGYzsrBpelYQUi_H1khJYX3LWLZBXEcLRjez12lNPbK5lu-Fs6_CG7LbEw6fa8dqr2BWN_a4f717zjLHfbEhEn5EPwY6Vx9E1QMrUakDKpBDFXztq8ErriWSo3OigaUfvZcAEp4i_naUE4AQBkgUECAQYAZIFBAgFGASAB879rKUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQzY0H0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDIgUBtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNjU3NjkwNzkwMjU1MTA1GMGAEw&sigh=XTTkDOArK20&uach_m=[UACH]&cid=CAQSGwBygQiDlzTDxvbsBXsCTNBmYMIN4LYakw1DsRgB&template_id=5028
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D128 624 B
577 B 90ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY54aR6QEwAQ&v=APEucNWVZbORZb3WLkOk5oveETzCkRRFp0lQhXMIIioqwCESnUCDW8lruitCYGeBeR-bs_Nmh1PMhYM0yxv-1sgtYOLg7ueI1zm7gCHo2RPj1_VZ8X5ajxVPP5TBLGa8CUvI2iYhrroyooecI74K4fW6pr50NQktLnCIr6PHsJTNOy_nM-W1Nrpl8tg8WhesdObirlAkq8lUoF5CFOAFQckbnveshY1pFw

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5CD2 78 KB
28 KB 100ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:14 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CD2 42 B
173 B 119ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAZjkOKQpp_YCiup5diM_gpvqpDp2aGSW5ZChbSutAAKRBpGiROsAGFmn4kUKFR5E3C48eLCVjNNO7ttSa7R-Qb0vnNw3yFE3OnGuvKqUCQAJvycs

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CD2 0
58 B 120ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=610331278590014482&x=1&ct=77

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 5CD2 2 KB
3 KB 53ms
32ms Script
text/javascript 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=64068332;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJTSVEhuaZMWMJJPt3wOi7oSwBYPg8LZw8u7ZqNMRrqjSiFEQASChqsgqYJX68IGMB8gBCakC7-BpnT9Nsj6oAwHIA5sEqgTeAU_QUXc2CH6xl-jr1Hkb_koHTlFcRsqUoY-BQa6VamwH62_V5LKt3herD02-1oAAOs_xdPwN4T24S1nGq-GclK-8nonJQZ-inay0YGKXOTxMhPJ3UhLbEEllVV8YY3f-nLx-yDyIF3W2tT5NuckyH_IObmXhZRN5P-jt9npxh6YER95qAGWvpXAmuYSm_4_3R89hGuSa1ucoIDo9tqs83dMWTTmZfB0jJF03GYwLXlFMk0tDRY4TuxewciBmN7boljNtqueKmGNMvuzXNd0jwl-KalbJRf7htcWvWLFRo8AE7_-pj7UE4AQDkAYBoAZNgAeAsYDWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOCmuMT0BMA2BMQ2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDv5iXYMquRI1dqia-puPfeSrzdhy95RgB&sig=AOD64_1cb-6PM_cSxeeidIPZVS1hQehgRg&client=ca-pub-6028767826330736&dbm_c=AKAmf-C52r3WSadklphjV1Eyd4hfTublmU-YVfwDifWvnZofKHf6wjG7FyzhVSmpIoPxFOpl3Ke4u4TVT1HQfNyB4XYWgM__zH3gl0CNCXm89qopdzdBr3KXAJsI8HUbbGyxF4RKfcEudxV0LQWvRLBIVhtzdLJUzPmsdNmiC9XcFykvlWyJvvk&cry=1&dbm_d=AKAmf-BNk-vfLrTf-nqtAXe6Jsu5fjB2OMrPNmHJ0DDEX5zjuDZKeC5lcPIj7V11G65MWbdewy4kZh8DexQ4rKTqhMH2UjzOOrL21bEhlFriGVhwXj7eOY2f4sbvdhohKgNB9_O3M9nAjllSk5Iq_FMy3pIy9O67Wf5JNLLPNlCP6hkNl31z8Pqgo0FxXUI5sSQu65Zx3clQhIzxxp3FGjlmWWjDih5yIa10C_YinWSH0l3y03FvYi8eLvi92bE583PSol-mWvnVPIqGJF1aNmlOYYeDV74J9Nlid2pX6gk9kRpb0gonnYemc78GD0HEqTPVQRAPfs6Gt6rrRnTG4339am8j6y2q5M0LWhuBw4C46-ur_vAUcXYx-jje87GyEAu5VEqo7xwAoc7bucrlombwitg827kV4TwtFjmZZwdHwXC2L5osVXRjnfWJNVd9MU0FOX3fmKw_SefKgktVfy00IcuFXNVabgtYRFI4ej41SrYHyokRdGD1KpM_nX83GF73mF6ThWVjfT91TMF_ibQHH6v4f81c093y8ere7XC86fkYKKJDvefe5ZfEjThT2u9y9z-HEtHsUIz2nXCrhx4XGndPSwKBF58fcsaJuAQP-LqXVbTrlX-EFT9ep9i-csDEjg6_6vDx8nXgi4TOupn4bSVk1J7JZhTziduenmKLNrmxPuDcOj-nUTPBWgKaMiC7VE3Ut52m&adurl=

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

69b89df9999b299b0fd479d7c0885b6675a4a0760494e525041c531d7b842998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2374
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 5CD2 3 KB
1 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 5CD2 20 KB
9 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 8395464388031192745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CD2 179 KB
56 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:14 GMT

GET
H2 200 container.html Show response
697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 922E 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:14 GMT
expires: Tue, 25 Jun 2024 23:11:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6E06 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6E06 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b50de1211aa305f3725c36a2d69bfcfe10b5a5d6a1f26ae644f9d7a69a3ab9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F10 6 KB
3 KB 33ms
32ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:14 GMT
expires: Tue, 25 Jun 2024 23:11:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 85DA 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:14 GMT
expires: Tue, 25 Jun 2024 23:11:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D128
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

43 B
766 B

28ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY54aR6QEwAQ&v=APEucNWVZbORZb3WLkOk5oveETzCkRRFp0lQhXMIIioqwCESnUCDW8lruitCYGeBeR-bs_Nmh1PMhYM0yxv-1sgtYOLg7ueI1zm7gCHo2RPj1_VZ8X5ajxVPP5TBLGa8CUvI2iYhrroyooecI74K4fW6pr50NQktLnCIr6PHsJTNOy_nM-W1Nrpl8tg8WhesdObirlAkq8lUoF5CFOAFQckbnveshY1pFw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D128
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJobExSXFwgZ78erpnNvuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

43 B
766 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY54aR6QEwAQ&v=APEucNWVZbORZb3WLkOk5oveETzCkRRFp0lQhXMIIioqwCESnUCDW8lruitCYGeBeR-bs_Nmh1PMhYM0yxv-1sgtYOLg7ueI1zm7gCHo2RPj1_VZ8X5ajxVPP5TBLGa8CUvI2iYhrroyooecI74K4fW6pr50NQktLnCIr6PHsJTNOy_nM-W1Nrpl8tg8WhesdObirlAkq8lUoF5CFOAFQckbnveshY1pFw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D128
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1

43 B
1 KB

27ms
26ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY54aR6QEwAQ&v=APEucNWVZbORZb3WLkOk5oveETzCkRRFp0lQhXMIIioqwCESnUCDW8lruitCYGeBeR-bs_Nmh1PMhYM0yxv-1sgtYOLg7ueI1zm7gCHo2RPj1_VZ8X5ajxVPP5TBLGa8CUvI2iYhrroyooecI74K4fW6pr50NQktLnCIr6PHsJTNOy_nM-W1Nrpl8tg8WhesdObirlAkq8lUoF5CFOAFQckbnveshY1pFw

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 23:11:15 GMT
AN-X-Request-Uuid: 14669547-fefa-4ade-b265-51573f64a699
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D128
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D

170 B
188 B

45ms
42ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 26 Jun 2023 23:11:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4558a2f2-2e95-41f3-a1f8-183abe2b9a8d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 6E06 47 KB
48 KB 77ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 235547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 05:45:28 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3639 624 B
285 B 37ms
33ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXgYYpsiInqXjuZs1VF573l5XNOFBNU2HgXwp3V5EtYE-ay7z0qYNuWgH76Uo_LwRKmkzXyVi2Ek9XcLqbvGCms8tuRq3h49FhLEt1RWMRk1GSX4yOSLhBnTTATavwl5V3QId1dSl4pDxaujfuZhaWsV4GKS_dz1P-amM5LKehfZsdETnVkTFqxpiT0wzgePYW_C4stqhuoFdk6vYjsDTfVyGINoA

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 922E 78 KB
27 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 922E 42 B
107 B 57ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBuS9RzBYrz1mMDe9il9whYTnTAMk5-jOqLeYhoIpewrBWudQsLHo-VIyasaatpiHd02gI8bBBCJ8I0_JqEQiQILyYX-V0A2G6iIn4sBopu4tJuEI

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 922E 0
56 B 58ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13718948736120257521&x=1&ct=76

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 922E 3 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 922E 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 8395464388031192745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 922E 179 KB
56 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CD2 0
56 B 55ms
54ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8635277492060&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CD2 0
56 B 55ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8635277492060&version=m202301230201&ct=77&x=1&cor=610331278590014500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5CD2 15 KB
11 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY4aQRICP4MmB1eEwYpAL_ldovZRwTO1GANNsVw7B7uu8b_m8Mo-IhtXw6X8I2c97Pj0V6bWa3bLpoJJvIjp78kfuqv-YWKxwX_RqK63Rh2LIZeJZ1fdUhdiQxKCNuAWOPHSnUyg60lc9MlGXUBYOCy5kxpNNPIX0DGcu5R1R4PP3yTqE&cry=1&dbm_d=AKAmf-B4phqKsjah-pAQxFJhVOPrLLCskOieA5g_Xk0TNtkbpnG9VmY0YkbMM7NZNxozLsNbtvXgGx6sepIDMZBLpcMrqgt8pGo8fTPk3DzcFWhrm9olJIRDXU6VaHZVSUcVbBnvwWgg3pq7GK9xsX_qTO0sHalcw8RPWvEtoCUwNCm-el6MnL9P0i8tf82FZBY5VQKl00vOBWdNLNRF4-FYmRwh_tkSUYEWalZ5yTRyP7iRAQvIBRqT-yVEyk86_yUUAuat7EVGD4ma1eIeSfpAIH7q9piVEVwRcrNI2tf91GeIkUaEPQtYWzOGUnwXblhV7cmyC4uewyl5sDywTm0WdjWK_ujyQbHRI8jJ4AnFiaoablTggrmN35jMNsvBQJ8_SdLfCwlLmGdMBUWACWJ5YW46iXP0Yu6aLjw_WQDcCn19EfKEodTBrRR7pGZKRXlx10q5hjc-rwIJTaOVo96Y6abrgmEWCZbuqVYofTnAegGn_A1wL9Lw9LolNV3Oc4_6eICH616hrbl0QlOJIiBx-wOjTZ-JeVg_31ZXdveOXrA03mUArhX9UWygW1p1EiVi8tw7ozqpvXHjkyNIxAjhCalj4J5Eab3Kv6YOJ-g9E8GmuRyDy4ie-Sg1YC3xhYtBbyb4llt-ai7NrEu8W7iRwxcqwHrTX1DweoyLZKJtVFNSlUXjBe6n5UAxw0lokwRsSesYKuUANkfMKuX1aYqjWSr3CWsXDaHa9B-qL83hgN9SBEGqGp6Zi5LzbeUv2ll9Fq3OYXE8NGfnIUhn-5ARIlrszl4O59rorM_EIK8kO40Iys0CSJT_zn3qsUoMkWxRRv0v6O_sMKQ-Nz1wiHnPOdE2WsZzgT-ayz_bdKC8nWF4WJoVADVnDXkJ6tOjD3X_qXYq9RkdcRbevaybJgKQ4VLJ28fCGATIQnKvaEqsTju8nnvPvb-C4sygCIHfLc_7BshSSs13Z8KNHoJASDaW6h2IMML3sKNg_v7opaAyAPlqdZigUx2hnSJq0qI0bAxu-sgSy5GYMl8bCOgARpm8v9RXS6MXtMeYyPC6beQ_hdKivbKBUIbgL0yRZK3qVcw7hdWYiK7N8eKu-zarMid2KPlY210vFq9VV8eMRaHwJeD0Bada8LMgbZi89ql7UZsm5GZR4otBNRVxuzFumnkIjiTjlPyJOw71OQbWDGyIdSnNppKAjW0ru1pLYk5vxVqq5lZdhVWiIpDTYYJIlgEZ1D7xS8JBJ4i97U0ZilULXFJll1sOfBrS99Kv-ks_KjvXa2uFlg4Bei1MlG47RG-uecqQkdaStVwhJ9a3_fwpEI0SdYOZQ22LdQMjyl9j-Ums3pDnmV33JL-dFmnxIrNNHNTkytQOIbALq6ycn3LMgupd7NnyJLIG2OW0OTivaw4CjTYT9tLFwqXy79ydlo4B1C37B69FpFfp1XOKMgvICaTjb96210eJHZcDGu3b2i2U-BYFCGoKGVd5icxGwtgHjxd2R-PSJzVQSAgwzm-EO4lzk3KoxLOBF_pvwh0DwtzmS6kZWlJwARyXq2qp4Xy6eobGFTD9hh06x0JRSULDxgquy6o_-p0IzBh99Ij9EppmZFxB8eeJHjMy_cmeTtwWpEC7nM0k7UJRmhEPRQUJ9o_ERKVJkg3OIpQcW3J5ArZyUA5JNiYlNkUxBcgkAqZyoMVzDN-cI7kIemBLygfBHvTp9Gr3XBwj0OGkG1QqKWch-VPP42dxEv0-agA7rjdi31iOEja7iowS17JSI3Ou9bu2wayzdw5JZWfRMBtI_cfWWLGcvpmwwpKhL5R-M-CLQBbnW-trhGKsWvz_Qr0CIQNG30bGJiGH7VcTAUbWYZvjtxcdISPSnnzpv1EXpbQRU2hROithmulFArR-bhJ_sScrVCFy6nQgpvTbAoYxnlD0PrpsnYpM5aivNvvhC9oLA8tsICaflXCfREs61ORb34m_TVLZFyVszO4o3bJ2LoXJ6TN1VFn4c-Tt9jTCa0QZFSBtlG5dDGY8GMdVV2nO2QKMT-IJZtyojSrQwNn5QMAaEROhGrwcf-jWZHQHjdz0Ve6F_EIrBh7xUDKEn0xIQvM-hzbeRLbOirpLOdUjO9DkIL3uG1B3FvjzdF9EE3uOqFJjqJzS8Dsiiu4HSJ67DuBpxs63FLyImLn48g5UjS7Pog-S_7M2Kkdzt8tVaU_Za91eX2-7Gq-pCVXzaE_VMLFG2JDcgtZGbMRGRxQnhMOR5rJt_omhTrKhXGv57nsjwh8GP1VMcIvJkVlrjDWj6L0YjxK1Df9g2mOI4Tl42N9nm8Ssj5OsYzwsgNgZg5iNlfpf_8FPzcMQoNQCZZh1_1iMMOBcv04NcinpJFfjcUeGNH6O84wx3jzklh7dEnqrXjCTdmKG_iNyckJfb-ilbsJfJF17by-Y-QhDOeKfqol1TT9SOtXE6hs9S9nQ_imWempOtq8AChkgYRDR4TOIODo7anq91QPNGZDxEMkkmMJKSjuf888GultsWg8zVTr4MSBivPKEZHtBlOj8RwZMnMzWgSwVWGqXMnS0bmapjtX75IVe0QL54pJKVFV9n49wJAoCJOlMx4cyfW_hYnr2u87v5F_YOnJFMrG9mgS_pZkXDXHLOWLSeo0WYkH5vOi1eT9h6iQQfBnP1__MDO-ds4Nd3zEHKH6ZnAfiSl8ca91zl_O9pC6eVXHkHr1bczUCe0V2J6iLlwPT1lOHtcXh7Ge2d7Lymd1BSyVBPZQ44lzL1EWjiOBhI6gALnm5ryTOAFWsgKnpselGLjAKhQVHgMRfLMJv7O8af8FNNXaGJntGU37e76kKu1VKgAeHQXsEw4nyOMlnAexFCMOrvMxFOQGEPtBJodX1NEHn0P5nQn4h33z3zz0kUmIeWPbsv6_PJKo5nrGPUY3JNkCX4Yd_F7gb3RasMPwqrOmAh4sPipuq10LXd2Ji5hCVn2N_F3nTicdEmqjaHTFrqLS-OtBA2a5sDu_Cx-43zzqyj61gYDmNxvg12hporW7pJKHxyMhZIiVLtMC8iNtu8BfALPHVi1oX8NdKRjinF9wv84aX6D_uCKRl540FSr_RCd8riAuyfjgfJL33lIR-0ZMTyxHHpdHtfINbKNJRb11Cd1otdy6z2XdM5_vbFJenklnSI97r1WeBHuz1zDf80YJFIBE0jd_b-9E4qUxG5I63XV86wK-lBDoi8SAlfVfRaIzQKV2LoyiTD4yANjULuZOevg7wiWeCzPZeuOFOi-EEw-l6bpLxTX1vM1RKPkBTjNTjen7ifMsac_iAcXqSp582kjJ-NLxbPUhyyIyBOvpsDnlguIGLr21hRC0WtdJlFXWF9FySUOe9Cg-mg22m9MzGZo40zWZJ_H8VOlZfX-EIy4Q4QXG9W45Q3d9_6cPfCZyRd5jWfZtyAdmQDXmxU2_ivvSD_ZsWurziN_j8JM-NSms6liNKP3TBEsr1zgAP62-lzqD56Hx_rRw4HtGWMvJHJhzPrlRvYmNyp2Ljs3lidya6yEFbvBg-edoCL_5V9PIJt_srMYVU6fFA5WO3Yr17rG5CveKVX7C3Ue6jgqej6GIl5judoy-lMsUP&cid=CAQSGwBygQiDv5iXYMquRI1dqia-puPfeSrzdhy95RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=610331278590014500&adk=3676778483&idt=120&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2ed8b1df83d48a9bfaa342d71eba6f7c23c6c909eecb1cbf08198cc26f55d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7DA6 640 B
262 B 36ms
34ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW0LjoRNL6PJyChO09bzfjlRkyii7_QfymhuG5Ds9RYoz1M6KU27RfSw5Uzp2owjs3FfTckVX2EZ7iT3n3IZruHgeH-9zyBd2E0k0npAgtRggmMue-ARTQYxzbBwuqPb-NlKAF7bFKcpWuwCIc4nDxI8AzT3YUWiHRbSoZBABmjRNV-QUiyQanGCj_HbSnYdgcIb_Q-NiQviZ-xvoyEqe11BUiG2Q

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7F10 78 KB
27 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F10 42 B
63 B 70ms
68ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dg6wz_KxwI4pECkCFYwq1VQzkf5pMWd2ZnqyHwPRNLYFqVTwT4_Em-fyNjqDI41MJaCi3w12oSiHWpkaOKSB3gxsz1Qh116gVCqR4KiH-gWWdyrNI

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F10 0
20 B 70ms
68ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5475442731296184041&x=1&ct=76

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 7F10 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 7F10 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 8395464388031192745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7F10 0
0 99ms
25ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa1YR285350OaRk9KKE7y2WB3aLj6g_JAkRIkGZcdIEne8jnuLYCGsU0egr6ezREA-Xz05SupqWrrP0ClkFhRez-GBxw
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F10 179 KB
56 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74FC 466 B
235 B 44ms
43ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CELD8y-QCGKW_qukBMAE&v=APEucNWkWhVfG2Mb2qGXrAOZwogsxxhRoGYqlavdNVN0vPvoyRMMhQRL4s6UtKlIC5uNboGiZ6LRVsiFefNZ4IIaBOWmXqhv2McBS-XiwfwfM4K78A7kRWMVDP7Ks6gQJZDHWfA1iqE8SnFJNMtZRyXY_Y8sCAVM92PxHStDGaAKjBSviK4UPCzh3p_3AopV1-EZiNJa1f34SLpiNXLO3PVGhca5eN9qVA

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 85DA 78 KB
27 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85DA 42 B
63 B 64ms
63ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOoyOn4zZpgLTrsjqFtnHhwRBSsJU9ZwrDYthDPZHpK2B4xR2dqX5n_eQetNvdm5X21XyafHbJhv6JyE5Jmw1ra8ItpYWqes65cvR1NwW-DSe8m18

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85DA 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2597558365005991050&x=1&ct=76

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 85DA 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 85DA 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 8395464388031192745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:33:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 85DA 0
0 93ms
26ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_CBnnsy_PObLTlEvMlVStThsv2_VWpoLFx6abKZR_4lldlU8QC4ZuSQoV-seoJk5fN0n1W7ElK79WZMxJzOylsnW-5g
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85DA 179 KB
56 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3639
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

43 B
632 B

26ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXgYYpsiInqXjuZs1VF573l5XNOFBNU2HgXwp3V5EtYE-ay7z0qYNuWgH76Uo_LwRKmkzXyVi2Ek9XcLqbvGCms8tuRq3h49FhLEt1RWMRk1GSX4yOSLhBnTTATavwl5V3QId1dSl4pDxaujfuZhaWsV4GKS_dz1P-amM5LKehfZsdETnVkTFqxpiT0wzgePYW_C4stqhuoFdk6vYjsDTfVyGINoA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3639
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJobExSXFwgZ78erpnNvuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1

43 B
632 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXgYYpsiInqXjuZs1VF573l5XNOFBNU2HgXwp3V5EtYE-ay7z0qYNuWgH76Uo_LwRKmkzXyVi2Ek9XcLqbvGCms8tuRq3h49FhLEt1RWMRk1GSX4yOSLhBnTTATavwl5V3QId1dSl4pDxaujfuZhaWsV4GKS_dz1P-amM5LKehfZsdETnVkTFqxpiT0wzgePYW_C4stqhuoFdk6vYjsDTfVyGINoA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELm_JZIc939AaaExQrXAvXE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3639
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1

43 B
1 KB

67ms
44ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXgYYpsiInqXjuZs1VF573l5XNOFBNU2HgXwp3V5EtYE-ay7z0qYNuWgH76Uo_LwRKmkzXyVi2Ek9XcLqbvGCms8tuRq3h49FhLEt1RWMRk1GSX4yOSLhBnTTATavwl5V3QId1dSl4pDxaujfuZhaWsV4GKS_dz1P-amM5LKehfZsdETnVkTFqxpiT0wzgePYW_C4stqhuoFdk6vYjsDTfVyGINoA

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 23:11:15 GMT
AN-X-Request-Uuid: 083150a9-39f3-4ecf-89a4-a4671d72bb0e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJNVp6y-nbmwxGDLig-Ebzg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3639
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 26 Jun 2023 23:11:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 114f51b9-4dcb-4c7b-8082-58785133bbe3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMzMjI0NDQyODI4MTYwODY4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 922E 0
20 B 67ms
60ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4530300537440&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 922E 0
20 B 69ms
62ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4530300537440&version=m202301230201&ct=76&x=1&cor=13718948736120257000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 922E 91 KB
37 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-1QfYQcd601PaO0xje8p8UiVfwG4wAhRgdk5jdBsQSr-MT9SQ_UH-P2qIjjnayZuQ9sHHD5WVzJqqmIHiVS-_8KcMVXv_PPXjEnxivxFbaubJlaM&cry=1&dbm_d=AKAmf-B1aXxu6GhhArcrS9pKElOpw_05MYvkyvynPg6uKWUFVX_c5X7zUGF_2elcBm7x1fWVV-fd7aseuQ-mQSjzKM0ijj-22XkJOTWcOHfT_8nU4Z15SQGfoJpZHgTW-DIJGo-c5ean7zjyfbtKHpTagCmLRi9EXyvnieH3g2scIxfmCki68uxZnFArzExOsg_OjusdcGZ9sHI1gg8B-a606T_BJ3lRTWjwzNt8JvzrBWBb2462uv3pke_NHdVKkWlmQZQZN1CjEA6_CiN6sw4Fp6LDpGvghxfz306ApLAYkOTg-bE6GS5ZFW5PMbUu8YLu4sdbWhkO9wTFQpHBDdmDk7K0LnFve6hZPfqpR5RBxx59HR6hcsSIwc-QChNB2bX4Dk3HjNduhNK-zfXmulTI3wyFrHQzQqnsiQvn2eViD_aB0y_g_-lCKhl_tZzBHqM1stxZdM4nHFbQs3ZtV_yjGc0mn9AXOn05OzWTNNotdQfcQXXK9TVopsa68oj_dzh1wXZysnWO2IzTENAnQHauctra6opWl7qe914KBREJod73cLu1j3MuwN2I5NUzIQ45wigITX1-P5MmdSzQtQT7cLAOWh4SDiZWtYW1-D8kv_Bt6GH4BPJxuA8hiZbn_HR0O2D2BP0VoCAFhKBvc4Hidq4AOgyE4DhiyExNr8NIRAGspx_54MkOe74BRukDPmmFLH-ZWXbe-IiZwviDJSKCcl1L1DMii012mBfD0N-yIwHJ6CNo-Lohsuz11zvt-FwP-R-JVE8boiwgroBLX8AmFmQrd0pGXAv_fsf7J518ZvMOIZmjYacOZxbs1dOoMieOfKpA3g4q3u-6zj3-QwIjEy9SlDyjr9JnBcfCvLKadrGnzn6Fv9KxlgailR0XH0q_RTr17j8ElL4lgZ4RmAqpn-z0vBljdEMA3mng9CHORU1TznExKrCxNj2con2J8lHGhrymzf58IFK9I-OK7-RRYrQumYpSeXjgw7UTjnaAbNFvKIQ0A78nuc--MTX4Qz1RbwHN4-i_r5DOSSaGY1EhqBRDEejesCbu5AGeT_mqzWygCtWKrPKLJDenHD8vOd5Q9YCOjDEgCvUWcG6FgIWV5MR8S6OihYE_t9fAPa7d3vUZEb4SOQEbHbAnAU4mYxZ2AGw5k1-kEq_On9yJt1DCoVzG6FMgVielxmKFxo8K4YO7GF3jR9Wl93opJmTREShV3bDcKKSQMFhFKPXjDukDoT0wMPOFZW4KcGl1rGb485huwSoL2d6KznDVhBUd28Bzza4gx4HtfL5VkBIO5I-WvdEz-bYex8p920m6oW7Xn2YLz5yAK9N08yCw0X8_IIv2D9tMVCqQ92-9jY3rm0U4UZx6DFXNRSVva3YB93Nx65wXaapU8dE6k3zRJwbmXura-JR1rMwqPxZINM8gjwq1nGmkdsHNT_VBo8PYzaUNUK0JwUUYnRQ6usGDfhLVt4Sf5S2pZYPZJnom44Pmcl6qA1KcUikngpjA__5T2WDXyRexePvpeiaGKoGOvapTbhDChg9yLJm9v5aDV9HV-4WP1UbMBlFjYxr-yz_SidvpX4LIlm4BccF8tQPilnmnn_zjciuF3xxyRuK2wmfovL2mlaQBS5bv7LLYaq1CmTfuqPefcC8bK7r1Rtz5R0d4ifGHlMV_8l8eMeZAGrzsFiIvohv5l_Tr4HfRO_geNLeDGksJ28-gy2GAW1fVgDAYKtWXE8EXW7CtECXDzfq6IHx7FE9wNjy7gn1dVrh0AczYZxC-ajthM-40WlKz1BaggqUqFjxATyOHKjpMQ4ZSh-z48IGBysjiKv0ZxUlewsyBOv-iqIoR0BcWzrAYYMWJ-ISXKxvpiiWamEclp5ivK_zVMV7NQk3ZpCYwkB8PEwOWDtoNfUsnSMrLp9GFTFxxny5cRGE_AxrS1Dc7knN6CWZx7nERHNC2dqF9XL0JmlcNoOuaqcwqdtyOuvQA2ZRsX1lUHmkUCwMYfemK0r9cxjwXsqXeW7VhuM9FqhnLYFmJFJcxBapjSA6s_8Xf4cXb8yURBlb1dgRnJzhK5CyWbaDX1NiXVFYp2fifdlYXaCnof7A-8rOSGYH-uKwYB9vqslf-u2AIItL_V2qfN_2CADBBW2FaHbRmEzRwbHuNzBQrj6y2xABTXEWlKXvR9bOI9GX8E3MIrKRmpZRKL2Uvru5m5bT84s0EEOuASXiqWkwxtrSUuWQ6KEiCAOzo8enOYlnEPTNdZDLYJVapxXwVujmbCMGXgShKz2GRzftGmF4MFNnZOLTNcAGmDZbaOxQf8yXf08FJijFiWb4ZBlqLDMwBAuqKDUYFuVzTnwmTY77Xx-kp-gOpL_VBKYPWYhxk1A1tImP70dPdg7Kmghaj6q-QaysqMmISZF0PKYLHhrX46cNGTDmJ3Z8Tyyca5q9hHBlt7pnAiJHcU5bvpGFDAfz6zpLwgBpXXicnK02FiuXzZiWXqUCuEASFMbJbV5aaMkv3IUVmx1n19cy466lOkGmeGJmOf6lvKhu_jYi5XPKTghWFn234PqnHtgbrBMFy2o-Qxt3ZnCIel2mNWK5QI3UeZ8y6SPu1WNG0w-0j5ScrIgMnUrDffAHUgQnovDU_z_j1YBXc4lMKvHhdRGHamt6f7E2kR3HZgty0ThVzNNUgFuyUpd6s5zFeViW1Znv0YLbEXbR8zWeqOQ4HNvJwhHz5YbzqBTA0J2Kd8wsK3M79OsTbCeC23yBmlOPrnWxwpcxx8vvb1F0NpD5q_X8UgtrCHVwjdARxTUR0E-EHAbyaFgOwy_W6x-Z0O88mG9LYVbMvVp-6Jp3MZVezHzoxiJ_Mk_y90bzK3oDp3hKHimH9846Mc6c3vXn_-kpDBBGj-c7iCbVVb5fz9NcjZsY75ta0LVQ5M7t_Ssb_iDoRN_ouC654oKk0W-25dAgxHrKxb3he_gool2nJY7q_5mboSFW8Frd1j9_jmMMCiWxKRYFqrS65XzM6oFDRBTsOSm_B0BfYKjD7SfCfP-7MsF6E2EMdDcB7qRuO1jrlSKTrcHdR-d1rSnETCx0fVp2NUJ-CW5T4o9hAAP57IhRzOQTYcNmX6RcYiv2OyFds8_5G9eKvlc8eR4IK3P8M4Ukn3LHu_dJC9RVZv_39KhCROv52OLnZbGojvQ5RQS-G23DJFvbhQoVpPQOHX-BlRU39vKFPfbEc9UoYeUX8xb3ez_O8qGCl6yOKQeITI1_ceqgcF3Ow_bV-Wz4OIfzVZZWzDoVAUNGNfoX6BdCzw73JKvxjQ7SC6f0t9KJtxzgHNsqQhryGygmNNg6Wqg-dcVcHUxgM69DOjnsQDijjQCaH28-jhyVYdlYjtVkoW7PLfHcH2uzE_puzdNgOylGDcqx9BqqENtGKhqnySWOHGTnKO1-nEBPbhh9jgg0QAoFshLdaeq5k9bDQhOq14P6UTzdegx1KJQHF5_qthrBIgSYKxW5l56VLI8OMU26hUnR0xP29OuUS0n3gcCv96ElGBJLLI8yA5qF8A2d_HIG-SD7ZWRlJWk5FVttTGGKkjyv7xn-aw491MieTAMreQDqiAsCCyWKiUgBhKl7ih35XnYaiSbVnelS4_TSSimfEK0w9fnmGCkHag8RK8tCLuIU&cid=CAQSKQBygQiDZtO615x0o9vMVTDtiVc-lBjug4PW-WOtNU8KDtF4fBuY9iewGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=13718948736120257000&adk=754613069&idt=51&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

828c60168c1b3950934efc49f15579b24f77907a9f574650890dffcddb963cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37579
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7DA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVpS8HOoi8Z-ARZA3ePvA8&google_cver=1

43 B
114 B

46ms
39ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVpS8HOoi8Z-ARZA3ePvA8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW0LjoRNL6PJyChO09bzfjlRkyii7_QfymhuG5Ds9RYoz1M6KU27RfSw5Uzp2owjs3FfTckVX2EZ7iT3n3IZruHgeH-9zyBd2E0k0npAgtRggmMue-ARTQYxzbBwuqPb-NlKAF7bFKcpWuwCIc4nDxI8AzT3YUWiHRbSoZBABmjRNV-QUiyQanGCj_HbSnYdgcIb_Q-NiQviZ-xvoyEqe11BUiG2Q
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVpS8HOoi8Z-ARZA3ePvA8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7DA6 43 B
304 B 90ms
30ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW0LjoRNL6PJyChO09bzfjlRkyii7_QfymhuG5Ds9RYoz1M6KU27RfSw5Uzp2owjs3FfTckVX2EZ7iT3n3IZruHgeH-9zyBd2E0k0npAgtRggmMue-ARTQYxzbBwuqPb-NlKAF7bFKcpWuwCIc4nDxI8AzT3YUWiHRbSoZBABmjRNV-QUiyQanGCj_HbSnYdgcIb_Q-NiQviZ-xvoyEqe11BUiG2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7DA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEL7xz8tjieBllGWzmN8jPkI&google_cver=1

23 B
163 B

47ms
46ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEL7xz8tjieBllGWzmN8jPkI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW0LjoRNL6PJyChO09bzfjlRkyii7_QfymhuG5Ds9RYoz1M6KU27RfSw5Uzp2owjs3FfTckVX2EZ7iT3n3IZruHgeH-9zyBd2E0k0npAgtRggmMue-ARTQYxzbBwuqPb-NlKAF7bFKcpWuwCIc4nDxI8AzT3YUWiHRbSoZBABmjRNV-QUiyQanGCj_HbSnYdgcIb_Q-NiQviZ-xvoyEqe11BUiG2Q
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Mon, 26 Jun 2023 23:11:15 GMT
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEL7xz8tjieBllGWzmN8jPkI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7DA6 23 B
163 B 72ms
46ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW0LjoRNL6PJyChO09bzfjlRkyii7_QfymhuG5Ds9RYoz1M6KU27RfSw5Uzp2owjs3FfTckVX2EZ7iT3n3IZruHgeH-9zyBd2E0k0npAgtRggmMue-ARTQYxzbBwuqPb-NlKAF7bFKcpWuwCIc4nDxI8AzT3YUWiHRbSoZBABmjRNV-QUiyQanGCj_HbSnYdgcIb_Q-NiQviZ-xvoyEqe11BUiG2Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Mon, 26 Jun 2023 23:11:15 GMT
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6E06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

43ms
40ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E06 3 KB
3 KB 25ms
23ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:28:09 GMT
x-content-type-options: nosniff
server: cafe
age: 70986
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Tue, 27 Jun 2023 03:28:09 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E06 344 B
368 B 24ms
22ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 34565
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 27 Jun 2023 13:35:10 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 74FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFWbI44SjIKdmoRRfQSLSGs&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFWbI44SjIKdmoRRfQSLSGs&google_cver=1&__user_check__=1&sync_id=bffd381b-1476-11ee-b31c-1ce730eb0306

43 B
548 B

30ms
30ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFWbI44SjIKdmoRRfQSLSGs&google_cver=1&__user_check__=1&sync_id=bffd381b-1476-11ee-b31c-1ce730eb0306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CELD8y-QCGKW_qukBMAE&v=APEucNWkWhVfG2Mb2qGXrAOZwogsxxhRoGYqlavdNVN0vPvoyRMMhQRL4s6UtKlIC5uNboGiZ6LRVsiFefNZ4IIaBOWmXqhv2McBS-XiwfwfM4K78A7kRWMVDP7Ks6gQJZDHWfA1iqE8SnFJNMtZRyXY_Y8sCAVM92PxHStDGaAKjBSviK4UPCzh3p_3AopV1-EZiNJa1f34SLpiNXLO3PVGhca5eN9qVA
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 78
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEFWbI44SjIKdmoRRfQSLSGs&google_cver=1&__user_check__=1&sync_id=bffd381b-1476-11ee-b31c-1ce730eb0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74FC
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmZmZDM3ZTEtMTQ3Ni0xMWVlLWIzMWMtMWNlNzMwZWIwMzA2

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmZmZDM3ZTEtMTQ3Ni0xMWVlLWIzMWMtMWNlNzMwZWIwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CELD8y-QCGKW_qukBMAE&v=APEucNWkWhVfG2Mb2qGXrAOZwogsxxhRoGYqlavdNVN0vPvoyRMMhQRL4s6UtKlIC5uNboGiZ6LRVsiFefNZ4IIaBOWmXqhv2McBS-XiwfwfM4K78A7kRWMVDP7Ks6gQJZDHWfA1iqE8SnFJNMtZRyXY_Y8sCAVM92PxHStDGaAKjBSviK4UPCzh3p_3AopV1-EZiNJa1f34SLpiNXLO3PVGhca5eN9qVA

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmZmZDM3ZTEtMTQ3Ni0xMWVlLWIzMWMtMWNlNzMwZWIwMzA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 38
Connection: keep-alive
Content-Length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 74FC 0
125 B 244ms
25ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 json Show response
trc.taboola.com/onedio/trc/3/ Frame F2C8 69 KB
20 KB 331ms
315ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onedio/trc/3/json?tim=23%3A11%3A15.268&lti=aa-test-vis_var&data=%7B%22id%22%3A332%2C%22ii%22%3A%22%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1687770174041%2C%22vi%22%3A1687821075265%2C%22cv%22%3A%2220230613-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A11897%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22vpi%22%3A%22%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6009%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5178.828125%2C%22mw%22%3A715%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%2CBelow%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22aa-test-vis_var%22%7D&llvl=2
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01ea2cc15fb800694f9fe0f871ef584af8a2512f018ad1e24c3d900418e36ab0

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 292
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7815
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230097-FRA
server: nginx
x-timer: S1687821075.296611,VS0,VE292
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F10 0
20 B 65ms
64ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=818117898333&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F10 0
20 B 65ms
65ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=818117898333&version=m202301230201&ct=76&x=1&cor=5475442731296184000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7F10 91 KB
37 KB 67ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnUp-pKxTBEpadBtNbtsooBSmA5VFCUetNZlEtLJRtSR-R62YSH7szwiM8VnIHGneJsk7qfQia_2KHBxdZioMwaR1ymlAssXfodcCwTlbik6nu9RI&cry=1&dbm_d=AKAmf-BOJIw3DAP4hFeqhyUMM9EkgI0l2XhCPAWXbmHecY9TwsEaNQ1kJ89F2A7tXr51rNfPubU_tnjGnFv7U3Zw5vsuSY3m-YVr-MX8aMgL7zKwrWLdr43X2QTvi-OmiNO4fZL5lMw0ahd07XJEVjG3vBuaPqobAr5ez9ASSiO-c98IQP60bCeVaxqxUtoefmCTeWCUk1nMr-AewIfZOnOjS9ejcB7pVlPHw7QDNBIO_QssVYlroDAjiNmkPO5uYk9SIPefBZzcE7r60q1CRnTgltmz9K33H2UHEOLgxsR0rhwZTUV7Y_gA2Q1keJwGOUfaQHsaumUnDPSOnyTR6vObt4VUU3HkqEymRF4SbY4RpI45nvDg57AmQir_CKO0K4le-GbP1RSd--fQ11THb12UTyqMT-spwqIV5pKZ8j09P-zmEvqb3O-YtHKfB00g4Mg7e2-eSeDZyiKeg3qm9hCCy-uYfk_gJgqoyaEqRYI-daKaAZVmZg0ysMmNs_mRnzUs9-Htar2aM5BRzodggm3WV2HZDLEFatstc-I7V9f7DWCmYqpScF7hWaleO7_TqEYyPYN8mMe21VYFy7EJM1JfTIaHWEHp4SHImzo8JaRfwoDxTTB5-06A4NBRffcxWTTp7PTudV5C92FiR-BPj_DgkrNeZ4rWPFx5T7k-lbqde8Xa80rNt0SBVobkYgQWpX9Y4AK8oP0JY3UM9FsMMH_DNExCtxrOv5OpaFhnQlO0RNA7xM2uAq8bCYgRThf1Nm9MFiEDJdTB3sLVY9xPcSygUAbJZlhMJQ51gZOPB9Nvb1XGO1LSphh0XigHVc2xDnuryuY_rYf7EBfCYGDvheIG8Vq6hFaqQwPMrA4pDuFQHApQAAuRAn1trFZHaDhucTG41HS6bL1-9BVFruF7hcZH5B3PiVGQ5UCIPrVqlQ5ukQcyHjQd9kcpmoDpWlQ-h-rdeumgGJH7JkkBz3LeB5DILZYsse3hemrYcfJuve4z0PhylbubDsM4Oqo5Q98LrM-aUWbmOVU7Pcoisw_w198QA2X2xhtBiAmLba8VLXokiWG1TtBw8AKvQgzSlkCaBEz6PrsW5Zy460BkraTs1VgDqwN2lJ9pWeVD-Y99nOMmKHGlrWrDts8XOk09aSH_YktA7UAEXYrzjZ-Jb3MnAdlZ_idHg2XCTKdaU0uj1LIEVq-mc2b8Y83dPKtmqWj6fU_6NGxGp_AuCKIHVRfY6vd7TiR54RKOijeJBqT4skJPnmc9HRcBI6MSX171eEn8zZkyBsOcGtFijhOuIPbSL0Ann92JNI8a17JirNVvzLM0fIqsKqK-QXSqFqPHa6Dr4LPRRAhANppsKl2YQmeoILFcFe8Pbma0avL-W5ypzRiP5FioaGzkTki5XdHFr2oLEP6guVJPQesi4NYlsU294stZhynrHnonCuf3WP-nZU3m-HEq4RwWn8brdf2zvWHNLrNryWV_LR72VSqxMmGrdpWNDvyaEUqbOxRa-PNfXtb4VOuUn0bZx7MUjnoonopju0iaJdmqh1ZYKazRp16WYoxJ9c7BVdCE52azutFANABY66TyVRFP5dzW6O2qG68J4sWiAMADD_4grLP7pluHGr84MRhKECap_pqLEp5BB40-DD1m4TgvjuhWAoJo04rAF_waeibeQseKoAG1_wsIG6YzUUWYDxqOiZaj8atZ_nkjiNFJ2WKrqDsYWTnajVKoNa2EBPZMQ8ogSC4KQHg9G4MxbHGtTO1htUNbKRPF1D0Wmfv6OosnaYNWK0nMr90HO1URo4NUXIMyuuWgJPVflYvRSqfS7lbnvaCul2JX5VuZ9wvv73jjwNgdUJXJPOrJ8J-iD7u0LLK1PViboAZTX14EE9zsx1ThDQw68opmpGkGSfk3euV5wqPJyEf8c_kQTfe0i2kQgHnh7y8R7tsqzzOnY9AIEhVc81bW4Py4lmrvFyxyNX1zPSARIr_vQ9Y7wDU9yyoB2bYjIxGZPV8FUhUpu2wYiz-HEGQD5KCTuuJA210piHQP4uBidSyOm-zy8Nh_oX9jzN3uL-54hFK2DhgIi9mjLkkCFpnuS0rTB19JRk4RTfpkMORvPI7busHy8K5mz9QfZ9-WBgZGFJUMOOt7XMDwtonVe99YfDIpCxY052dBsmjyDT8b4zylOaTfYrsOyFskpesoLbhfoH0CdIdimFnc-ViEEnQJCbRN-5ChgF9BM5w3DIe_S-3Kxo6DDQsANezc_2lFxOuATxUihxYx8a8MRNHA68AMQhY8g90wVqoSSRyA1gub9XNYufoCY1ECIMjRkXPcCehz1mPZf0frTqBecOxA7sWtYGvNK4Khv7aYHojYjQ1eop0jFb1ZKqgr8WE1EI34WatZxqP2cS60h_GMX_HGd1a5CqWrhV11O0B-jfPmz3LXQKKYSU6XvChuhZmIF_0vfAefuI4M45J38HzTIMr0whSRiG4W58eWUy_itmRKDJsNCxkrbSv-dWIpt30Y03moKct7aat4WdvC7evuJ9uNO3uGr2eB97R55zTv1AUtkVi_i_GzCuhoJbZXc2Y-P3BjGKyNZeiX6MrWTl83G0JbNKkCURTdittRvEJaoPHpSCKd6U9dr5lxRN8PujtkzWBKXKBTA-JFCKkZI6vAaTRTB3JJARurdDVzoKPb2Y30SCODzd81rgx1DnAl9cuWVwaNKMuRZknwHmS4JK9mJQvtXIgRQP5ZAAude3IgqsiTj8eZapYAbx8aXTIzDvlgblNOHJmX88tJ-ZMYYZ2bVznVBFB43TVnjW0mW5_ZIhzG9PqbUZPIgUWxuLI9lCzAy8p5Zqd24Pi2uqgpt6PGAWt8425vZQvd7fwTlp1rna-Eio86y5Qql0Z5bM75vj_4j7fYy-4VlGPEKAY-mNDbhHSCLWDJRv9DECPo602EKLHDTuHBzECck5c79PsDTtZG_fS-0AcIY9aNHHerR8fruWHKk72YqdR_F664Mbr9k5CIi_h1U-0LL4KxVyDJXz-nP3GIq2R6sXqfytOaKwBnvKn8h7md5svjM90cZ-H4FJzfG79xtHQSpafQQ47E0dt6ncyNogEfpscHi6X5_NfsjDq64ERFYZfKn9OorrQyd33rJjqBt-vhbNnJRTq_5kzNjoVWi7hijh46vF6sJNTPq4CeG4BknPPiDDumgTsoe7dDdX_O-Y85rFUBdaH92zvw7mWR_0hygIRDHTe7SV6NWxkW7sE8OzVZpW2mzDup3W0HKsvK4KYGCKDoNezRWrHsFtb9CFDQ15kZMSSOPYePRWA1H_j6LAKqDpSYYvr44UNebdgNla2ykw45YEfzEng2rQrBdyVSOPOI22sT63OEpVGWbCB-JCYdCQJBp0LORX-uQTlqKsAF07BYswWTNc_ZcWb5dOp6czxul25tx2-shusgY2JSCrZUxy0DwapzHpgL2lwLXKnaCOJkwn_C1nP1UFevhdc0EulFdDs3ushaVC3VBR0-BR8HkodMMoxLavfI8H_MR3CIx0p_m1wg4pGYtTRPOGHSriDPyipY32BDkwfRFbz_IKw9AmEmGr7xcD38ZU3IuGs84tuJYfmDFmWsQ-18t29G6ygI0yo1EYfNDkXlbuWEZwCOuyKp2XDlaqoQ0P4gl-00B2x814ZB7FWWMWaPr19wqZFUKDoEUXdwjy4phUNqI0ZN9LkXp-GOxf34BQ47SYtbkSMKY4H8jMnNsVGINc6BpZVDxqoypxaaVGKBrEDkSZHZHyFKBLoqOIF8poc&cid=CAQSKQBygQiDYwdp6OilD4OvcwFh0qGU5OMLftr87aDllVG1LE1Ax3wen8jcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5475442731296184000&adk=385625681&idt=73&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fced3c4710a90ebf2a7e0c3db57e587697c5d43b93f71b4505bb6a4eb756830f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37586
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 9710 0
68 B 39ms
32ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedio.com
Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://onedio.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:15 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5CD2 41 KB
15 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY4aQRICP4MmB1eEwYpAL_ldovZRwTO1GANNsVw7B7uu8b_m8Mo-IhtXw6X8I2c97Pj0V6bWa3bLpoJJvIjp78kfuqv-YWKxwX_RqK63Rh2LIZeJZ1fdUhdiQxKCNuAWOPHSnUyg60lc9MlGXUBYOCy5kxpNNPIX0DGcu5R1R4PP3yTqE&cry=1&dbm_d=AKAmf-B4phqKsjah-pAQxFJhVOPrLLCskOieA5g_Xk0TNtkbpnG9VmY0YkbMM7NZNxozLsNbtvXgGx6sepIDMZBLpcMrqgt8pGo8fTPk3DzcFWhrm9olJIRDXU6VaHZVSUcVbBnvwWgg3pq7GK9xsX_qTO0sHalcw8RPWvEtoCUwNCm-el6MnL9P0i8tf82FZBY5VQKl00vOBWdNLNRF4-FYmRwh_tkSUYEWalZ5yTRyP7iRAQvIBRqT-yVEyk86_yUUAuat7EVGD4ma1eIeSfpAIH7q9piVEVwRcrNI2tf91GeIkUaEPQtYWzOGUnwXblhV7cmyC4uewyl5sDywTm0WdjWK_ujyQbHRI8jJ4AnFiaoablTggrmN35jMNsvBQJ8_SdLfCwlLmGdMBUWACWJ5YW46iXP0Yu6aLjw_WQDcCn19EfKEodTBrRR7pGZKRXlx10q5hjc-rwIJTaOVo96Y6abrgmEWCZbuqVYofTnAegGn_A1wL9Lw9LolNV3Oc4_6eICH616hrbl0QlOJIiBx-wOjTZ-JeVg_31ZXdveOXrA03mUArhX9UWygW1p1EiVi8tw7ozqpvXHjkyNIxAjhCalj4J5Eab3Kv6YOJ-g9E8GmuRyDy4ie-Sg1YC3xhYtBbyb4llt-ai7NrEu8W7iRwxcqwHrTX1DweoyLZKJtVFNSlUXjBe6n5UAxw0lokwRsSesYKuUANkfMKuX1aYqjWSr3CWsXDaHa9B-qL83hgN9SBEGqGp6Zi5LzbeUv2ll9Fq3OYXE8NGfnIUhn-5ARIlrszl4O59rorM_EIK8kO40Iys0CSJT_zn3qsUoMkWxRRv0v6O_sMKQ-Nz1wiHnPOdE2WsZzgT-ayz_bdKC8nWF4WJoVADVnDXkJ6tOjD3X_qXYq9RkdcRbevaybJgKQ4VLJ28fCGATIQnKvaEqsTju8nnvPvb-C4sygCIHfLc_7BshSSs13Z8KNHoJASDaW6h2IMML3sKNg_v7opaAyAPlqdZigUx2hnSJq0qI0bAxu-sgSy5GYMl8bCOgARpm8v9RXS6MXtMeYyPC6beQ_hdKivbKBUIbgL0yRZK3qVcw7hdWYiK7N8eKu-zarMid2KPlY210vFq9VV8eMRaHwJeD0Bada8LMgbZi89ql7UZsm5GZR4otBNRVxuzFumnkIjiTjlPyJOw71OQbWDGyIdSnNppKAjW0ru1pLYk5vxVqq5lZdhVWiIpDTYYJIlgEZ1D7xS8JBJ4i97U0ZilULXFJll1sOfBrS99Kv-ks_KjvXa2uFlg4Bei1MlG47RG-uecqQkdaStVwhJ9a3_fwpEI0SdYOZQ22LdQMjyl9j-Ums3pDnmV33JL-dFmnxIrNNHNTkytQOIbALq6ycn3LMgupd7NnyJLIG2OW0OTivaw4CjTYT9tLFwqXy79ydlo4B1C37B69FpFfp1XOKMgvICaTjb96210eJHZcDGu3b2i2U-BYFCGoKGVd5icxGwtgHjxd2R-PSJzVQSAgwzm-EO4lzk3KoxLOBF_pvwh0DwtzmS6kZWlJwARyXq2qp4Xy6eobGFTD9hh06x0JRSULDxgquy6o_-p0IzBh99Ij9EppmZFxB8eeJHjMy_cmeTtwWpEC7nM0k7UJRmhEPRQUJ9o_ERKVJkg3OIpQcW3J5ArZyUA5JNiYlNkUxBcgkAqZyoMVzDN-cI7kIemBLygfBHvTp9Gr3XBwj0OGkG1QqKWch-VPP42dxEv0-agA7rjdi31iOEja7iowS17JSI3Ou9bu2wayzdw5JZWfRMBtI_cfWWLGcvpmwwpKhL5R-M-CLQBbnW-trhGKsWvz_Qr0CIQNG30bGJiGH7VcTAUbWYZvjtxcdISPSnnzpv1EXpbQRU2hROithmulFArR-bhJ_sScrVCFy6nQgpvTbAoYxnlD0PrpsnYpM5aivNvvhC9oLA8tsICaflXCfREs61ORb34m_TVLZFyVszO4o3bJ2LoXJ6TN1VFn4c-Tt9jTCa0QZFSBtlG5dDGY8GMdVV2nO2QKMT-IJZtyojSrQwNn5QMAaEROhGrwcf-jWZHQHjdz0Ve6F_EIrBh7xUDKEn0xIQvM-hzbeRLbOirpLOdUjO9DkIL3uG1B3FvjzdF9EE3uOqFJjqJzS8Dsiiu4HSJ67DuBpxs63FLyImLn48g5UjS7Pog-S_7M2Kkdzt8tVaU_Za91eX2-7Gq-pCVXzaE_VMLFG2JDcgtZGbMRGRxQnhMOR5rJt_omhTrKhXGv57nsjwh8GP1VMcIvJkVlrjDWj6L0YjxK1Df9g2mOI4Tl42N9nm8Ssj5OsYzwsgNgZg5iNlfpf_8FPzcMQoNQCZZh1_1iMMOBcv04NcinpJFfjcUeGNH6O84wx3jzklh7dEnqrXjCTdmKG_iNyckJfb-ilbsJfJF17by-Y-QhDOeKfqol1TT9SOtXE6hs9S9nQ_imWempOtq8AChkgYRDR4TOIODo7anq91QPNGZDxEMkkmMJKSjuf888GultsWg8zVTr4MSBivPKEZHtBlOj8RwZMnMzWgSwVWGqXMnS0bmapjtX75IVe0QL54pJKVFV9n49wJAoCJOlMx4cyfW_hYnr2u87v5F_YOnJFMrG9mgS_pZkXDXHLOWLSeo0WYkH5vOi1eT9h6iQQfBnP1__MDO-ds4Nd3zEHKH6ZnAfiSl8ca91zl_O9pC6eVXHkHr1bczUCe0V2J6iLlwPT1lOHtcXh7Ge2d7Lymd1BSyVBPZQ44lzL1EWjiOBhI6gALnm5ryTOAFWsgKnpselGLjAKhQVHgMRfLMJv7O8af8FNNXaGJntGU37e76kKu1VKgAeHQXsEw4nyOMlnAexFCMOrvMxFOQGEPtBJodX1NEHn0P5nQn4h33z3zz0kUmIeWPbsv6_PJKo5nrGPUY3JNkCX4Yd_F7gb3RasMPwqrOmAh4sPipuq10LXd2Ji5hCVn2N_F3nTicdEmqjaHTFrqLS-OtBA2a5sDu_Cx-43zzqyj61gYDmNxvg12hporW7pJKHxyMhZIiVLtMC8iNtu8BfALPHVi1oX8NdKRjinF9wv84aX6D_uCKRl540FSr_RCd8riAuyfjgfJL33lIR-0ZMTyxHHpdHtfINbKNJRb11Cd1otdy6z2XdM5_vbFJenklnSI97r1WeBHuz1zDf80YJFIBE0jd_b-9E4qUxG5I63XV86wK-lBDoi8SAlfVfRaIzQKV2LoyiTD4yANjULuZOevg7wiWeCzPZeuOFOi-EEw-l6bpLxTX1vM1RKPkBTjNTjen7ifMsac_iAcXqSp582kjJ-NLxbPUhyyIyBOvpsDnlguIGLr21hRC0WtdJlFXWF9FySUOe9Cg-mg22m9MzGZo40zWZJ_H8VOlZfX-EIy4Q4QXG9W45Q3d9_6cPfCZyRd5jWfZtyAdmQDXmxU2_ivvSD_ZsWurziN_j8JM-NSms6liNKP3TBEsr1zgAP62-lzqD56Hx_rRw4HtGWMvJHJhzPrlRvYmNyp2Ljs3lidya6yEFbvBg-edoCL_5V9PIJt_srMYVU6fFA5WO3Yr17rG5CveKVX7C3Ue6jgqej6GIl5judoy-lMsUP&cid=CAQSGwBygQiDv5iXYMquRI1dqia-puPfeSrzdhy95RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=610331278590014500&adk=3676778483&idt=120&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 13:19:10 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85DA 0
20 B 60ms
56ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4397655472090&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85DA 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4397655472090&version=m202301230201&ct=76&x=1&cor=2597558365005991000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 85DA 49 KB
21 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6mzlqgqgct_oQHD4in35iZ-t8IbskpmfECTDL4zB2xDkhz8iXvIyuKM6oljv-u0nJO2rZAPO4WpZQbIWxSRT3Q4sB_Q&cry=1&dbm_d=AKAmf-BXYrwS19sgq1XM3dvbCh2NEo8XmTOdlbKXp_YwVAzebKjaAuNooebpsPk2pSoIveG35VjFHBP-oCYUbla4T52ru2nBKeV0xi0rtqrIvTgTuPnhRsaQfY_e7-PzI2rXiO7jOVi3Nyi_gF_szH6zcY_0ho4JpJ4sMpZbyrP9iDclobfrf7c91Ind2a_9J2VomWcrb_LJJAGmjTr-oZoCNOc9iVdKBbQ0Yk6vp1uNikP-HploVCRaT-MJsRR89NKH_TeLpYKA7yxlvNZI3iPH_8T9aJU8U5gqVtOp1Bi6WM9lNYiDDrG8-l_nz5L-RjKKQqTcO06nhhMn6IPLvaj3zt6EMTEKWU0B2si28wLsXWZyq7aYYw_ZFaE5_x8hOknnhpmayVPyQHWVWsNI4h4meiL6NmLidm3OAN5uhxfIW5jsfu3B1pu1XXk6O0cxkdDcxORH_QUa-QmYqv9hCjFBad8DJIxo2QE4BOgcYQw3gbPr0q5cFl4dC13tEEhDNDImKoFMBuwheayjW6EKJXlNEo7My3UrKf3P0i1n8lA8zKpHR1D5mIKrQdXGZUOu9q9R7mwGo9LynjWh6p82kY8ZnsOlSaRyhB3S58WN1ahnGUAg4fPOZhWsPpZYW95AnGvxNchsb3QT-3dFHvukzRUZ_ycR1ixni-DPA3ujkgnsAdhEwyCND9bggHajRIvMQ6iW07bZqBJ9AUdGYJwwmlCj6GQN871dwMSC9dRGLMc53CSRpTq5bsVNUN7WxOPEKnwCxx2NjPvjAUz0dKOy9OBb-DzXGmmcup07x5V0ZMSye38QScCdEbVshIw3K4PE4f-wIVhsYxDh0EwgQL1VSl2wsjeItbW7QHVFeqnKc9mdT7dY2t2lL0g_rZbKM5czHatykV8TGloWNHwT5nuRqOrfT81FBblbAL-H8EeoHpjaEdfjQD_O9bOCzbAIVX5V5beNfGF48iBv8_R20V0ig8fSGIJontwMIUZAX3FXT2kyy4TJ1uXWmL1rFLesKk1EsxGkJt2yMsBPfuViPT2PQmmiXyiuxNaaqDNf6qGyS5P-7ubqSxCaRVE9pMa1qnsOHOTvrfo9FRA7u73Wdfu4Cbs7UAJzYpqWVM-y7KBQxJvBif800BmHxP-0imTKP0epmRbdiyykJLy9-2Al1TC-45i6BQv-bgcX7zIhUMAAdywjZeB1U2pxFOzqZI2UwJm-oUwhmuxca7Mmi6OdFBxQdy_GLGrWaAo0lDp3tBw7ZjyRE0xIFKxQxicbaevANB1ZjJ3Yt9lF-3RGTLswq9fcITPAe67gScM-T3e9ik23IeYSNe1vZ1fgiTYWRnNqx7pnMNn3C58XqdZQcJoQD48aaHstbVA74iVowr1--67Eo9ueu6JIxrAt5X_UViBSdesefn37kc9nGt5LH9y59X1wb5zOcHAxhAQ-yaaQzsOjiTTwuFRa6jKGbjCFpE5Dv739e36F4_tk5ac1OEKMIBeomCR_nS56mpEU7KGwF4k0c7PT4RdYeCuRqrsYRgNqrcY6XRspqyDWphnAJzJx18v1zBc1DYQVHZRmaKhvUNZwjyvItptvNE6B91tssnvwjD0hMl6v8Evea0114L8ckEK9u2vblIPkOpeQPoRL9TjjxKFobRzE5-RE1I1eBEJRrsTRef1CW7zeV0FddOqQwX2E6lzVOawg-39P1HFaOVee3gga2XnHOizBQ9KzrKcM_Gbh03HujLPeQZ7u34H5ze4e1Et93cADE6iBFRAnMF-F5njBXDtI17Y0S5tgk5BnbpPF72jmzEJTCBQrFngeGlvXiHHuANPAe1Z4P_JxGHsBvi50yyMVfnRsMCLV4cfRBeAQ8Xi22H7Y8HXRwc7nCkqzOxqtmjuKsvYb-AwH0A8oKcyIySqn5YF6ZUrypNHtMK38GCBwz7nlgioPT9b_SecoWDsbj2pKdgU--gHySI-xIfbk4fYYWVnAxs7oB_tt2thwIwUab63mwDH4U_q9mJW63vhG6MFDzSYBCdvJQRdKwigAFydcGTtIrnDt7kcuhnKNuZ-LCjq5GofojKY6eQsJAh0ej8PSiQ6lfAEQ_cRSMf6oW-dU5ImvsXQh2vJEfH21YTm2ef0Sw22yQucA47WL6SQ31qRp5WNFO00y7AGNjtYCGnwHGdlvoeMi_T23942n05Iz7UhFucOGQaVN9EgZhhN0stdNqU0-vva5pBhi2zD63PHcEsiCEMVGTtnGsJM7eoSFkHmqopY21qFf6__JMt4LmXTn7osKYFzeQMFHPNmCr5xAtR2cMee_vnkJn_yGa_sBZ880yKQlw2IAEkUA8dx0OuhIWY0LZ4-F9os9r4y55VWaVfmyyi7cBPN3pD8FyZLEQQcLAgftZFN9gnhFrtUQsyOSuwOkKqL1LF2BGz1DYsggDLrgzYGpTkByeHoKH4zVPc4kVdwuoExc8tNeLizgKul33hZaPyWel6vOofqfAJUTPTmBOdEJEM8FBIuVoeJAEvJ6xxdzAXaBw3yYfRIv8eM7IBOTRqJGJ3xveRd0yE0916NYrjFUfsHhyQMkAvSrJJd9Yd7uERARsp6VvTOVFEwGqmOX8BqSye6GerTnRr6AFjO6KDpiEHtjNwbxrcjaD9biTRg5mq0rnXiXlN1na6QM114UQz436dWGo7FDjqdUjoNRZUwghlaw6I6WFkE5qyh0d5o01zxKJraFfyZ7sVVi-TDpkVMHhTCfn6UFjaixZZrt1s8BxRlkExsAqdFWVqSpuq0avvHHQyI2xbcP-sC7v5zfXR3FunuPuMI4RRDh9zKi20HYdASivVdBVlb5KaVDLdVLUHNGKro2RT1JU3_J55FRPDZhEujXl3IhUmykx-rs2T9MKOGHUtjQ9QFsCFJBDhxg8X0dZsD21GI8CZ79kv1p9Fo_8JZgUElD7bDzuEOeyV4zaYwic75hZ2nb5GCLRvvaj0gO5VWovhM_ZyrbGmSw3MMTg87HcDf1dbIena_zmCX1x1k3zUqsUSrV4uHiJ_Y42kSDq2PUcHi2hLBTpyuI105h62v0kMvoCfZDg2EP6r8I7OxbB54gFg6FjT7j7GTerSbLNLWrIbMebpQ7EyA3EGxuSJCMXVVguB32hhQu4QHY-u2xwdoMvmqEi6feiQhmLbWZ3c7ysMTK_a7Y5F0OojasDPuFF8EdaAmKA0FVx0w5z_OyvwV1XhXfsLZ7lRaXGq56ne5E81laypNT0tL25549a5OcndZfp9iEoaSnydubsfzERfxU0cBRiNDXJ9M0RyIDpJouyBHH_6dA8dH7cgAzcevlMbKZS7THWZKrhwiA3zXZ_xOQ33X4_S7jbu_zuqtUcQkLpqFKscQ1exXJlshIQKANj7M801t0S95d-FO1r4bKRFfMl3Eh_i6nISc1DRRmbBsYjyawDK5KaIDD02u7GxMXAsuKgnPRRZ0l4LoPskl3Qc3b9AFgq2htN_MLCxXuAO2wtnJG6Skk3ZOp4cCM9Dp7YzDcULaNiNgFQhXA2mgWNxi2ENnArTjYHUXrkAA78VC4SMverBBYMMahd6Nmp5RhNzCXc4953l7WwZT-_wKFdVbF45OzDrPELBTKG4Pcey0fgLmotb-CFcOTxA&cid=CAQSKQBygQiDlP5izwjJgU0xAIbRQruYVPT1gwS0q8iSUujv61Gps_x606FpGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2597558365005991000&adk=3468572599&idt=67&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf4bfd502f33603f3f3e4dca01b1f8e63d9f9cd4e679c847dd3fd850a1429ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/628/s1.adform.net/ Frame 5CD2 36 KB
17 KB 145ms
36ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/628/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=64068332;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJTSVEhuaZMWMJJPt3wOi7oSwBYPg8LZw8u7ZqNMRrqjSiFEQASChqsgqYJX68IGMB8gBCakC7-BpnT9Nsj6oAwHIA5sEqgTeAU_QUXc2CH6xl-jr1Hkb_koHTlFcRsqUoY-BQa6VamwH62_V5LKt3herD02-1oAAOs_xdPwN4T24S1nGq-GclK-8nonJQZ-inay0YGKXOTxMhPJ3UhLbEEllVV8YY3f-nLx-yDyIF3W2tT5NuckyH_IObmXhZRN5P-jt9npxh6YER95qAGWvpXAmuYSm_4_3R89hGuSa1ucoIDo9tqs83dMWTTmZfB0jJF03GYwLXlFMk0tDRY4TuxewciBmN7boljNtqueKmGNMvuzXNd0jwl-KalbJRf7htcWvWLFRo8AE7_-pj7UE4AQDkAYBoAZNgAeAsYDWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOCmuMT0BMA2BMQ2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDv5iXYMquRI1dqia-puPfeSrzdhy95RgB&sig=AOD64_1cb-6PM_cSxeeidIPZVS1hQehgRg&client=ca-pub-6028767826330736&dbm_c=AKAmf-C52r3WSadklphjV1Eyd4hfTublmU-YVfwDifWvnZofKHf6wjG7FyzhVSmpIoPxFOpl3Ke4u4TVT1HQfNyB4XYWgM__zH3gl0CNCXm89qopdzdBr3KXAJsI8HUbbGyxF4RKfcEudxV0LQWvRLBIVhtzdLJUzPmsdNmiC9XcFykvlWyJvvk&cry=1&dbm_d=AKAmf-BNk-vfLrTf-nqtAXe6Jsu5fjB2OMrPNmHJ0DDEX5zjuDZKeC5lcPIj7V11G65MWbdewy4kZh8DexQ4rKTqhMH2UjzOOrL21bEhlFriGVhwXj7eOY2f4sbvdhohKgNB9_O3M9nAjllSk5Iq_FMy3pIy9O67Wf5JNLLPNlCP6hkNl31z8Pqgo0FxXUI5sSQu65Zx3clQhIzxxp3FGjlmWWjDih5yIa10C_YinWSH0l3y03FvYi8eLvi92bE583PSol-mWvnVPIqGJF1aNmlOYYeDV74J9Nlid2pX6gk9kRpb0gonnYemc78GD0HEqTPVQRAPfs6Gt6rrRnTG4339am8j6y2q5M0LWhuBw4C46-ur_vAUcXYx-jje87GyEAu5VEqo7xwAoc7bucrlombwitg827kV4TwtFjmZZwdHwXC2L5osVXRjnfWJNVd9MU0FOX3fmKw_SefKgktVfy00IcuFXNVabgtYRFI4ej41SrYHyokRdGD1KpM_nX83GF73mF6ThWVjfT91TMF_ibQHH6v4f81c093y8ere7XC86fkYKKJDvefe5ZfEjThT2u9y9z-HEtHsUIz2nXCrhx4XGndPSwKBF58fcsaJuAQP-LqXVbTrlX-EFT9ep9i-csDEjg6_6vDx8nXgi4TOupn4bSVk1J7JZhTziduenmKLNrmxPuDcOj-nUTPBWgKaMiC7VE3Ut52m&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: beeb4ddbb224e8fc9b9f9b816f8c64ebf7b8c761a00706a44f0d3e938bc8e387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:02 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 16 Jun 2023 15:11:23 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 922E 172 KB
61 KB 107ms
21ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Origin: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 922E 11 KB
4 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-1QfYQcd601PaO0xje8p8UiVfwG4wAhRgdk5jdBsQSr-MT9SQ_UH-P2qIjjnayZuQ9sHHD5WVzJqqmIHiVS-_8KcMVXv_PPXjEnxivxFbaubJlaM&cry=1&dbm_d=AKAmf-B1aXxu6GhhArcrS9pKElOpw_05MYvkyvynPg6uKWUFVX_c5X7zUGF_2elcBm7x1fWVV-fd7aseuQ-mQSjzKM0ijj-22XkJOTWcOHfT_8nU4Z15SQGfoJpZHgTW-DIJGo-c5ean7zjyfbtKHpTagCmLRi9EXyvnieH3g2scIxfmCki68uxZnFArzExOsg_OjusdcGZ9sHI1gg8B-a606T_BJ3lRTWjwzNt8JvzrBWBb2462uv3pke_NHdVKkWlmQZQZN1CjEA6_CiN6sw4Fp6LDpGvghxfz306ApLAYkOTg-bE6GS5ZFW5PMbUu8YLu4sdbWhkO9wTFQpHBDdmDk7K0LnFve6hZPfqpR5RBxx59HR6hcsSIwc-QChNB2bX4Dk3HjNduhNK-zfXmulTI3wyFrHQzQqnsiQvn2eViD_aB0y_g_-lCKhl_tZzBHqM1stxZdM4nHFbQs3ZtV_yjGc0mn9AXOn05OzWTNNotdQfcQXXK9TVopsa68oj_dzh1wXZysnWO2IzTENAnQHauctra6opWl7qe914KBREJod73cLu1j3MuwN2I5NUzIQ45wigITX1-P5MmdSzQtQT7cLAOWh4SDiZWtYW1-D8kv_Bt6GH4BPJxuA8hiZbn_HR0O2D2BP0VoCAFhKBvc4Hidq4AOgyE4DhiyExNr8NIRAGspx_54MkOe74BRukDPmmFLH-ZWXbe-IiZwviDJSKCcl1L1DMii012mBfD0N-yIwHJ6CNo-Lohsuz11zvt-FwP-R-JVE8boiwgroBLX8AmFmQrd0pGXAv_fsf7J518ZvMOIZmjYacOZxbs1dOoMieOfKpA3g4q3u-6zj3-QwIjEy9SlDyjr9JnBcfCvLKadrGnzn6Fv9KxlgailR0XH0q_RTr17j8ElL4lgZ4RmAqpn-z0vBljdEMA3mng9CHORU1TznExKrCxNj2con2J8lHGhrymzf58IFK9I-OK7-RRYrQumYpSeXjgw7UTjnaAbNFvKIQ0A78nuc--MTX4Qz1RbwHN4-i_r5DOSSaGY1EhqBRDEejesCbu5AGeT_mqzWygCtWKrPKLJDenHD8vOd5Q9YCOjDEgCvUWcG6FgIWV5MR8S6OihYE_t9fAPa7d3vUZEb4SOQEbHbAnAU4mYxZ2AGw5k1-kEq_On9yJt1DCoVzG6FMgVielxmKFxo8K4YO7GF3jR9Wl93opJmTREShV3bDcKKSQMFhFKPXjDukDoT0wMPOFZW4KcGl1rGb485huwSoL2d6KznDVhBUd28Bzza4gx4HtfL5VkBIO5I-WvdEz-bYex8p920m6oW7Xn2YLz5yAK9N08yCw0X8_IIv2D9tMVCqQ92-9jY3rm0U4UZx6DFXNRSVva3YB93Nx65wXaapU8dE6k3zRJwbmXura-JR1rMwqPxZINM8gjwq1nGmkdsHNT_VBo8PYzaUNUK0JwUUYnRQ6usGDfhLVt4Sf5S2pZYPZJnom44Pmcl6qA1KcUikngpjA__5T2WDXyRexePvpeiaGKoGOvapTbhDChg9yLJm9v5aDV9HV-4WP1UbMBlFjYxr-yz_SidvpX4LIlm4BccF8tQPilnmnn_zjciuF3xxyRuK2wmfovL2mlaQBS5bv7LLYaq1CmTfuqPefcC8bK7r1Rtz5R0d4ifGHlMV_8l8eMeZAGrzsFiIvohv5l_Tr4HfRO_geNLeDGksJ28-gy2GAW1fVgDAYKtWXE8EXW7CtECXDzfq6IHx7FE9wNjy7gn1dVrh0AczYZxC-ajthM-40WlKz1BaggqUqFjxATyOHKjpMQ4ZSh-z48IGBysjiKv0ZxUlewsyBOv-iqIoR0BcWzrAYYMWJ-ISXKxvpiiWamEclp5ivK_zVMV7NQk3ZpCYwkB8PEwOWDtoNfUsnSMrLp9GFTFxxny5cRGE_AxrS1Dc7knN6CWZx7nERHNC2dqF9XL0JmlcNoOuaqcwqdtyOuvQA2ZRsX1lUHmkUCwMYfemK0r9cxjwXsqXeW7VhuM9FqhnLYFmJFJcxBapjSA6s_8Xf4cXb8yURBlb1dgRnJzhK5CyWbaDX1NiXVFYp2fifdlYXaCnof7A-8rOSGYH-uKwYB9vqslf-u2AIItL_V2qfN_2CADBBW2FaHbRmEzRwbHuNzBQrj6y2xABTXEWlKXvR9bOI9GX8E3MIrKRmpZRKL2Uvru5m5bT84s0EEOuASXiqWkwxtrSUuWQ6KEiCAOzo8enOYlnEPTNdZDLYJVapxXwVujmbCMGXgShKz2GRzftGmF4MFNnZOLTNcAGmDZbaOxQf8yXf08FJijFiWb4ZBlqLDMwBAuqKDUYFuVzTnwmTY77Xx-kp-gOpL_VBKYPWYhxk1A1tImP70dPdg7Kmghaj6q-QaysqMmISZF0PKYLHhrX46cNGTDmJ3Z8Tyyca5q9hHBlt7pnAiJHcU5bvpGFDAfz6zpLwgBpXXicnK02FiuXzZiWXqUCuEASFMbJbV5aaMkv3IUVmx1n19cy466lOkGmeGJmOf6lvKhu_jYi5XPKTghWFn234PqnHtgbrBMFy2o-Qxt3ZnCIel2mNWK5QI3UeZ8y6SPu1WNG0w-0j5ScrIgMnUrDffAHUgQnovDU_z_j1YBXc4lMKvHhdRGHamt6f7E2kR3HZgty0ThVzNNUgFuyUpd6s5zFeViW1Znv0YLbEXbR8zWeqOQ4HNvJwhHz5YbzqBTA0J2Kd8wsK3M79OsTbCeC23yBmlOPrnWxwpcxx8vvb1F0NpD5q_X8UgtrCHVwjdARxTUR0E-EHAbyaFgOwy_W6x-Z0O88mG9LYVbMvVp-6Jp3MZVezHzoxiJ_Mk_y90bzK3oDp3hKHimH9846Mc6c3vXn_-kpDBBGj-c7iCbVVb5fz9NcjZsY75ta0LVQ5M7t_Ssb_iDoRN_ouC654oKk0W-25dAgxHrKxb3he_gool2nJY7q_5mboSFW8Frd1j9_jmMMCiWxKRYFqrS65XzM6oFDRBTsOSm_B0BfYKjD7SfCfP-7MsF6E2EMdDcB7qRuO1jrlSKTrcHdR-d1rSnETCx0fVp2NUJ-CW5T4o9hAAP57IhRzOQTYcNmX6RcYiv2OyFds8_5G9eKvlc8eR4IK3P8M4Ukn3LHu_dJC9RVZv_39KhCROv52OLnZbGojvQ5RQS-G23DJFvbhQoVpPQOHX-BlRU39vKFPfbEc9UoYeUX8xb3ez_O8qGCl6yOKQeITI1_ceqgcF3Ow_bV-Wz4OIfzVZZWzDoVAUNGNfoX6BdCzw73JKvxjQ7SC6f0t9KJtxzgHNsqQhryGygmNNg6Wqg-dcVcHUxgM69DOjnsQDijjQCaH28-jhyVYdlYjtVkoW7PLfHcH2uzE_puzdNgOylGDcqx9BqqENtGKhqnySWOHGTnKO1-nEBPbhh9jgg0QAoFshLdaeq5k9bDQhOq14P6UTzdegx1KJQHF5_qthrBIgSYKxW5l56VLI8OMU26hUnR0xP29OuUS0n3gcCv96ElGBJLLI8yA5qF8A2d_HIG-SD7ZWRlJWk5FVttTGGKkjyv7xn-aw491MieTAMreQDqiAsCCyWKiUgBhKl7ih35XnYaiSbVnelS4_TSSimfEK0w9fnmGCkHag8RK8tCLuIU&cid=CAQSKQBygQiDZtO615x0o9vMVTDtiVc-lBjug4PW-WOtNU8KDtF4fBuY9iewGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=13718948736120257000&adk=754613069&idt=51&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 922E 30 KB
11 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13799
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:21:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 922E 41 KB
15 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 13:19:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8047 1 KB
643 B 30ms
22ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Tue, 27 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 922E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9834d566addfc91f7bc74e4eab1e62598056524f9c9d85d4d024f5c159c45ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7F10 172 KB
60 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Origin: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 7F10 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnUp-pKxTBEpadBtNbtsooBSmA5VFCUetNZlEtLJRtSR-R62YSH7szwiM8VnIHGneJsk7qfQia_2KHBxdZioMwaR1ymlAssXfodcCwTlbik6nu9RI&cry=1&dbm_d=AKAmf-BOJIw3DAP4hFeqhyUMM9EkgI0l2XhCPAWXbmHecY9TwsEaNQ1kJ89F2A7tXr51rNfPubU_tnjGnFv7U3Zw5vsuSY3m-YVr-MX8aMgL7zKwrWLdr43X2QTvi-OmiNO4fZL5lMw0ahd07XJEVjG3vBuaPqobAr5ez9ASSiO-c98IQP60bCeVaxqxUtoefmCTeWCUk1nMr-AewIfZOnOjS9ejcB7pVlPHw7QDNBIO_QssVYlroDAjiNmkPO5uYk9SIPefBZzcE7r60q1CRnTgltmz9K33H2UHEOLgxsR0rhwZTUV7Y_gA2Q1keJwGOUfaQHsaumUnDPSOnyTR6vObt4VUU3HkqEymRF4SbY4RpI45nvDg57AmQir_CKO0K4le-GbP1RSd--fQ11THb12UTyqMT-spwqIV5pKZ8j09P-zmEvqb3O-YtHKfB00g4Mg7e2-eSeDZyiKeg3qm9hCCy-uYfk_gJgqoyaEqRYI-daKaAZVmZg0ysMmNs_mRnzUs9-Htar2aM5BRzodggm3WV2HZDLEFatstc-I7V9f7DWCmYqpScF7hWaleO7_TqEYyPYN8mMe21VYFy7EJM1JfTIaHWEHp4SHImzo8JaRfwoDxTTB5-06A4NBRffcxWTTp7PTudV5C92FiR-BPj_DgkrNeZ4rWPFx5T7k-lbqde8Xa80rNt0SBVobkYgQWpX9Y4AK8oP0JY3UM9FsMMH_DNExCtxrOv5OpaFhnQlO0RNA7xM2uAq8bCYgRThf1Nm9MFiEDJdTB3sLVY9xPcSygUAbJZlhMJQ51gZOPB9Nvb1XGO1LSphh0XigHVc2xDnuryuY_rYf7EBfCYGDvheIG8Vq6hFaqQwPMrA4pDuFQHApQAAuRAn1trFZHaDhucTG41HS6bL1-9BVFruF7hcZH5B3PiVGQ5UCIPrVqlQ5ukQcyHjQd9kcpmoDpWlQ-h-rdeumgGJH7JkkBz3LeB5DILZYsse3hemrYcfJuve4z0PhylbubDsM4Oqo5Q98LrM-aUWbmOVU7Pcoisw_w198QA2X2xhtBiAmLba8VLXokiWG1TtBw8AKvQgzSlkCaBEz6PrsW5Zy460BkraTs1VgDqwN2lJ9pWeVD-Y99nOMmKHGlrWrDts8XOk09aSH_YktA7UAEXYrzjZ-Jb3MnAdlZ_idHg2XCTKdaU0uj1LIEVq-mc2b8Y83dPKtmqWj6fU_6NGxGp_AuCKIHVRfY6vd7TiR54RKOijeJBqT4skJPnmc9HRcBI6MSX171eEn8zZkyBsOcGtFijhOuIPbSL0Ann92JNI8a17JirNVvzLM0fIqsKqK-QXSqFqPHa6Dr4LPRRAhANppsKl2YQmeoILFcFe8Pbma0avL-W5ypzRiP5FioaGzkTki5XdHFr2oLEP6guVJPQesi4NYlsU294stZhynrHnonCuf3WP-nZU3m-HEq4RwWn8brdf2zvWHNLrNryWV_LR72VSqxMmGrdpWNDvyaEUqbOxRa-PNfXtb4VOuUn0bZx7MUjnoonopju0iaJdmqh1ZYKazRp16WYoxJ9c7BVdCE52azutFANABY66TyVRFP5dzW6O2qG68J4sWiAMADD_4grLP7pluHGr84MRhKECap_pqLEp5BB40-DD1m4TgvjuhWAoJo04rAF_waeibeQseKoAG1_wsIG6YzUUWYDxqOiZaj8atZ_nkjiNFJ2WKrqDsYWTnajVKoNa2EBPZMQ8ogSC4KQHg9G4MxbHGtTO1htUNbKRPF1D0Wmfv6OosnaYNWK0nMr90HO1URo4NUXIMyuuWgJPVflYvRSqfS7lbnvaCul2JX5VuZ9wvv73jjwNgdUJXJPOrJ8J-iD7u0LLK1PViboAZTX14EE9zsx1ThDQw68opmpGkGSfk3euV5wqPJyEf8c_kQTfe0i2kQgHnh7y8R7tsqzzOnY9AIEhVc81bW4Py4lmrvFyxyNX1zPSARIr_vQ9Y7wDU9yyoB2bYjIxGZPV8FUhUpu2wYiz-HEGQD5KCTuuJA210piHQP4uBidSyOm-zy8Nh_oX9jzN3uL-54hFK2DhgIi9mjLkkCFpnuS0rTB19JRk4RTfpkMORvPI7busHy8K5mz9QfZ9-WBgZGFJUMOOt7XMDwtonVe99YfDIpCxY052dBsmjyDT8b4zylOaTfYrsOyFskpesoLbhfoH0CdIdimFnc-ViEEnQJCbRN-5ChgF9BM5w3DIe_S-3Kxo6DDQsANezc_2lFxOuATxUihxYx8a8MRNHA68AMQhY8g90wVqoSSRyA1gub9XNYufoCY1ECIMjRkXPcCehz1mPZf0frTqBecOxA7sWtYGvNK4Khv7aYHojYjQ1eop0jFb1ZKqgr8WE1EI34WatZxqP2cS60h_GMX_HGd1a5CqWrhV11O0B-jfPmz3LXQKKYSU6XvChuhZmIF_0vfAefuI4M45J38HzTIMr0whSRiG4W58eWUy_itmRKDJsNCxkrbSv-dWIpt30Y03moKct7aat4WdvC7evuJ9uNO3uGr2eB97R55zTv1AUtkVi_i_GzCuhoJbZXc2Y-P3BjGKyNZeiX6MrWTl83G0JbNKkCURTdittRvEJaoPHpSCKd6U9dr5lxRN8PujtkzWBKXKBTA-JFCKkZI6vAaTRTB3JJARurdDVzoKPb2Y30SCODzd81rgx1DnAl9cuWVwaNKMuRZknwHmS4JK9mJQvtXIgRQP5ZAAude3IgqsiTj8eZapYAbx8aXTIzDvlgblNOHJmX88tJ-ZMYYZ2bVznVBFB43TVnjW0mW5_ZIhzG9PqbUZPIgUWxuLI9lCzAy8p5Zqd24Pi2uqgpt6PGAWt8425vZQvd7fwTlp1rna-Eio86y5Qql0Z5bM75vj_4j7fYy-4VlGPEKAY-mNDbhHSCLWDJRv9DECPo602EKLHDTuHBzECck5c79PsDTtZG_fS-0AcIY9aNHHerR8fruWHKk72YqdR_F664Mbr9k5CIi_h1U-0LL4KxVyDJXz-nP3GIq2R6sXqfytOaKwBnvKn8h7md5svjM90cZ-H4FJzfG79xtHQSpafQQ47E0dt6ncyNogEfpscHi6X5_NfsjDq64ERFYZfKn9OorrQyd33rJjqBt-vhbNnJRTq_5kzNjoVWi7hijh46vF6sJNTPq4CeG4BknPPiDDumgTsoe7dDdX_O-Y85rFUBdaH92zvw7mWR_0hygIRDHTe7SV6NWxkW7sE8OzVZpW2mzDup3W0HKsvK4KYGCKDoNezRWrHsFtb9CFDQ15kZMSSOPYePRWA1H_j6LAKqDpSYYvr44UNebdgNla2ykw45YEfzEng2rQrBdyVSOPOI22sT63OEpVGWbCB-JCYdCQJBp0LORX-uQTlqKsAF07BYswWTNc_ZcWb5dOp6czxul25tx2-shusgY2JSCrZUxy0DwapzHpgL2lwLXKnaCOJkwn_C1nP1UFevhdc0EulFdDs3ushaVC3VBR0-BR8HkodMMoxLavfI8H_MR3CIx0p_m1wg4pGYtTRPOGHSriDPyipY32BDkwfRFbz_IKw9AmEmGr7xcD38ZU3IuGs84tuJYfmDFmWsQ-18t29G6ygI0yo1EYfNDkXlbuWEZwCOuyKp2XDlaqoQ0P4gl-00B2x814ZB7FWWMWaPr19wqZFUKDoEUXdwjy4phUNqI0ZN9LkXp-GOxf34BQ47SYtbkSMKY4H8jMnNsVGINc6BpZVDxqoypxaaVGKBrEDkSZHZHyFKBLoqOIF8poc&cid=CAQSKQBygQiDYwdp6OilD4OvcwFh0qGU5OMLftr87aDllVG1LE1Ax3wen8jcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5475442731296184000&adk=385625681&idt=73&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 7F10 30 KB
11 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13799
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:21:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F10 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 13:19:10 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 85DA 16 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6mzlqgqgct_oQHD4in35iZ-t8IbskpmfECTDL4zB2xDkhz8iXvIyuKM6oljv-u0nJO2rZAPO4WpZQbIWxSRT3Q4sB_Q&cry=1&dbm_d=AKAmf-BXYrwS19sgq1XM3dvbCh2NEo8XmTOdlbKXp_YwVAzebKjaAuNooebpsPk2pSoIveG35VjFHBP-oCYUbla4T52ru2nBKeV0xi0rtqrIvTgTuPnhRsaQfY_e7-PzI2rXiO7jOVi3Nyi_gF_szH6zcY_0ho4JpJ4sMpZbyrP9iDclobfrf7c91Ind2a_9J2VomWcrb_LJJAGmjTr-oZoCNOc9iVdKBbQ0Yk6vp1uNikP-HploVCRaT-MJsRR89NKH_TeLpYKA7yxlvNZI3iPH_8T9aJU8U5gqVtOp1Bi6WM9lNYiDDrG8-l_nz5L-RjKKQqTcO06nhhMn6IPLvaj3zt6EMTEKWU0B2si28wLsXWZyq7aYYw_ZFaE5_x8hOknnhpmayVPyQHWVWsNI4h4meiL6NmLidm3OAN5uhxfIW5jsfu3B1pu1XXk6O0cxkdDcxORH_QUa-QmYqv9hCjFBad8DJIxo2QE4BOgcYQw3gbPr0q5cFl4dC13tEEhDNDImKoFMBuwheayjW6EKJXlNEo7My3UrKf3P0i1n8lA8zKpHR1D5mIKrQdXGZUOu9q9R7mwGo9LynjWh6p82kY8ZnsOlSaRyhB3S58WN1ahnGUAg4fPOZhWsPpZYW95AnGvxNchsb3QT-3dFHvukzRUZ_ycR1ixni-DPA3ujkgnsAdhEwyCND9bggHajRIvMQ6iW07bZqBJ9AUdGYJwwmlCj6GQN871dwMSC9dRGLMc53CSRpTq5bsVNUN7WxOPEKnwCxx2NjPvjAUz0dKOy9OBb-DzXGmmcup07x5V0ZMSye38QScCdEbVshIw3K4PE4f-wIVhsYxDh0EwgQL1VSl2wsjeItbW7QHVFeqnKc9mdT7dY2t2lL0g_rZbKM5czHatykV8TGloWNHwT5nuRqOrfT81FBblbAL-H8EeoHpjaEdfjQD_O9bOCzbAIVX5V5beNfGF48iBv8_R20V0ig8fSGIJontwMIUZAX3FXT2kyy4TJ1uXWmL1rFLesKk1EsxGkJt2yMsBPfuViPT2PQmmiXyiuxNaaqDNf6qGyS5P-7ubqSxCaRVE9pMa1qnsOHOTvrfo9FRA7u73Wdfu4Cbs7UAJzYpqWVM-y7KBQxJvBif800BmHxP-0imTKP0epmRbdiyykJLy9-2Al1TC-45i6BQv-bgcX7zIhUMAAdywjZeB1U2pxFOzqZI2UwJm-oUwhmuxca7Mmi6OdFBxQdy_GLGrWaAo0lDp3tBw7ZjyRE0xIFKxQxicbaevANB1ZjJ3Yt9lF-3RGTLswq9fcITPAe67gScM-T3e9ik23IeYSNe1vZ1fgiTYWRnNqx7pnMNn3C58XqdZQcJoQD48aaHstbVA74iVowr1--67Eo9ueu6JIxrAt5X_UViBSdesefn37kc9nGt5LH9y59X1wb5zOcHAxhAQ-yaaQzsOjiTTwuFRa6jKGbjCFpE5Dv739e36F4_tk5ac1OEKMIBeomCR_nS56mpEU7KGwF4k0c7PT4RdYeCuRqrsYRgNqrcY6XRspqyDWphnAJzJx18v1zBc1DYQVHZRmaKhvUNZwjyvItptvNE6B91tssnvwjD0hMl6v8Evea0114L8ckEK9u2vblIPkOpeQPoRL9TjjxKFobRzE5-RE1I1eBEJRrsTRef1CW7zeV0FddOqQwX2E6lzVOawg-39P1HFaOVee3gga2XnHOizBQ9KzrKcM_Gbh03HujLPeQZ7u34H5ze4e1Et93cADE6iBFRAnMF-F5njBXDtI17Y0S5tgk5BnbpPF72jmzEJTCBQrFngeGlvXiHHuANPAe1Z4P_JxGHsBvi50yyMVfnRsMCLV4cfRBeAQ8Xi22H7Y8HXRwc7nCkqzOxqtmjuKsvYb-AwH0A8oKcyIySqn5YF6ZUrypNHtMK38GCBwz7nlgioPT9b_SecoWDsbj2pKdgU--gHySI-xIfbk4fYYWVnAxs7oB_tt2thwIwUab63mwDH4U_q9mJW63vhG6MFDzSYBCdvJQRdKwigAFydcGTtIrnDt7kcuhnKNuZ-LCjq5GofojKY6eQsJAh0ej8PSiQ6lfAEQ_cRSMf6oW-dU5ImvsXQh2vJEfH21YTm2ef0Sw22yQucA47WL6SQ31qRp5WNFO00y7AGNjtYCGnwHGdlvoeMi_T23942n05Iz7UhFucOGQaVN9EgZhhN0stdNqU0-vva5pBhi2zD63PHcEsiCEMVGTtnGsJM7eoSFkHmqopY21qFf6__JMt4LmXTn7osKYFzeQMFHPNmCr5xAtR2cMee_vnkJn_yGa_sBZ880yKQlw2IAEkUA8dx0OuhIWY0LZ4-F9os9r4y55VWaVfmyyi7cBPN3pD8FyZLEQQcLAgftZFN9gnhFrtUQsyOSuwOkKqL1LF2BGz1DYsggDLrgzYGpTkByeHoKH4zVPc4kVdwuoExc8tNeLizgKul33hZaPyWel6vOofqfAJUTPTmBOdEJEM8FBIuVoeJAEvJ6xxdzAXaBw3yYfRIv8eM7IBOTRqJGJ3xveRd0yE0916NYrjFUfsHhyQMkAvSrJJd9Yd7uERARsp6VvTOVFEwGqmOX8BqSye6GerTnRr6AFjO6KDpiEHtjNwbxrcjaD9biTRg5mq0rnXiXlN1na6QM114UQz436dWGo7FDjqdUjoNRZUwghlaw6I6WFkE5qyh0d5o01zxKJraFfyZ7sVVi-TDpkVMHhTCfn6UFjaixZZrt1s8BxRlkExsAqdFWVqSpuq0avvHHQyI2xbcP-sC7v5zfXR3FunuPuMI4RRDh9zKi20HYdASivVdBVlb5KaVDLdVLUHNGKro2RT1JU3_J55FRPDZhEujXl3IhUmykx-rs2T9MKOGHUtjQ9QFsCFJBDhxg8X0dZsD21GI8CZ79kv1p9Fo_8JZgUElD7bDzuEOeyV4zaYwic75hZ2nb5GCLRvvaj0gO5VWovhM_ZyrbGmSw3MMTg87HcDf1dbIena_zmCX1x1k3zUqsUSrV4uHiJ_Y42kSDq2PUcHi2hLBTpyuI105h62v0kMvoCfZDg2EP6r8I7OxbB54gFg6FjT7j7GTerSbLNLWrIbMebpQ7EyA3EGxuSJCMXVVguB32hhQu4QHY-u2xwdoMvmqEi6feiQhmLbWZ3c7ysMTK_a7Y5F0OojasDPuFF8EdaAmKA0FVx0w5z_OyvwV1XhXfsLZ7lRaXGq56ne5E81laypNT0tL25549a5OcndZfp9iEoaSnydubsfzERfxU0cBRiNDXJ9M0RyIDpJouyBHH_6dA8dH7cgAzcevlMbKZS7THWZKrhwiA3zXZ_xOQ33X4_S7jbu_zuqtUcQkLpqFKscQ1exXJlshIQKANj7M801t0S95d-FO1r4bKRFfMl3Eh_i6nISc1DRRmbBsYjyawDK5KaIDD02u7GxMXAsuKgnPRRZ0l4LoPskl3Qc3b9AFgq2htN_MLCxXuAO2wtnJG6Skk3ZOp4cCM9Dp7YzDcULaNiNgFQhXA2mgWNxi2ENnArTjYHUXrkAA78VC4SMverBBYMMahd6Nmp5RhNzCXc4953l7WwZT-_wKFdVbF45OzDrPELBTKG4Pcey0fgLmotb-CFcOTxA&cid=CAQSKQBygQiDlP5izwjJgU0xAIbRQruYVPT1gwS0q8iSUujv61Gps_x606FpGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2597558365005991000&adk=3468572599&idt=67&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 27 Jun 2023 00:05:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 85DA 30 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13799
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:21:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 85DA 11 KB
4 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:34 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85DA 0
0 144ms
71ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswzQjQ2YeBfWn-S-ztdctFzx4cyrfRotrknJq-qjVH8e_0rT1RNiliZGwKsizN1m71tPrPfP8RzF5R-x3l4oXy4FsKjkoYFcEvtJaut8AmmS0VBeHtao5jxJVrZuXHQWF-gqP_rLHMGLhycyT3wo9jv_6S-jLv4BHIuvTeo_35YbqFVC5BoKMPWHs8NWnFon3b7o3a_ejiiRWEZd_8VgOTpQk7Q-6PnfTQPXWJiuKTAQQhqXNv4n8zly5oawGwARIgo7D1bvDziXqtasX1x2fyE71c-ZL59ItF_WYGnvrSAV37jiUCrKzdClVNKfhX1rKXxp1367aeiSUSn2ZGUgq7JaPUG20UVUxuxsxKGVYBZQJCrm5SocSwbO0p6hzUYPaWt6L3wGoTPppQJMPsgE4IBchgswLxrjEEXGOcBQ561mmH1oI3_rswzoV5YmHU8rsibWn4T5BybQ7h6PK_TAOL9pqVYoCV4zaTNizLGf4tT9bOCyrJ3YcN1Stw6oBiwcx0U65fM5AjZOV7SYsNb3CIprg9pQ27zkUxa73osJNH0o_b4xb33madLXlTuXKol65uZikFnpaLZFjHyQQyr0i_W73eyDxS6Dky0nJ55te0YCgkxaqf0jSySwJgCTlGSUy2NbNuwKUMKaLqwOPrr8skonSHRdHIZoJZisjJebfkI4XJeH5FkIi3qqUySNptt97v6-EiNBVuqJdpidnBvZ577CrB-BvhcgJEme--QHpj_5YXjqox6Urf04yX5sOwdnrrOYLyatWrvWu6qTep8l2hS3zpmTsteJl2fPWjMKRABKH_1G87iuiLo5ge9HpLKLb62y9wp_BBTKm5azIgdtiGHVWMbZGm9VtlaP33drOJsiaKNWLrMUwT2FxKIu9lu2lxWP55YBhNW2kyTRW5fLZrboFHiS1LKiQVHUhrVdkF5tQxyvD0wyaR3T72yv8cmsHjdYtSrISwyVoDITNvQZVoxwhriPjhO4ZacN-N3V2-3hYYXuGDII8KA51VdX-SC8qIuFgeu5a0ZwCjI2-QUjxnBz77WSf6HoLGssDwGhPZSuaSABoasL42WgS5JPm19OeRPUCcw6R-OZbUhSigaJTGR5SJfbinCBks1HeCBDioV6xpjv0H4jN-5eLZaSYwEb0bh06-A6ILWHeQL4dXdJBY57nf6joV0P2UsWiri2Wl1i5bTK4l&sai=AMfl-YSzc-fSoZ7u0zDievxX8FZkZjAprJv858WqtOYgltBNe2-oG_m4urMJkeWlYQauzXvBomnqALxPSrnn8_D6HJ5PhVM3JcmcyfWxzqYh8k9Cba54TSt2cQm7CACFstutyNIOen9tnBtgIjXOqCcdJIKr5Q9PTJlwlB6Qi4Fq-sRxoM60R86ZSUpj1TYPk9rJU_WNqaS_aU2c&sig=Cg0ArKJSzEPMFdPr-1IeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230620.15174&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 504C 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 23:32:19 GMT
expires: Sat, 22 Jun 2024 23:32:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5348 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Tue, 27 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7F10 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 836ae30e628895d0ff827e02bb62ade684da008263ed73c9d9b1955f38b8c976

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 em-different-fonts.js Show response
cdn.taboola.com/ui-ab-tests/em-different-fonts/ Frame F2C8 1 KB
955 B 22ms
22ms Script
application/x-javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230613-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75a4652125853a945a31d2262da42d0bbc892271ee28a53d4db1a02b2bce05ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: fYsNM7sHF7dwBD3hBYbpYek88ufRH0GY
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:15 GMT
x-amz-request-id: EJ37RZ06G7AJ3E38
age: 7983
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 627
x-amz-id-2: bQ75Q99412W84ssKOXle2LthT7FMyNnuJFcfIQYn4hm0EtEH5863ZDtkEv8XKwE7FCovlQxbCrw=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 21 Jun 2023 12:55:19 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821076.643240,VS0,VE0
etag: "1ba718852eb7091aef085dfe7cc6b306"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2680

GET
H2 200 em-different-fonts.css
cdn.taboola.com/ui-ab-tests/em-different-fonts/ Frame F2C8 904 B
586 B 21ms
21ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230613-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afd8f0857ea78c5062357999db000e31d7469b088ff8eb6bdb5f6842d552d9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: ZLIDsz8dyG0OBqsDRdkkA7jd8r8qFgLw
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:15 GMT
x-amz-request-id: C9DZB9R9194QCTGF
age: 7956
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 212
x-amz-id-2: JLpRromVO7YWT3S3BUdJjJ7B1foabk1zwhTXleMXPt5tIlnXlOijatOAjoTHcjrIOgm3lXI5U5s=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 21 Jun 2023 12:55:17 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821076.643216,VS0,VE0
etag: "e1534bdf46e0bf286e2dda06c6237e86"
vary: Accept-Encoding
content-type: text/css
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2684

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.5/ Frame F2C8 113 KB
30 KB 30ms
21ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230613-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa9230eb742fe60368d3a007ec3e93bb89d0673456c88ecf2d0672fc7922b5f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 223525
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 30644
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Sat, 24 Jun 2023 09:05:21 GMT
server: AmazonS3
x-timer: S1687821076.658986,VS0,VE0
etag: "eeeb206035e121ddb8447db9b8809b5d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: S0Zp4ogcZakavxwYmmCcNFg__0XdzUXtWwVd9bFDN0wZNZe5uta7fw==
x-cache-hits: 20851

GET
H2 200 feed-card-placeholder.20230613-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame F2C8 5 KB
2 KB 23ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230613-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d821e45c0c21e1253a785cdcb078428f35a12ecdfb9fe1a0d2fa2801429a08b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: aEAMxJaWnLK79SDojESx5L9uosfRg_1W
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:15 GMT
x-amz-request-id: 7D1TWA6F7JNG0BDY
age: 1095281
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: /GYIBAiq10x3fYQEeHJjPObMptYjPj/ZkSt/XlptL9gWL5ODGuVYxzsDVGi3EiXEaAjdWVkgVk0=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 13 Jun 2023 08:26:19 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821076.653316,VS0,VE0
etag: "7f52f8b9149cf8e2748d44ea2b1c2065"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 85
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 91863

GET
H2 200 userx.20230613-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame F2C8 17 KB
6 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230613-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d510e5f495f47a251ee719a26fcb15c52050531561fd6effb516dea253cef5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 0.UU6o02o4.tQdD4xeu_1g6v_U6k50bh
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:15 GMT
x-amz-request-id: 7D1YG68MWDE3W7T5
age: 1095280
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5397
x-amz-id-2: +boqHKVPZ9+syKI0zVSYLt98+bkURsvHVmQhQy76B4MY69EsTviZEF3kmU3W7kYFnHO0fAgI7RA=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 13 Jun 2023 08:26:45 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821076.693846,VS0,VE0
etag: "f543e0357fb73c5a8fe649ba3b37d9de"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 23181

GET
H2 204 abtests
am-trc-events.taboola.com/onedio/log/3/ Frame F2C8 0
231 B 101ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onedio/log/3/abtests?route=AM:AM:V&lti=aa-test-vis_var&ri=8bf9f456e2f2d567b310aa21d59e8e22&sd=v2_0b012d9ce2e068f47c5ed8b353f88d78_3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093_1687821075_1687821075_CNawjgYQ1JpEGMGG58-PMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABosrWxmb6uzo3eAXAA&ui=3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093&pi=/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&wi=4003718691141787111&pt=text&vi=1687821075265&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1687821075671%7D&tim=23%3A11%3A15.671&id=5361&llvl=2&cv=20230613-6-RELEASE&
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ Frame F2C8 4 KB
2 KB 21ms
21ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:15 GMT
x-amz-request-id: KH3H54SRP4YPB9PB
age: 89
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: mP0nZ+4KDBKHVDyhuUEzb3LuG90df21M5809hL3yrjZ20OaHTMiCTGdDl6kK0Ov0/jyat3qi0Ao=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821076.741896,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 98
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 39

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame F71C 47 KB
12 KB 70ms
28ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:15 GMT
expires: Tue, 25 Jun 2024 23:11:15 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 922E 0
0 70ms
69ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOQs4irFPPxZNH5KCX_1_8fwbgwqGITR9rw7gh1Zv-TvxvL7_iiqyOYJji-YhpWytX_SvNIbMQmJc41D2L15QuYPl6teenOg_a4Y8kP7Jm13rpyxJTnGaBrtPtfJOcv7fz_--n0kQbO1zQPOZO-Q2jhyptzBwWLF1l-JMsMWZw6HnAGJwWUrcnIDB_v62EiOS-Fys6MZAYx9NcWAs9ETFLq-7Yv9nGEDLgijr83T8xUXpaRhV9vR-pkQLGy62C3VUo9vMjkRutFROLzYzlNfMJ9x_oi6gw9h6pfbiNMwjdQP1fIy0hVay02j65ZFLoqEqNnWgYYCswk3sKEAEW5ej4BFyYeHKjIv5_CYcvqyELi_YFqa5QkKkLq5tZRlqQGhhFFZWEQgYuQuCTJHJElesuLgtSSbkDsnmeEw8Ur9mY2a4tQvTCTsob0CO_MtDQ-eQMP96iXeP6s6NxFMBV7w6ZlvS3iolMQxYX2L7TQeRFRSjLaTj9VqaeyaXQM35dJ92od7XSdMmzzV747pbRuvGmYd1OjZBEkEP5VlrvyNeT9aAX3EvJy03w6MS2kYcTiWCopAInMBre8g9wZqDzKqcHXYOFWr09FtFosCA9XJda6ufa_EVLZBtS9gn-3ikDM_Vh5u2_DLvmkASiACNdt43dpwkMYojYCSfPwn-C3WG_TS7KRorXAMBYhV-aF8WFfI4-Wr94dwa-0hcJxwHcErcaBOyDZpHJmVM5tp8QrSrhYQyU5X0HDgV_GB69Ub4qtq9WzcbUnP5ab6XumqvDMJ6i56bf5enEii6864HBrrgapOj2dx0bgXnoW_UKzvOzDRKKhnbmj9YWtN1zym6qguV_6YGlaZGd0JRaKM-Ps5_jfGn9vDV866F5UPFZVdOAg6xnSk6U4056hyky3LxegnTttq1DkNpMbcw-iCVN5mfEY-ZKnP59HYdgjIttEaqlSyEV3ocq-WhoRS63_Q6KnAUWkgDNkePn35esLQeeBf_nqHjFvZiWPx5Cg7SsjgtzZz067gqPDLIX983sC2DbVPV_GItbRLQwQTr4gDIourlEEX0PevDExGHgdl_0NpvbneNlJE6s1DcEnuz-N4-vVOpIp657EbFUiwjaXI8UalRrSXxQBuTWeJanHiohSLYDYovbfWCa_NpO_6zYNrh4fUKtKmnO-lU8CTh_hTAeyOsEY0e4EaPjSsf8WsfFP5Rn9-HT59TDr1OOnqozyvc3Bw0Izjqoq8FG_ohFxOO2ZjsnKSoOePo-texqIP6WFnjz_QNMDWeKnub5KPXdJyU53P4tO5qO&sai=AMfl-YQaA3cWQ8Pd6x08XdvRFmKIOjb1p9ZpwNoAyg7GlW96OV0GKgAhHYC7Z9XQ5E-nw3bcB3EEsr1I8Y98DnqRnYmRF8jgF5W9lokQDnEWMKLvWhxFhiKeD5YJv0HsJfcaVBowUwJy6qvAX_j0z9VJoTLZ2q2JS7p1HihTm7fMqGWOSmHeZRbEgKoilZUFLnk2nxw1BvRBNnBJ4Y9AsmZC6Z6xb1Dg15KR_4h1HQ&sig=Cg0ArKJSzGJdFLVqpChlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&cbvp=1&cstd=403&cisv=r20230620.57764&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 5CD2 9 KB
4 KB 34ms
33ms Script
text/javascript 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=64068332;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJTSVEhuaZMWMJJPt3wOi7oSwBYPg8LZw8u7ZqNMRrqjSiFEQASChqsgqYJX68IGMB8gBCakC7-BpnT9Nsj6oAwHIA5sEqgTeAU_QUXc2CH6xl-jr1Hkb_koHTlFcRsqUoY-BQa6VamwH62_V5LKt3herD02-1oAAOs_xdPwN4T24S1nGq-GclK-8nonJQZ-inay0YGKXOTxMhPJ3UhLbEEllVV8YY3f-nLx-yDyIF3W2tT5NuckyH_IObmXhZRN5P-jt9npxh6YER95qAGWvpXAmuYSm_4_3R89hGuSa1ucoIDo9tqs83dMWTTmZfB0jJF03GYwLXlFMk0tDRY4TuxewciBmN7boljNtqueKmGNMvuzXNd0jwl-KalbJRf7htcWvWLFRo8AE7_-pj7UE4AQDkAYBoAZNgAeAsYDWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOCmuMT0BMA2BMQ2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDv5iXYMquRI1dqia-puPfeSrzdhy95RgB&sig=AOD64_1cb-6PM_cSxeeidIPZVS1hQehgRg&client=ca-pub-6028767826330736&dbm_c=AKAmf-C52r3WSadklphjV1Eyd4hfTublmU-YVfwDifWvnZofKHf6wjG7FyzhVSmpIoPxFOpl3Ke4u4TVT1HQfNyB4XYWgM__zH3gl0CNCXm89qopdzdBr3KXAJsI8HUbbGyxF4RKfcEudxV0LQWvRLBIVhtzdLJUzPmsdNmiC9XcFykvlWyJvvk&cry=1&dbm_d=AKAmf-BNk-vfLrTf-nqtAXe6Jsu5fjB2OMrPNmHJ0DDEX5zjuDZKeC5lcPIj7V11G65MWbdewy4kZh8DexQ4rKTqhMH2UjzOOrL21bEhlFriGVhwXj7eOY2f4sbvdhohKgNB9_O3M9nAjllSk5Iq_FMy3pIy9O67Wf5JNLLPNlCP6hkNl31z8Pqgo0FxXUI5sSQu65Zx3clQhIzxxp3FGjlmWWjDih5yIa10C_YinWSH0l3y03FvYi8eLvi92bE583PSol-mWvnVPIqGJF1aNmlOYYeDV74J9Nlid2pX6gk9kRpb0gonnYemc78GD0HEqTPVQRAPfs6Gt6rrRnTG4339am8j6y2q5M0LWhuBw4C46-ur_vAUcXYx-jje87GyEAu5VEqo7xwAoc7bucrlombwitg827kV4TwtFjmZZwdHwXC2L5osVXRjnfWJNVd9MU0FOX3fmKw_SefKgktVfy00IcuFXNVabgtYRFI4ej41SrYHyokRdGD1KpM_nX83GF73mF6ThWVjfT91TMF_ibQHH6v4f81c093y8ere7XC86fkYKKJDvefe5ZfEjThT2u9y9z-HEtHsUIz2nXCrhx4XGndPSwKBF58fcsaJuAQP-LqXVbTrlX-EFT9ep9i-csDEjg6_6vDx8nXgi4TOupn4bSVk1J7JZhTziduenmKLNrmxPuDcOj-nUTPBWgKaMiC7VE3Ut52m&adurl=;js=1;adfxid=1x;5775;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fpcloak.blob.core.windows.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/628/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5edb90fff40d609cdca246dccdbd2019b5745e0ebe1d8af15738b5f49c181085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3932
expires: -1

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame 85DA 49 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:52:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8047
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFHtfKMonS3Mtlk3aSbocao&google_cver=1&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mC...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFHtfKMonS3Mtlk3aSbocao&google_cver=1&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWic...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mCSwkPbOE&google_hm=QWoQLQ-nR1eyrOZQPLZ-bA==

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mCSwkPbOE&google_hm=QWoQLQ-nR1eyrOZQPLZ-bA==

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mCSwkPbOE&google_hm=QWoQLQ-nR1eyrOZQPLZ-bA==
date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8047
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJoaiGmTMzrnJDGvF58aklc&google_cver=1&google_push=ATf1kGMiIySz0kratLCkV3lwUEyKbxHXiJZjrygm-7IG2gdPGxV8Zm5AoGCOxaa9DcNUITnz_W-cARTd...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGMiIySz0kratLCkV3lwUEyKbxHXiJZjrygm-7IG2gdPGxV8Zm5AoGCOxaa9DcNUITnz_W-cAR...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGMiIySz0kratLCkV3lwUEyKbxHXiJZjrygm-7IG2gdPGxV8Zm5AoGCOxaa9DcNUITnz_W-cARTd9K07zvNG_mPH8NrJLIY

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGMiIySz0kratLCkV3lwUEyKbxHXiJZjrygm-7IG2gdPGxV8Zm5AoGCOxaa9DcNUITnz_W-cARTd9K07zvNG_mPH8NrJLIY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8047
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJoaiGmTMzrnJDGvF58aklc&google_cver=1&google_push=ATf1kGOP3nojJZGHvROGHHNlScK08o_C7GQgsteeH_gC_hsrwY3p0sNTSOsW7hpa5y-xF3YtBiNMDHCt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGOP3nojJZGHvROGHHNlScK08o_C7GQgsteeH_gC_hsrwY3p0sNTSOsW7hpa5y-xF3YtBiNMDH...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGOP3nojJZGHvROGHHNlScK08o_C7GQgsteeH_gC_hsrwY3p0sNTSOsW7hpa5y-xF3YtBiNMDHCtoLA9ETyAtR5fhUNEFvE

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQwOTY3NzA3ODk4MzE2NDUxNQ&google_push=ATf1kGOP3nojJZGHvROGHHNlScK08o_C7GQgsteeH_gC_hsrwY3p0sNTSOsW7hpa5y-xF3YtBiNMDHCtoLA9ETyAtR5fhUNEFvE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 8047 0
44 B 784ms
257ms Image
text/plain 54.92.8.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEL9LICHWrUzh1lz9nwzqkE4&google_cver=1&google_push=ATf1kGPOJdSgEHyFmk7aQdij9SINrUWchbIdgEHPZMqCGB3Yoyk1v6HklPGS7lXdA2eEOZVX5TDR0hkp-ju_4jkT5sr7GS16Tu8
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.8.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-8-61.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
server: awselb/2.0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 8047 0
15 B 26ms
25ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELKZZ45ucS71vJJAAlBpxKk&google_cver=1&google_push=ATf1kGN1zHa8SkFWgOHAg57icft_gP0SYM8PJWIIH4NNF8gd5dI6JhBBDhN1GW8dDpjR66KDHPwuSNlAf7_DA_qRE4H9u79wDjpe3Q

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 8047
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEOAFlthMELOFdQ9Z6QIaYik?ext-param=ATf1kGOmE0wZyYdb8juY4Lfh2_lkMmu2SECrqrB1bnelBFmVQqFRcl7yeGjQKCcDGofapezbqZT-XncZI8DH5KOktbrnwuoWpaAn7w&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEOAFlthMELOFdQ9Z6QIaYik?redir-setuniq=1&ext-param=ATf1kGOmE0wZyYdb8juY4Lfh2_lkMmu2SECrqrB1bnelBFmVQqFRcl7yeGjQKCcDGofapezbqZT-XncZI8DH5KOktbrnwuoWpaAn7w&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOAFlthMELOFdQ9Z6QIaYik&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

63ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jun 2024 23:11:16 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8047
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECam8330K...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECa...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=416a102d-0fa7-4757-b2ac-e6503cb67e6c&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=416a102d-0fa7-4757-b2ac-e6503cb67e6c&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=416a102d-0fa7-4757-b2ac-e6503cb67e6c&%%GOOGLE_PUSH_PAIR%%
date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8047 0
12 B 30ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAnb-2n_1Rbm6AbMQJ8azN-PoMH6RFoovb4E0YXsxozFx10a0ZIYw0pT_npPJoexYAyaV4a8il

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 social
am-trc-events.taboola.com/onedio/log/3/ Frame F2C8 0
230 B 28ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onedio/log/3/social?route=AM:AM:V&lti=aa-test-vis_var&ri=8bf9f456e2f2d567b310aa21d59e8e22&sd=v2_0b012d9ce2e068f47c5ed8b353f88d78_3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093_1687821075_1687821075_CNawjgYQ1JpEGMGG58-PMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABosrWxmb6uzo3eAXAA&ui=3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093&pi=/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&wi=4003718691141787111&pt=text&vi=1687821075265&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22rref%22%3A%22https%3A%2F%2Fpcloak.blob.core.windows.net%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Kredi%20Kart%C4%B1%20Aidat%C4%B1n%C4%B1z%C4%B1%20Geri%20Alabilirsiniz%3A%20Kredi%20Kart%C4%B1%20%C4%B0adesi%20%C4%B0lgili%20Bilmeniz%20Gereken%20Her%20%C5%9Eey%22%2C%22sec%22%3A%22Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimg-s1.onedio.com%2Fid-61704b25e95c836a1703d003%2Frev-0%2Fw-1200%2Fh-597%2Ff-jpg%2Fs-c98243167276ad228ced3fe6ae8b03b608984a22.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=23%3A11%3A15.823&id=8975&llvl=2&cv=20230613-6-RELEASE&
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 3cdd6d7be271fb42d12818bcce49f4ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F2C8 22 KB
23 KB 30ms
21ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cdd6d7be271fb42d12818bcce49f4ec.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a496247c8793bd90c3031454499f1c72953ec1feddfb55c3434efeff5512d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cdd6d7be271fb42d12818bcce49f4ec.jpg
age: 1486950
edge-cache-tag: 431889369545671908098194092452124528758,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 431889369545671908098194092452124528758,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 181
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.vau-max.de/
content-length: 22936
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kiad7000175-IAD, cache-sna10742-LGB, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230097-FRA
last-modified: Thu, 11 May 2023 20:14:26 GMT
server: nginx
x-timer: S1687821076.861490,VS0,VE1
etag: "f1379ca28e45c87c275abe585eb231b5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 7, 1

GET
H2 200 872f51c75574fd84bc3dc6d73ab42d35.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F2C8 23 KB
23 KB 25ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/872f51c75574fd84bc3dc6d73ab42d35.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 03b787d47dba6f2e8e69f23a1bf90d27b76e3ad3183e39c5af66141aa5709dbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/872f51c75574fd84bc3dc6d73ab42d35.jpg
age: 4003653
edge-cache-tag: 622804105292562040965504828309082073798,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 622804105292562040965504828309082073798,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 247
req-referer: https://www.nasdaq.com/
content-length: 23202
x-request-id: 0ad32d758fc6bbcaf08bf1a5b5fbb570
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200126-IAD, cache-iad-kcgs7200151-IAD, cache-lax10653-LGB, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230097-FRA
last-modified: Thu, 11 May 2023 15:03:42 GMT
server: nginx
x-timer: S1687821076.861499,VS0,VE1
etag: "8407c25a3aaabc502e831eadaf875e41"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3, 445, 1

GET
H2 200 10741ea058f151b67db4230bafbe812d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F2C8 23 KB
24 KB 25ms
24ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b92a8a493657f0885ff7c4147921de9d386899cdbe2e6b980be50cd0fadd71d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
age: 1483770
edge-cache-tag: 630794942868811789712213737048539066062,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 630794942868811789712213737048539066062,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 112
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tvdigital.de/
content-length: 23500
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200168-IAD, cache-iad-kiad7000071-IAD, cache-chi-klot8100059-CHI, cache-iad-kiad7000150-IAD, cache-fra-eddf8230097-FRA
last-modified: Thu, 11 May 2023 09:26:30 GMT
server: nginx
x-timer: S1687821076.862805,VS0,VE1
etag: "09f63d4e2a555fa6afbab09ff8a083f3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 80, 1

GET
H2 200 6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F2C8 99 KB
99 KB 26ms
26ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bf774c5da97bdea26c4a23ae32fd57c1f387c76f8cbbd3ef08b986979363b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age: 1723052
edge-cache-tag: 379226829563982640636830187610323967922,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 379226829563982640636830187610323967922,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 266
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.xportsnews.com/
content-length: 101022
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kjyo7100040-IAD, cache-lax10646-LGB, cache-iad-kjyo7100112-IAD, cache-fra-eddf8230097-FRA
last-modified: Thu, 11 May 2023 20:00:22 GMT
server: nginx
x-timer: S1687821076.862806,VS0,VE3
etag: "3bccf95e210bc2101c07da14edb2c512"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 34, 1

GET
H2 200 s-ebde9c8e3e60b883db558d392920607f75baa0b8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s3.onedio.com/id-6496d204d4b1c674fc63f335/rev-0/raw/ Frame F2C8 21 KB
22 KB 30ms
30ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s3.onedio.com/id-6496d204d4b1c674fc63f335/rev-0/raw/s-ebde9c8e3e60b883db558d392920607f75baa0b8.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 93bd0f79c8ba99a6ec0f1abd27501be437855549ae14ec607ddfd978af685473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s3.onedio.com/id-6496d204d4b1c674fc63f335/rev-0/raw/s-ebde9c8e3e60b883db558d392920607f75baa0b8.jpg
age: 213513
edge-cache-tag: 498250467730436220361966684084296065376,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 498250467730436220361966684084296065376,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 518
req-referer: https://onedio.com/
content-length: 21764
x-request-id: f235658d54b1cac99a096fcaad53428e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000094-IAD, cache-iad-kjyo7100116-IAD, cache-chi-kigq8000041-CHI, cache-iad-kiad7000061-IAD, cache-fra-eddf8230097-FRA
last-modified: Sat, 24 Jun 2023 11:44:05 GMT
server: nginx
x-timer: S1687821076.865179,VS0,VE1
etag: "0d63d9673083f73eb4873d8b4c76ca4e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 s-e3cbc3db995ef15f104e3e4be3dc48e6e10b775e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-62ef39f07c8c1b1b2672790b/rev-0/raw/ Frame F2C8 9 KB
10 KB 31ms
30ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-62ef39f07c8c1b1b2672790b/rev-0/raw/s-e3cbc3db995ef15f104e3e4be3dc48e6e10b775e.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f165c18d4068098e2ca6a51713c5df0771ced1ccdbcec4ea6be99a6aef10e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-62ef39f07c8c1b1b2672790b/rev-0/raw/s-e3cbc3db995ef15f104e3e4be3dc48e6e10b775e.jpg
age: 3997101
edge-cache-tag: 405668423749083136817935263195076651037,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 405668423749083136817935263195076651037,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 344
req-referer: https://onedio.com/
content-length: 9106
x-request-id: 9a42eb1c65a91fd7a66b18cb205261a8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200167-IAD, cache-iad-kiad7000074-IAD, cache-sna10741-LGB, cache-iad-kjyo7100152-IAD, cache-fra-eddf8230097-FRA
last-modified: Tue, 11 Apr 2023 06:57:44 GMT
server: nginx
x-timer: S1687821076.866192,VS0,VE1
etag: "e02a88909d3730ac7601ce76fd4fa2a8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 22, 1

GET
H2 200 2066b412c8eb0e9d15274596419ca4a2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F2C8 28 KB
29 KB 23ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2066b412c8eb0e9d15274596419ca4a2.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a828af656d81c11ab2dec2bb2e562d27b9690b2481d41342291664a4c3a4fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2066b412c8eb0e9d15274596419ca4a2.jpg
age: 3145660
edge-cache-tag: 483880175488099677990763690476139797934,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 483880175488099677990763690476139797934,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 209
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://coinchapter.com/
content-length: 28944
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100026-IAD, cache-iad-kjyo7100117-IAD, cache-chi-klot8100081-CHI, cache-iad-kjyo7100092-IAD, cache-fra-eddf8230097-FRA
last-modified: Thu, 11 May 2023 15:59:36 GMT
server: nginx
x-timer: S1687821076.884774,VS0,VE2
etag: "9dde288fe0d2a95c2815329345b74e94"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 17, 1

GET
H2 200 s-91079f2b997669ddde8b1a0745ecc7bd83cf0079.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-64953fd057702416aa46c60f/rev-0/raw/ Frame F2C8 21 KB
21 KB 23ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-64953fd057702416aa46c60f/rev-0/raw/s-91079f2b997669ddde8b1a0745ecc7bd83cf0079.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55aa94f53399161f1132a710e087d4f3d9152aff91e268132f28ec09f80a5224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s1.onedio.com/id-64953fd057702416aa46c60f/rev-0/raw/s-91079f2b997669ddde8b1a0745ecc7bd83cf0079.jpg
age: 317458
edge-cache-tag: 605233697570334060180972810360009175783,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 605233697570334060180972810360009175783,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 583
req-referer: https://onedio.com/
content-length: 21252
x-request-id: e86a44e2f6dc02706932c58794da5f9c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kiad7000087-IAD, cache-chi-kigq8000045-CHI, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230097-FRA
last-modified: Fri, 23 Jun 2023 06:52:31 GMT
server: nginx
x-timer: S1687821076.887945,VS0,VE1
etag: "c8996832eab714b7fe2715a2faa5b4c8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 s-4121d11019bcdf5e24bfceec722c903cca084e18.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s3.onedio.com/id-649a1119d4b1c630279a2a78/rev-0/raw/ Frame F2C8 22 KB
22 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s3.onedio.com/id-649a1119d4b1c630279a2a78/rev-0/raw/s-4121d11019bcdf5e24bfceec722c903cca084e18.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d67150f2e83e22aa952642ed4ee5a0b14ff53a6878ba2cd7dd49d3a15f213883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img-s3.onedio.com/id-649a1119d4b1c630279a2a78/rev-0/raw/s-4121d11019bcdf5e24bfceec722c903cca084e18.jpg
age: 668
edge-cache-tag: 457101664987263927186251111005866690954,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 457101664987263927186251111005866690954,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 467
req-referer: https://onedio.com/
content-length: 22254
x-request-id: 5ad109cc69ca39e8b2a2c0381da7c8af
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100024-IAD, cache-iad-kcgs7200166-IAD, cache-chi-kigq8000099-CHI, cache-iad-kjyo7100108-IAD, cache-fra-eddf8230097-FRA
last-modified: Mon, 26 Jun 2023 22:47:46 GMT
server: nginx
x-timer: S1687821076.887939,VS0,VE2
etag: "1afab4a3b9107a5e3b74f9618d106ee2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F2C8 32 KB
33 KB 24ms
23ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 94e674632f6ea7da559a9b5015b6d6dc5acccae2020340d5f2ffde13d4ca1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 1605996
edge-cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 150
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://tuttofabrodoincucina.it/
content-length: 32628
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000150-IAD, cache-iad-kjyo7100141-IAD, cache-sna10730-LGB, cache-iad-kiad7000094-IAD, cache-fra-eddf8230097-FRA
last-modified: Thu, 11 May 2023 15:58:08 GMT
server: nginx
x-timer: S1687821076.896128,VS0,VE2
etag: "05686e725bd7c1ab25724df4bdd17390"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 56, 1

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 298D 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 23:32:19 GMT
expires: Sat, 22 Jun 2024 23:32:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame AB12 47 KB
12 KB 30ms
29ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:15 GMT
expires: Tue, 25 Jun 2024 23:11:15 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F10 0
0 75ms
75ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgmGLAR0WXNde93kqXI44KybqH_UpIk8kmq-45yfchKfmHHuVu6w6xQDqDqbg8-EoDv6k3JyDhNqG-n3y4dUyqYn83xOfvOyswFravsn8OpoAEfiaaIBgLNsyol7piLVBJ1ExMEt6zJpmzhgqtbou5m7QDmZDexVOJj-v9K4XoUZRiYEsyDjqEqgsO3EWYQwhNYyzdUS4lF_od929YqdBLbC0cAhTCT5MbejAt0Wx270BzbrjJy7NOpp_j14ecH8S03xMTgUHyUGUSyM7tpeaFG70Lt8E3a_pIJkzcMxFGTwuhIrsIQQ1b-tu5ZbneLs5-btueMvtfD8O3lnK7K0t4oijps8T78Y8TLCIaX-dJsQau1hUC2e7gHZKV-R27df1qnjs1103Tjs0K4yusnL5TEtmftM-LQN3fhDd9Mf86RvQKUqxKaK8iL2eS3I9penWWb6Hb8dnyNZTe9ioHCEz3EalrroFYqdl1XhXf9EWLbBolu7_KfAZFZLgR__R8GUuFCX_stys2MNe06JIdC7daXeGGJcEY0iE2IBfZDMhQ1UhgPtSYVdUKoqyHtrSm1D1DnywEkpMJu6oDtDPAFFf8v_uGRvjCGKhIygqjNsfxYDAR_BkK5J5l9BW0BOLXD0xgCcYFQJaVz0N7gR9LpclqzLSH1NgxDQ7oVlLkmkzsBeRctOG_iojFualxhvuyfEZmfON76WHe-CjavWQs-dkrfKL5RMu8rVA-8a4q4F6wyYaIAbgMDkpPTo5Xw-PjO5E_odOokyRbYKCrZxwxhvgLdfGnsA92zIB9q19bZ0CYU3JnfF2Wqt73Si1q21ngrs6YdMomvfyjOxr_oTkoR2bdDCYlgr00VeNgoeXIzj9CTk5XOjX2CwwHKKrJoLVT0IAhpRREdU6EpORxKAxRfiOzu5VywDzsWZUvSQ5mS3jSoHAV_qT3UM-D285FaIp7zQ1i9JjU6ZL1T1X9USCOrrlnGGG53tSokcdqR_m2IdErz_RsnpwlYAjg4p9BTvvPGRGtzmOLrwUfXjUrO6eURfJmm1NswOfkVP7R5UvOjyRgznC3nwoN-paj5aB0JE3hDZKtqbqbriFg6I98LI5BUKL7CPuW67twirDyvufXlrE5nsIwrDqGo9NRYZ46RkMORqdjWoE630fDjsO_U6_xKbIfYqPL4R7m0bTFwB3covQ-ShXomCKzRMl1XX9fwn9xJZDrn68JVD35EdvZcN3egddBwBZvuytoiRSarP_Fn98sMO6a5C9wC2bO6NelotzTXBo0MNORrbI_HUlP3w&sai=AMfl-YSeYBs6MzQUMmVnVqqJshD32E9rxpvOJAvcdtdZGJngWq450lCyXvqB9kw46h7svO3VMWr9YhSbvA3RgQ49vhssnXVWxKERCAuOaOSvZx2k_mejO9u2AE0G0My-7QU8NUsizbAvCXAX-mP81AXjNozf0cwlX3cK21XhUpjh4UNfZ1UZXKq3aJ7V193yJ-WNlxsXpB1Or5AwQkLnGK_SIcbjdw41m73T2x3wQA&sig=Cg0ArKJSzBEcFEm7rkxQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=382&cbvp=1&cstd=374&cisv=r20230620.03761&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 26 Jun 2023 23:11:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5348
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMAUoY1aHQONcmmUG_2-LRw&google_cver=1&google_push=ATf1kGMaUNW43WAO_4fBI2pstVaneHQ0DN6g_v2vS987ziawJxKB59EwpZg_x19RY6IP2r1A19bk52JavhyQoRcI6-6pSlsTYEY
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNjQ4MjU2NTU4ODAxOTc0Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1

43 B
398 B

81ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5348
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC9LRKH-BHt6VBOi4x4NUpQ&google_cver=1&google_push=ATf1kGOgeYwPXppULHDdR__f_PxHq7LIrkGPJTZIwReZ1yyCNxajUns9MMcSJytbmTHyIyi7nrXEKTZ4qWxP5V...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0OTEzNjMxODY0MjMyMTU1MQ%3D%3D&google_push=ATf1kGOgeYwPXppULHDdR__f_PxHq7LIrkGPJTZIwReZ1yyCNxajUns9MMcSJytbmTHyIyi7nrXEKTZ4qWxP5V3DQi...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0OTEzNjMxODY0MjMyMTU1MQ%3D%3D&google_push=ATf1kGOgeYwPXppULHDdR__f_PxHq7LIrkGPJTZIwReZ1yyCNxajUns9MMcSJytbmTHyIyi7nrXEKTZ4qWxP5V3DQiL9ZatPnYg

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0OTEzNjMxODY0MjMyMTU1MQ%3D%3D&google_push=ATf1kGOgeYwPXppULHDdR__f_PxHq7LIrkGPJTZIwReZ1yyCNxajUns9MMcSJytbmTHyIyi7nrXEKTZ4qWxP5V3DQiL9ZatPnYg
Date: Mon, 26 Jun 2023 23:11:15 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5348
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEAE87m07zbCek8EvFhCp9iM&google_cver=1&google_push=ATf1kGMA5ArQhxaxXRUeS5SPYSxtPWn61dKk0P71g0YjCyJL-_R8AeC_qWQPtsCrVKc6WvMo_NZ0oqo5P7aZybp2b_iQM4njgQ
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWd2NDRHREtCa3EyekVXYkZSdWFaQQ%3D%3D&google_push=ATf1kGMA5ArQhxaxXRUeS5SPYSxtPWn61dKk0P71g0YjCyJL-_R8AeC_qWQPtsCrVKc6WvMo_NZ0oqo5P7aZy...

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWd2NDRHREtCa3EyekVXYkZSdWFaQQ%3D%3D&google_push=ATf1kGMA5ArQhxaxXRUeS5SPYSxtPWn61dKk0P71g0YjCyJL-_R8AeC_qWQPtsCrVKc6WvMo_NZ0oqo5P7aZybp2b_iQM4njgQ

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Jun 2023 23:11:17 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWd2NDRHREtCa3EyekVXYkZSdWFaQQ%3D%3D&google_push=ATf1kGMA5ArQhxaxXRUeS5SPYSxtPWn61dKk0P71g0YjCyJL-_R8AeC_qWQPtsCrVKc6WvMo_NZ0oqo5P7aZybp2b_iQM4njgQ
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 241

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5348 43 B
363 B 128ms
35ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEH2uobgTGV8-z99CT6hwXKw&google_cver=1&google_push=ATf1kGNBf60otTNiJncr9iauOlexlGL3qBNpbZb9gXoX2hSQjvaH6rk9mlwIhCtugHzcmjIKs5cfFaWUBK2i1CJYzVs7oX1qgC8

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:15 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 189756
expires: Mon, 26 Jun 2023 00:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 5348 42 B
233 B 341ms
110ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEArjLM_qrXsa-DSr6HOp_gA&google_cver=1&google_push=ATf1kGNCz5ixUEUtz6w8tdO9cNSochRWmydj-GSstfnsyClyKhveMpdWQn-B_AkljDLdUOKezoU3En2EQCGbWDIvBEozcNsFgQ
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 23:11:16 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5348
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEZZGAbUry52vdpeKg1UxLc&google_cver=1&google_push=ATf1kGNkI_OOsVgyyUyX1TUcyu24Hc8HUxR28oltwedQ1Zbi2CUz1Q-tHn3xnZMm6Wv3AN_Z6kDQkXI5Nlqpels3...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNkI_OOsVgyyUyX1TUcyu24Hc8HUxR28oltwedQ1Zbi2CUz1Q-tHn3xnZMm6Wv3AN_Z6kDQkXI5Nlqpels3an8iRXVQQQ

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNkI_OOsVgyyUyX1TUcyu24Hc8HUxR28oltwedQ1Zbi2CUz1Q-tHn3xnZMm6Wv3AN_Z6kDQkXI5Nlqpels3an8iRXVQQQ

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNkI_OOsVgyyUyX1TUcyu24Hc8HUxR28oltwedQ1Zbi2CUz1Q-tHn3xnZMm6Wv3AN_Z6kDQkXI5Nlqpels3an8iRXVQQQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Ssa4jclkJBU5XfS-taH91Ol9kti_EXQF6NGKccsT8quQABUn1qUJwA==

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 5348 0
364 B 100ms
21ms Image
text/plain 18.196.130.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKjFY-1fj8ZD0eu2VQOb4lY&google_cver=1&google_push=ATf1kGMuX7cQGB5h-B1C68RpWXzc0l12u7zroQV2m5EdT2nDmLpIiLRcJCT64L4XxJffzRvsmeBMkJynxqFfEyWW5kaz2sB80GM
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.130.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-130-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5348 0
12 B 31ms
28ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8U38ZPJCs-xvEEhbUBqS25qhFY7n_3QBmX3WjyRjkdNNLrszospGStkzd3FpPeaoMNrcsSQ

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 206 e6tpn5kdpa90ezgnlz1r.mp4
cdn.taboola.com/libtrc/static/video/v1681990788/ Frame F2C8 166 KB
167 KB 25ms
23ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1681990788/e6tpn5kdpa90ezgnlz1r.mp4
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec8b2b157346e00c34295215b5179eb0372c7161bd197136f164969a60ff740

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: XwqiP0tAvqzYjFaeEHjtVZ7DHg.pWBp1
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish
x-amz-request-id: N527PTHKCQGNTWNJ
age: 12
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-170488/170489
x-amz-replication-status: COMPLETED
Content-Length: 170489
x-amz-id-2: QRlaZvU1p7B8vreukqvI/XzUtliih027jRYjgp0a74G7AojU+RImjOJhkbr1SfuI69VPj4ddMoQ=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Thu, 20 Apr 2023 11:39:53 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821076.914595,VS0,VE1
etag: "d88db064d8886328a37cd28333aa3d17"
content-type: video/mp4;codecs=avc1
abp: 25
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 lvdy7gv49uf2qpflgrjz.mp4
cdn.taboola.com/libtrc/static/video/v1676623376/ Frame F2C8 894 KB
895 KB 28ms
28ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1676623376/lvdy7gv49uf2qpflgrjz.mp4
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51852dbbc5ba83eeabcf17f02e03c459bdb3936c4f364a3a3b7515df9ab8e6aa

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: LwTsUsT0AVWIYXMWqvwiH.Km4geXv1rz
date: Mon, 26 Jun 2023 23:11:15 GMT
via: 1.1 varnish
x-amz-request-id: 37VK08K08RZ55R2E
age: 39
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-915402/915403
x-amz-replication-status: COMPLETED
Content-Length: 915403
x-amz-id-2: 2mPE+tbYktS16iiZzsgT0WcaZnbUSXXgIrN6AiivxdSp51adjIkX0KzI7yO0VtdS2THenMAZqT8=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Fri, 17 Feb 2023 08:43:03 GMT
server: AmazonS3
x-timer: S1687821076.915342,VS0,VE1
etag: "046e5f39789ed0d34b5056509ac3b476"
content-type: video/mp4;codecs=avc1
abp: 95
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F71C 118 KB
40 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:52:36 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F71C 63 KB
25 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B496 22 KB
8 KB 30ms
26ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 23:32:19 GMT
expires: Sat, 22 Jun 2024 23:32:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js Show response
pagead2.googlesyndication.com/bg/ Frame 504C 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 17:02:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame F2C8 3 KB
601 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e14b20679f4209e926dd3781ee792401cb5702c9a66fbc8cc844bcc22a496d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 21:12:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
H2 200 B29796157.366316243;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=1148619617;ord=gosi2e;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-OexPCAXxmF-GbLrSGc6JD1XyH9uktkOFPqF7sx_9... Show response
ad.doubleclick.net/ddm/adj/N5664.218.EXPEDIA/ Frame 85DA 77 KB
34 KB 138ms
59ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5664.218.EXPEDIA/B29796157.366316243;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=1148619617;ord=gosi2e;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-OexPCAXxmF-GbLrSGc6JD1XyH9uktkOFPqF7sx_9_hZuO9o6JW-rW_J7JPj7ZUlF7nWXksjSeUHw0wCzdsQXDinNclRpvBjWmtO3ViHLP2wSKzP7_6dhVlGr4073obuTOba28cGyKkdxZVCVNG3EvU06u-dwb7ScH7vJbBGG1hoxNTEHRogQWDPIFpKQ2FBx6ZzZ_1OVcD7J8UW4zx0sHzJl1jZX2zh7ABE1tekSEGgGrbWfg3fs39sXaVwYuoay_-w4fe7KWIUhNmlxFO8N7IU51XE_vsJal2CWnyMkImjfogvdQ0T7vKSFLnwMZVs6W9e8G7TyQqXNSAbH54ff_4ZH7VRh1PrLtSIfva2XwaLARzM26bbSBwDxOXE3yaLEEO7dr-_kuf81qWbwyXX8wEtU3_jOl5oSx02MkhyArDUrOf9RAATDIaEniz0hwSyXBuOcn6Y-9VUXL4msVGB94PTrG6amHW_cqUG7od4AlQ0WTm_QWwTSK5ztNOyGqFKgTsB06XivjaVIH1BpjS5LF7OvZ-wg_dNN9rBJDPHh5ZligtbfTGr92Ng8hInpFxuuux-jTJNbYXxHkvZkAf8YLX9OHSfZifJN2qYIFnP4OhjBEd-HJYNGxl5bXPABwoRrTGOgQW1k9HggmGC3bzgCkcJOqLEPXLaTzQzZNjryR-Vp_iR-CtrUUht9RfjKyF51uUgwO8UkiqlpxdgdlcvOrgLOtAEmBsUGm1WkhQiGktW77A7WVzzs3bD0LxBYoYBtYTg74oPc01DN9Qf-n4hLZQOx3SPDMmSwsIYNXWetdck7z5ex8eSxHUTpd8lmIaNixGOiJHk6vhGYpgXHJNK-nHbktYMv8jbHC8eps1KrZV24_HUHb0dyPYjBpjAXvtHMPEz2dfmaj5zakxrVJ8e9sPiG-ih9Kt3sxnePA8zbHc9obYzKDe5JjpCzA08MGzl49fmPdZfa_4GZbgKosIrFDmu2-5oBLw4vZxVOB2yk6zUr6Rk8nePFXII4U28CtAhnxOXj33TowiSq4k3YXiSAE_v7UYaJeLHcg_ha_7TW2iGSPo2bCGK-9zsnBaHLoPSs2KcjvittP0Mr9sr3hVX61WuW6e-rJyFPoExZBN66QCgmMcmqGez-UHyX7rVVBElyq2eMiqzU90EDuKGmz1rFibahQmt_wKN90JWgHqgk4pflmXrGZ_GD%26sai%3DAMfl-YTZzZPSsQqFcxbpc0aQY_5pa6p_c7Ut3leDXO4_8eO4Nf_nG1-L4fLi_CjPDuRMqrzSLZid4axBPYM9RjE0oIwdEw4SqRYPTUObbvhpg_Ak944pTI3-I_p7yLf1uDxsk9P5b_Gtz6fInSkTerhRDkoiqPXUnXeWGrsxzdjfJVbWVCW2SB4rVnhHtbHbJaJ3AsUm3ywnn0gIpmC2-9Zetk8%26sig%3DCg0ArKJSzKH1SrWEUEeTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fpcloak.blob.core.windows.net$2,https%3A%2F%2Fonedio.com%2F$0;xdt=1;crlt=TEEW0zLXq_;stc=1;chaa=1;sttr=145;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

8f4557e9f00d34167fab5b42b70e3b308a7a4dcd399689b0ffc59ca5980e0ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33943
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/628/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 5CD2 91 KB
39 KB 44ms
43ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/628/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/628/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:03 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 16 Jun 2023 15:11:23 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AB12 118 KB
40 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:52:36 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AB12 63 KB
25 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:11:15 GMT

GET
DATA 200
OK truncated
/ Frame 5CD2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d53e65032e0f92945d35600118450d12bb0e8ab8312d97f1f9742c3f48d1bca5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js Show response
pagead2.googlesyndication.com/bg/ Frame 298D 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 17:02:22 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 5CD2 35 B
626 B 36ms
36ms Ping
image/gif 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=64068332&csi=83fe4J5yYZtoRSAVgohGCNtnza_wIGFZwiFi6Ks0Q98JDwKV3Zer3LvWn155gEuhmk_Z6u6bWXoh5pJ4U4_fy96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/628/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230621/r20110914/elements/html/ Frame 85DA 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230621/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5664.218.EXPEDIA/B29796157.366316243;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=1148619617;ord=gosi2e;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-OexPCAXxmF-GbLrSGc6JD1XyH9uktkOFPqF7sx_9_hZuO9o6JW-rW_J7JPj7ZUlF7nWXksjSeUHw0wCzdsQXDinNclRpvBjWmtO3ViHLP2wSKzP7_6dhVlGr4073obuTOba28cGyKkdxZVCVNG3EvU06u-dwb7ScH7vJbBGG1hoxNTEHRogQWDPIFpKQ2FBx6ZzZ_1OVcD7J8UW4zx0sHzJl1jZX2zh7ABE1tekSEGgGrbWfg3fs39sXaVwYuoay_-w4fe7KWIUhNmlxFO8N7IU51XE_vsJal2CWnyMkImjfogvdQ0T7vKSFLnwMZVs6W9e8G7TyQqXNSAbH54ff_4ZH7VRh1PrLtSIfva2XwaLARzM26bbSBwDxOXE3yaLEEO7dr-_kuf81qWbwyXX8wEtU3_jOl5oSx02MkhyArDUrOf9RAATDIaEniz0hwSyXBuOcn6Y-9VUXL4msVGB94PTrG6amHW_cqUG7od4AlQ0WTm_QWwTSK5ztNOyGqFKgTsB06XivjaVIH1BpjS5LF7OvZ-wg_dNN9rBJDPHh5ZligtbfTGr92Ng8hInpFxuuux-jTJNbYXxHkvZkAf8YLX9OHSfZifJN2qYIFnP4OhjBEd-HJYNGxl5bXPABwoRrTGOgQW1k9HggmGC3bzgCkcJOqLEPXLaTzQzZNjryR-Vp_iR-CtrUUht9RfjKyF51uUgwO8UkiqlpxdgdlcvOrgLOtAEmBsUGm1WkhQiGktW77A7WVzzs3bD0LxBYoYBtYTg74oPc01DN9Qf-n4hLZQOx3SPDMmSwsIYNXWetdck7z5ex8eSxHUTpd8lmIaNixGOiJHk6vhGYpgXHJNK-nHbktYMv8jbHC8eps1KrZV24_HUHb0dyPYjBpjAXvtHMPEz2dfmaj5zakxrVJ8e9sPiG-ih9Kt3sxnePA8zbHc9obYzKDe5JjpCzA08MGzl49fmPdZfa_4GZbgKosIrFDmu2-5oBLw4vZxVOB2yk6zUr6Rk8nePFXII4U28CtAhnxOXj33TowiSq4k3YXiSAE_v7UYaJeLHcg_ha_7TW2iGSPo2bCGK-9zsnBaHLoPSs2KcjvittP0Mr9sr3hVX61WuW6e-rJyFPoExZBN66QCgmMcmqGez-UHyX7rVVBElyq2eMiqzU90EDuKGmz1rFibahQmt_wKN90JWgHqgk4pflmXrGZ_GD%26sai%3DAMfl-YTZzZPSsQqFcxbpc0aQY_5pa6p_c7Ut3leDXO4_8eO4Nf_nG1-L4fLi_CjPDuRMqrzSLZid4axBPYM9RjE0oIwdEw4SqRYPTUObbvhpg_Ak944pTI3-I_p7yLf1uDxsk9P5b_Gtz6fInSkTerhRDkoiqPXUnXeWGrsxzdjfJVbWVCW2SB4rVnhHtbHbJaJ3AsUm3ywnn0gIpmC2-9Zetk8%26sig%3DCg0ArKJSzKH1SrWEUEeTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fpcloak.blob.core.windows.net$2,https%3A%2F%2Fonedio.com%2F$0;xdt=1;crlt=TEEW0zLXq_;stc=1;chaa=1;sttr=145;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 16:50:07 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85DA 0
0 65ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRd7auK21xn_KlF86FlWlW3g9RHwtc2ysl-AomKp1DHsCop_1bBGffsi4fE1AF2F7nli23ZOoPM3Xh1m1d-htfNQUTV8FYxzN6H8eXgpDLJLtZL0IuZlrfAxFf0Vs_vZ1DT2mwmJImyQHtDUlZWcJvfKE1QVioCoEBPh6fUvhW3_n9S8gE9nXEmw&sai=AMfl-YQO8Ckg5Y1aMMxu7syHES72GX_L7XxykN98FqXd_68hO2JggxXvpP-BvMVkC8u26aaKIQ5Eit5ur8CVurYfFTReiP7fVRqc9DOHOQ&sig=Cg0ArKJSzDO1tUdPrUvUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230621.23041&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 23:11:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 85DA 41 KB
15 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 13:19:10 GMT

GET
H3 200 13145059176448351527
s0.2mdn.net/simgad/ Frame 85DA 67 KB
67 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13145059176448351527

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0328a6c2f97160ada64bacee0554de4678f3e4da5535c11752764c131c583b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:31:24 GMT
x-content-type-options: nosniff
age: 265192
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68799
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 22:16:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 21:31:24 GMT

GET
H2

200

src=5387547;dc_pre=CKObhb6H4v8CFVZOHgIdQLkCrQ;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame 85DA
Redirect Chain

https://dc.arrivalist.com/px/?pixel_id=1102&a_source=1612728&a_medium=TD&a_campaign=FY23_Shopping_ct=DE&st=&city=0&dma=0&zp=88090&bw=4&a_content=191466213&a_type=Paid
https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-194649a1b14a89216.57774391649a1b14a9cc10.22450042
https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-194649a1b14a89216.57774391649a1b14a9cc10.22450042
https://dc.arrivalist.com/pj/proc.php?auid=8332244428281608687&rk=ckip-10-0-1-194649a1b14a89216.57774391649a1b14a9cc10.22450042
https://ib.adnxs.com/seg?add=5938683&redir=https://ad.doubleclick.net/ddm/activity/src=5387547;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=5387547;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=5387547;dc_pre=CKObhb6H4v8CFVZOHgIdQLkCrQ;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=5387547;dc_pre=CKObhb6H4v8CFVZOHgIdQLkCrQ;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
262 B

63ms
62ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=5387547;dc_pre=CKObhb6H4v8CFVZOHgIdQLkCrQ;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=5387547;dc_pre=CKObhb6H4v8CFVZOHgIdQLkCrQ;type=invmedia;cat=jkln2kfq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 922E 0
0 65ms
65ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOQs4irFPPxZNH5KCX_1_8fwbgwqGITR9rw7gh1Zv-TvxvL7_iiqyOYJji-YhpWytX_SvNIbMQmJc41D2L15QuYPl6teenOg_a4Y8kP7Jm13rpyxJTnGaBrtPtfJOcv7fz_--n0kQbO1zQPOZO-Q2jhyptzBwWLF1l-JMsMWZw6HnAGJwWUrcnIDB_v62EiOS-Fys6MZAYx9NcWAs9ETFLq-7Yv9nGEDLgijr83T8xUXpaRhV9vR-pkQLGy62C3VUo9vMjkRutFROLzYzlNfMJ9x_oi6gw9h6pfbiNMwjdQP1fIy0hVay02j65ZFLoqEqNnWgYYCswk3sKEAEW5ej4BFyYeHKjIv5_CYcvqyELi_YFqa5QkKkLq5tZRlqQGhhFFZWEQgYuQuCTJHJElesuLgtSSbkDsnmeEw8Ur9mY2a4tQvTCTsob0CO_MtDQ-eQMP96iXeP6s6NxFMBV7w6ZlvS3iolMQxYX2L7TQeRFRSjLaTj9VqaeyaXQM35dJ92od7XSdMmzzV747pbRuvGmYd1OjZBEkEP5VlrvyNeT9aAX3EvJy03w6MS2kYcTiWCopAInMBre8g9wZqDzKqcHXYOFWr09FtFosCA9XJda6ufa_EVLZBtS9gn-3ikDM_Vh5u2_DLvmkASiACNdt43dpwkMYojYCSfPwn-C3WG_TS7KRorXAMBYhV-aF8WFfI4-Wr94dwa-0hcJxwHcErcaBOyDZpHJmVM5tp8QrSrhYQyU5X0HDgV_GB69Ub4qtq9WzcbUnP5ab6XumqvDMJ6i56bf5enEii6864HBrrgapOj2dx0bgXnoW_UKzvOzDRKKhnbmj9YWtN1zym6qguV_6YGlaZGd0JRaKM-Ps5_jfGn9vDV866F5UPFZVdOAg6xnSk6U4056hyky3LxegnTttq1DkNpMbcw-iCVN5mfEY-ZKnP59HYdgjIttEaqlSyEV3ocq-WhoRS63_Q6KnAUWkgDNkePn35esLQeeBf_nqHjFvZiWPx5Cg7SsjgtzZz067gqPDLIX983sC2DbVPV_GItbRLQwQTr4gDIourlEEX0PevDExGHgdl_0NpvbneNlJE6s1DcEnuz-N4-vVOpIp657EbFUiwjaXI8UalRrSXxQBuTWeJanHiohSLYDYovbfWCa_NpO_6zYNrh4fUKtKmnO-lU8CTh_hTAeyOsEY0e4EaPjSsf8WsfFP5Rn9-HT59TDr1OOnqozyvc3Bw0Izjqoq8FG_ohFxOO2ZjsnKSoOePo-texqIP6WFnjz_QNMDWeKnub5KPXdJyU53P4tO5qO&sai=AMfl-YQaA3cWQ8Pd6x08XdvRFmKIOjb1p9ZpwNoAyg7GlW96OV0GKgAhHYC7Z9XQ5E-nw3bcB3EEsr1I8Y98DnqRnYmRF8jgF5W9lokQDnEWMKLvWhxFhiKeD5YJv0HsJfcaVBowUwJy6qvAX_j0z9VJoTLZ2q2JS7p1HihTm7fMqGWOSmHeZRbEgKoilZUFLnk2nxw1BvRBNnBJ4Y9AsmZC6Z6xb1Dg15KR_4h1HQ&sig=Cg0ArKJSzGJdFLVqpChlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=894&vt=11&dtpt=475&dett=3&cstd=403&cisv=r20230620.57764&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 23:11:16 GMT

GET
H3 200 YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js Show response
pagead2.googlesyndication.com/bg/ Frame B496 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 17:02:22 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F10 0
0 65ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgmGLAR0WXNde93kqXI44KybqH_UpIk8kmq-45yfchKfmHHuVu6w6xQDqDqbg8-EoDv6k3JyDhNqG-n3y4dUyqYn83xOfvOyswFravsn8OpoAEfiaaIBgLNsyol7piLVBJ1ExMEt6zJpmzhgqtbou5m7QDmZDexVOJj-v9K4XoUZRiYEsyDjqEqgsO3EWYQwhNYyzdUS4lF_od929YqdBLbC0cAhTCT5MbejAt0Wx270BzbrjJy7NOpp_j14ecH8S03xMTgUHyUGUSyM7tpeaFG70Lt8E3a_pIJkzcMxFGTwuhIrsIQQ1b-tu5ZbneLs5-btueMvtfD8O3lnK7K0t4oijps8T78Y8TLCIaX-dJsQau1hUC2e7gHZKV-R27df1qnjs1103Tjs0K4yusnL5TEtmftM-LQN3fhDd9Mf86RvQKUqxKaK8iL2eS3I9penWWb6Hb8dnyNZTe9ioHCEz3EalrroFYqdl1XhXf9EWLbBolu7_KfAZFZLgR__R8GUuFCX_stys2MNe06JIdC7daXeGGJcEY0iE2IBfZDMhQ1UhgPtSYVdUKoqyHtrSm1D1DnywEkpMJu6oDtDPAFFf8v_uGRvjCGKhIygqjNsfxYDAR_BkK5J5l9BW0BOLXD0xgCcYFQJaVz0N7gR9LpclqzLSH1NgxDQ7oVlLkmkzsBeRctOG_iojFualxhvuyfEZmfON76WHe-CjavWQs-dkrfKL5RMu8rVA-8a4q4F6wyYaIAbgMDkpPTo5Xw-PjO5E_odOokyRbYKCrZxwxhvgLdfGnsA92zIB9q19bZ0CYU3JnfF2Wqt73Si1q21ngrs6YdMomvfyjOxr_oTkoR2bdDCYlgr00VeNgoeXIzj9CTk5XOjX2CwwHKKrJoLVT0IAhpRREdU6EpORxKAxRfiOzu5VywDzsWZUvSQ5mS3jSoHAV_qT3UM-D285FaIp7zQ1i9JjU6ZL1T1X9USCOrrlnGGG53tSokcdqR_m2IdErz_RsnpwlYAjg4p9BTvvPGRGtzmOLrwUfXjUrO6eURfJmm1NswOfkVP7R5UvOjyRgznC3nwoN-paj5aB0JE3hDZKtqbqbriFg6I98LI5BUKL7CPuW67twirDyvufXlrE5nsIwrDqGo9NRYZ46RkMORqdjWoE630fDjsO_U6_xKbIfYqPL4R7m0bTFwB3covQ-ShXomCKzRMl1XX9fwn9xJZDrn68JVD35EdvZcN3egddBwBZvuytoiRSarP_Fn98sMO6a5C9wC2bO6NelotzTXBo0MNORrbI_HUlP3w&sai=AMfl-YSeYBs6MzQUMmVnVqqJshD32E9rxpvOJAvcdtdZGJngWq450lCyXvqB9kw46h7svO3VMWr9YhSbvA3RgQ49vhssnXVWxKERCAuOaOSvZx2k_mejO9u2AE0G0My-7QU8NUsizbAvCXAX-mP81AXjNozf0cwlX3cK21XhUpjh4UNfZ1UZXKq3aJ7V193yJ-WNlxsXpB1Or5AwQkLnGK_SIcbjdw41m73T2x3wQA&sig=Cg0ArKJSzBEcFEm7rkxQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=782&vt=11&dtpt=400&dett=3&cstd=374&cisv=r20230620.03761&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 23:11:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A8A7 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Tue, 27 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 12566611.js Show response
s1.adform.net/Banners/Elements/Files/2105327/12566611/ Frame 43C3 4 KB
2 KB 38ms
38ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2105327/12566611/12566611.js?ADFassetID=12566611&bv=257
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6296ca0caa0ea059bbde8758b1e13d4de06a041c2ae716181e27bd728160b466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:03 GMT
content-encoding: gzip
last-modified: Tue, 28 Mar 2023 13:51:52 GMT
server: nginx
x-amz-request-id: tx0000039f87840e75cc48c-00649a0b9f-32950a49-default
etag: W/"6ef0f5094e243b8d1f546adac5585e89"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
DATA 200
OK truncated
/ Frame 85DA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4800d1ddcb624759884f88dc16588ba7c5548440372363acb693093a396e9573

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame F71C 47 KB
47 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:05:49 GMT
x-content-type-options: nosniff
age: 327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:20:49 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame F71C 46 KB
46 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:00:47 GMT
x-content-type-options: nosniff
age: 629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:15:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F71C 7 KB
6 KB 92ms
46ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

169fd870a93b53a34363e7fda578ef8c951d28c148b51e81b966d416f66233ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
x-xss-protection: 0

GET
H3 200 60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F71C 27 KB
27 KB 32ms
31ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3e6ec523836351b5ed090d20ee28948242138f9cfb7bc592850d05342cbccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:55:33 GMT
x-content-type-options: nosniff
age: 33343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27236
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 12:54:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:55:33 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F71C 28 KB
28 KB 29ms
28ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 18:16:39 GMT
x-content-type-options: nosniff
age: 17677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 18:16:39 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame F71C 43 B
609 B 107ms
30ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695495_145340772_PO1501A20230606&ref=29118705_4307561_354695495_145340772_PO1501A20230606
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 23:11:16 GMT
via: 1.1 varnish-live-1-1
CF-Cache-Status: HIT
age: 2782210
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 366626906
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7dd920e00e852c5a-FRA
Expires: Tue, 25 Jun 2024 23:11:16 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85DA 0
0 63ms
62ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRd7auK21xn_KlF86FlWlW3g9RHwtc2ysl-AomKp1DHsCop_1bBGffsi4fE1AF2F7nli23ZOoPM3Xh1m1d-htfNQUTV8FYxzN6H8eXgpDLJLtZL0IuZlrfAxFf0Vs_vZ1DT2mwmJImyQHtDUlZWcJvfKE1QVioCoEBPh6fUvhW3_n9S8gE9nXEmw&sai=AMfl-YQO8Ckg5Y1aMMxu7syHES72GX_L7XxykN98FqXd_68hO2JggxXvpP-BvMVkC8u26aaKIQ5Eit5ur8CVurYfFTReiP7fVRqc9DOHOQ&sig=Cg0ArKJSzDO1tUdPrUvUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=171&dett=2&cstd=0&cisv=r20230621.23041&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 23:11:16 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame AB12 47 KB
47 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:05:49 GMT
x-content-type-options: nosniff
age: 327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:20:49 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame AB12 46 KB
46 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:00:47 GMT
x-content-type-options: nosniff
age: 629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:15:47 GMT

GET
H3 200 60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AB12 27 KB
27 KB 41ms
41ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3e6ec523836351b5ed090d20ee28948242138f9cfb7bc592850d05342cbccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:55:33 GMT
x-content-type-options: nosniff
age: 33343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27236
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 12:54:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:55:33 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AB12 28 KB
28 KB 44ms
43ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 18:16:39 GMT
x-content-type-options: nosniff
age: 17677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 18:16:39 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame AB12 43 B
609 B 107ms
42ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695495_145340772_PO1501A20230606&ref=29118705_4307561_354695495_145340772_PO1501A20230606
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 23:11:16 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 3031828
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 273086407
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7dd920e00fd62be2-FRA
Expires: Tue, 25 Jun 2024 23:11:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AB12 7 KB
6 KB 70ms
36ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

333190cb60b21ab9634fb0dd5163c478c0e58435efd042d7da80bd6d6af8a238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5685
x-xss-protection: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame F71C 26 KB
26 KB 46ms
46ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=VeDjhMPMmp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:08:00 GMT
x-content-type-options: nosniff
age: 196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:23:00 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame AB12 26 KB
26 KB 44ms
43ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=1QztakQKqG&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:08:00 GMT
x-content-type-options: nosniff
age: 196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:23:00 GMT

GET
H2 206 e6tpn5kdpa90ezgnlz1r.mp4
cdn.taboola.com/libtrc/static/video/v1681990788/ Frame F2C8 166 KB
167 KB 30ms
29ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1681990788/e6tpn5kdpa90ezgnlz1r.mp4
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec8b2b157346e00c34295215b5179eb0372c7161bd197136f164969a60ff740

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: XwqiP0tAvqzYjFaeEHjtVZ7DHg.pWBp1
date: Mon, 26 Jun 2023 23:11:16 GMT
via: 1.1 varnish
x-amz-request-id: N527PTHKCQGNTWNJ
age: 12
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-170488/170489
x-amz-replication-status: COMPLETED
Content-Length: 170489
x-amz-id-2: QRlaZvU1p7B8vreukqvI/XzUtliih027jRYjgp0a74G7AojU+RImjOJhkbr1SfuI69VPj4ddMoQ=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Thu, 20 Apr 2023 11:39:53 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687821077.516073,VS0,VE2
etag: "d88db064d8886328a37cd28333aa3d17"
content-type: video/mp4;codecs=avc1
abp: 29
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 lvdy7gv49uf2qpflgrjz.mp4
cdn.taboola.com/libtrc/static/video/v1676623376/ Frame F2C8 894 KB
895 KB 28ms
28ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1676623376/lvdy7gv49uf2qpflgrjz.mp4
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51852dbbc5ba83eeabcf17f02e03c459bdb3936c4f364a3a3b7515df9ab8e6aa

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: LwTsUsT0AVWIYXMWqvwiH.Km4geXv1rz
date: Mon, 26 Jun 2023 23:11:16 GMT
via: 1.1 varnish
x-amz-request-id: 37VK08K08RZ55R2E
age: 39
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-915402/915403
x-amz-replication-status: COMPLETED
Content-Length: 915403
x-amz-id-2: 2mPE+tbYktS16iiZzsgT0WcaZnbUSXXgIrN6AiivxdSp51adjIkX0KzI7yO0VtdS2THenMAZqT8=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Fri, 17 Feb 2023 08:43:03 GMT
server: AmazonS3
x-timer: S1687821077.516063,VS0,VE2
etag: "046e5f39789ed0d34b5056509ac3b476"
content-type: video/mp4;codecs=avc1
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 0069 422 B
356 B 53ms
35ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1687821076504&uv=3290&tms=1687821076504&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm_vD!ul137296-322_vB&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=763b25de-b228-4172-87f8-9afa2104a7fb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 837376fc0794da507d975f8f40bad71cf9b790924c6c1f88a656c6e518381f24

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 26 Jun 2023 23:11:16 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230097-FRA
x-timer: S1687821077.537660,VS0,VE10

GET
H2 200 st
am-vid-events.taboola.com/ Frame F2C8 0
43 B 39ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=31589837&cb=1687821076504&uv=3290&tms=1687821076504&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm_vD!ul137296-322_vB&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1687821073003.2!ts:1687821076504&mntl=1
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
content-length: 0
server: nginx

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6E06 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4WYdoSoAAnE-THfvVYgCPsGi6jYzjeVb61IY-qOHQ7pbqvk4EXFrK1SJeE2v7NuUmCcUai4xdnoi6ZP0qENqI_pdDVFaeDtofPD0-oHCGPL_S0sat7hWq5kwK29duqPcOSOV5QSUPocOe&sai=AMfl-YTg2o7DZJRgJh7On3kjcY12brIheysivsXppTUjTjkmAXWk3HPxahWvH_9kq1_7mj4pQC4pahGBwSK4&sig=Cg0ArKJSzHPDJ3N8QBgxEAE&cid=CAQSGwBygQiDlzTDxvbsBXsCTNBmYMIN4LYakw1DsRgB&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1047&mtos=0,0,1047,1047,1047&tos=0,0,1047,0,0&tfs=545&tls=1592&g=100&h=100&tt=1592&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 43C3 30 KB
14 KB 43ms
41ms Script
application/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=628
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/628/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:03 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx0000015bdd5c9ed468257-0063765d71-32940f80-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 43C3 236 KB
63 KB 126ms
37ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/628/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 26 Jun 2023 23:26:16 GMT

GET
H2 200 970x250-esupercard-interest-B2B.js Show response
s1.adform.net/Banners/Elements/Files/2105327/12566611/bvpath_257/ Frame 43C3 13 KB
4 KB 43ms
42ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2105327/12566611/bvpath_257/970x250-esupercard-interest-B2B.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/628/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1f3a1b50164ccf915f1c2871b79140f2b8cd36005a01cc1dce8b0f1eeea940ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:03 GMT
content-encoding: gzip
last-modified: Tue, 28 Mar 2023 13:51:52 GMT
server: nginx
x-amz-request-id: tx000007a949a4af9eac0a8-006494a212-3295d04c-default
etag: W/"6f7a4c8cb702f3584173dceee915ba3f"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A8A7
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1&google_push=ATf1kGPSahSxU7t0AlqFVkEulKFeBi0TZtHfAAcNi3gv6MwNu8dPc0nKb58WVrkapcTsReaJXagtXf_PCoPa7wFzUB5nI5VxtiXV
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNjQ4MjU2NTU4ODAxOTc0Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1

43 B
398 B

29ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMg572fHyC2wgfx07MyAIiU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A8A7 0
104 B 171ms
64ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKqj63gzRjMvG5Sgt8I9zas&google_cver=1&google_push=ATf1kGPn-tb5MgqJC38Spuzdu4GkFU3UvRcAuEy6HdbN5LeyPS0iWJUWl9u0jEu2wKh7mQehlgAt0AFu9YxH4NRfthV07hfS0mM
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8A7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGkSdZtaEVnhz45qmH7hMg4&google_cver=1&google_push=ATf1kGPmRH127Pp-YFU-xvsGdUn8ke5yRCBWtG--CM5xJ4KNakwmd_-By5N8Upi8i6XrEejgO34JW4qNCkr6Gv9JygtIc1O6S-EY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFC7154B9E7B4E28A75A1E2364C7D0B6&google_push=ATf1kGPmRH127Pp-YFU-xvsGdUn8ke5yRCBWtG--CM5xJ4KNakwmd_-By5N8Upi8i6XrEejgO34JW4qNCkr6Gv9...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFC7154B9E7B4E28A75A1E2364C7D0B6&google_push=ATf1kGPmRH127Pp-YFU-xvsGdUn8ke5yRCBWtG--CM5xJ4KNakwmd_-By5N8Upi8i6XrEejgO34JW4qNCkr6Gv9JygtIc1O6S-EY

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Jun 2023 23:11:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFC7154B9E7B4E28A75A1E2364C7D0B6&google_push=ATf1kGPmRH127Pp-YFU-xvsGdUn8ke5yRCBWtG--CM5xJ4KNakwmd_-By5N8Upi8i6XrEejgO34JW4qNCkr6Gv9JygtIc1O6S-EY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 25 Jun 2023 23:11:16 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame A8A7 0
173 B 94ms
35ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG45z4ssxUN_fIeoRexXldI&google_cver=1&google_push=ATf1kGOOmcG2L7wUfuq1T6kbXuZa4Ik_eURjo5D2ryoVgigf7evMj5AM5Qk3EfDuZZjdZf7n9qOaZUMPG-hU2tCTh_R5IkHdaT1p
Requested by: Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8A7
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEJ7i6_9Z9TVRO2STYkYnR7E&google_cver=1&google_push=ATf1kGMS2hxjckiqzUJI54v4UVqaNuVQSO0sGvapfP1BU0NDXBtBwVNxGfGjwNhIdcy05CLGmPX5chuS2W43-9NOIIHW-iXbqXEl
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0UxMEQ3MkU2OEY5OThBQQ==

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0UxMEQ3MkU2OEY5OThBQQ==

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0UxMEQ3MkU2OEY5OThBQQ==
date: Mon, 26 Jun 2023 23:11:16 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8A7
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEBNEQ2-O1aNTDoEQCrvD-bM&google_cver=1&google_push=ATf1kGMkz64QXV6Z-jsaDV_BBjb9ARqdfO3I_xIK1mbPGExDYSOSIQNFikSAZIGah-tnMjjP4vd-q...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMkz64QXV6Z-jsaDV_BBjb9ARqdfO3I_xIK1mbPGExDYSOSIQNFikSAZIGah-tnMjjP4vd-qy1d0aMT6Pl-HMMz3I9mqMa8&google_hm=WkpvYkZjQ28...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMkz64QXV6Z-jsaDV_BBjb9ARqdfO3I_xIK1mbPGExDYSOSIQNFikSAZIGah-tnMjjP4vd-qy1d0aMT6Pl-HMMz3I9mqMa8&google_hm=WkpvYkZjQ284WGNBQU9FbHluQUFBQUFB

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 26 Jun 2023 23:11:17 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEBNEQ2-O1aNTDoEQCrvD-bM&google_push=ATf1kGMkz64QXV6Z-jsaDV_BBjb9ARqdfO3I_xIK1mbPGExDYSOSIQNFikSAZIGah-tnMjjP4vd-qy1d0aMT6Pl-HMMz3I9mqMa8&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZJobFcCo8XcAAOElynAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad206"}
X-SO-Key: ZJobFcCo8XcAAOElynAAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad206
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGMkz64QXV6Z-jsaDV_BBjb9ARqdfO3I_xIK1mbPGExDYSOSIQNFikSAZIGah-tnMjjP4vd-qy1d0aMT6Pl-HMMz3I9mqMa8&google_hm=WkpvYkZjQ284WGNBQU9FbHluQUFBQUFB
Cache-Control: private
X-SO-HostName: m-ad206.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp
X-SO-IP: 84.19.175.183

GET
H2

200

/
onetag-sys.com/match/ Frame A8A7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE4CcNEDdF0aIWmrZn_mB_0&google_cver=1&google_push=ATf1kGO_zwBy0EfQy1MLB7AiCs8ib_ICnGTjsjKwnvRwMC15cD8Gji668NGHuT_4vmlUJI9LwIDkfvJw1Fb...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGO_zwBy0EfQy1MLB7AiCs8ib_ICnGTjsjKwnvRwMC15cD8Gji668NGHuT_4vmlUJI9LwIDkfvJw1FbEmyHKOr-r90pLNWDwug
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

26ms
26ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A8A7 0
12 B 36ms
34ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjXoYP1XQkM6DM3FLrMf4BR34fMv1lgq7Rhp_EwwSEWF8i3Kk9lnZd64jYq_TfQTZ_RqnYug

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AB12 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 23:11:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F71C 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 23:11:16 GMT

GET
H2 200 sync Show response
am-match.taboola.com/ Frame F51D 577 B
662 B 60ms
32ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: d6f44659922c7cc06d3ae64b712d27e003c2ad4b57c9166dafdbcd9e98dc6e28

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 26 Jun 2023 23:11:16 GMT
machineid: 3401
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F6DE 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 23:32:19 GMT
expires: Sat, 22 Jun 2024 23:32:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 922E 42 B
64 B 68ms
68ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxa0YZtTsAxlDaaRWxz5hik5sb1YR42SvWXFTdeMzVR_-rqqSwFxeOOEug2t8H6xK1m4Tn5GRVkYssOCvEL5LXmnb37u3opnSmK1OqN5cpuG5eiQetqf1NzRtkuqCufUfSCSafD02gx5kW&sai=AMfl-YRbwk2O5ULDw1-_jqI7mQ2Xw4ha7f2bIiRGumpqOmZOz7baiKaSAH1ycUot_oXYg-8snd4BaEGp6qiUaSER5F0Uxvlz67hL8M4&sig=Cg0ArKJSzHXMGKzdEbkbEAE&cid=CAQSKQBygQiDZtO615x0o9vMVTDtiVc-lBjug4PW-WOtNU8KDtF4fBuY9iewGAE&id=lidar2&mcvt=1070&p=0,0,250,300&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3485359229&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687821074888&rpt=595&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0069 70 B
265 B 149ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1687821076504&uv=3290&tms=1687821076504&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm_vD!ul137296-322_vB&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=763b25de-b228-4172-87f8-9afa2104a7fb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0069 43 B
426 B 165ms
50ms Image
image/gif 2a05:d018:d29:3605:c153:9878:d174:5b1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1687821076504&uv=3290&tms=1687821076504&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm_vD!ul137296-322_vB&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=763b25de-b228-4172-87f8-9afa2104a7fb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:c153:9878:d174:5b1b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 0069 43 B
145 B 25ms
24ms Image
image/gif 3.122.77.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1687821076504&uv=3290&tms=1687821076504&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm_vD!ul137296-322_vB&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=763b25de-b228-4172-87f8-9afa2104a7fb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.77.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-77-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame F2C8 2 KB
699 B 381ms
363ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1687821076610&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=134538860&pt=-1030671238&tz=0&viewable=true&ddast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=2&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1386735&dpubid=251245&abtst=nonrv_vA!ntvc_vB!tbt_unit!ufm_vD!ul137296-322_vB&mPre=0.033&cirf=https%3A%2F%2Fonedio.com&en=1&subu=3
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffdd4832cf5187eb8f908ded7ae3f87e19034d405173a1f6b10bcedd6ac33f69

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 26 Jun 2023 23:11:16 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1408
x-cache: MISS
x-served-by: cache-fra-eddf8230097-FRA
pragma: no-cache
server: nginx
x-timer: S1687821077.645915,VS0,VE337
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F51D 70 B
264 B 101ms
47ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093
pr-bh.ybp.yahoo.com/sync/taboola/ Frame F51D 43 B
425 B 116ms
51ms Image
image/gif 2a05:d018:d29:3605:c153:9878:d174:5b1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:c153:9878:d174:5b1b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 77F9 281 B
554 B 100ms
24ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Jun 2023 23:11:16 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js Show response
pagead2.googlesyndication.com/bg/ Frame 566F 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 17:02:22 GMT

GET
H3 200 YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E9B 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 17:02:22 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame F6DE 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 09:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 09:04:45 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 77F9 34 KB
10 KB 38ms
38ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2a9f93a0d930b8bd72bd4b9e9fd00307696b166db6a4a69e183bb7d2a82ce541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 23:11:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jun 2023 09:57:53 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38710
Connection: keep-alive
Content-Length: 10113
Expires: Tue, 27 Jun 2023 09:56:26 GMT

GET
H2 200 970x250_esupercard_interest_B2B_atlas_1.png
s1.adform.net/Banners/Elements/Files/2105327/12566611/bvpath_257/images/ Frame 43C3 136 KB
136 KB 45ms
45ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2105327/12566611/bvpath_257/images/970x250_esupercard_interest_B2B_atlas_1.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b9788db7625137f65db965102859de70d200ba5fcfe9a36ab7f04a45b4a89737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:04 GMT
last-modified: Tue, 28 Mar 2023 13:51:52 GMT
server: nginx
x-amz-request-id: tx00000452a072b7fd2a29d-006494a212-3295d06f-default
etag: "b232f08b322ce81a774c74c565173f15"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 139295

POST
H2 204 bulk Show response
trc.taboola.com/onedio/log/3/ Frame F2C8 0
306 B 68ms
68ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onedio/log/3/bulk?route=AM%3AAM%3AV&lti=aa-test-vis_var&bulkSize=8
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Mon, 26 Jun 2023 23:11:16 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7753
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230097-FRA
pragma: no-cache
server: nginx
x-timer: S1687821077.901536,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://onedio.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 504C 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnzL8ExuaZNOVCIKwx_APp_yf0AgAAAAAOAHgBAI&bg=!oKOlo_fNAAYQ3eRoMN07ADkAdvg8WjQNzc_E7F5KgI5HB4GBBULUNSK5yMm6W_uTDHcj2SkS-TMFMVEKBYsrvH_UeX7W-A3n68YCAAACflIAAAADaAEHmQMKemXTTPiHR9U0arDZBKMoKWn9wNnjPm-PrsOvFvXrDeo7niPNQFPRw7_u1gfDkmk5ofh6aQi02pnMF2Bdd09jtamyRUKqX1Tuc40MFuj6tAbhIFuWOQuvJ8k4eaiM59c0Q5Bn-JsBmSW5kq0iZRgkZRAfovmfYN35ZUN8DZU5KebS0_UsBfLrpPAp-dQ3dIXP_uxRJufN173nPH_5VJqXhj0D1kmbKP4ndG-CHX7pkuxJnEekKxNoymkZB6sUihYxxIT7GRc5bjotGbMb8h7e-y73tZDXH3aUbJPxrR5yf9N_gVQK5ZvTZKachJmi1RYYeSxiuQJ1jb4tzul4UjqfPKN_pXGho4PTuYDjk2zQ4G5b2OXDjmtJBfg4Xkad6SXoLAFqOfA-BBZYYntwisank6e6fD2IHS448YHwbPLeyVyZPdgahoKEJ7DmkZaUQx-PTKqlPjivS_ruDMfHC7H1parx2dl8xq_cmWGbDgDoIanqmdYvHZQaG6Wh4hmBNQhsQay-QB4rNnBYSNAR-rUfIk3cntmcrOlI3EmlRiR9vcfFOIOa2x-ZK_8blRCtLCXH5qLxex-GZTvYUcKG2U6oeFfIHLiAybUhB8pX3HF5T5zpfCGzC1o83E7IezutuHHzOIuFeSN5YfIjFM4bsDpAS9_5HkNXGeDRSyeh1_N4iGeUY-oX-Yx2U1ipHapEl40cPqlZTM1VRQSXOpWEb24FWbkPB5q_eNktckikYz8DvbCee_JyeTk18NCnOA3fXZZN9P9YtIrouiRZ54rz0osdxYukqEiF7e1qSRo923tEaAHd4w_8yzvVqAaH6rvzUSPcozCDf1SoFoPHrelBO0mZeVkBkViXoCPhvD1YNp7NSL3wg6wXj2ItQ_B2VdCVacTua-iuZRdXuZ8AQThNn7RKp_rMkirTX8Mv0Yv4IPiK5yJDfYPq393yjMvu1qUzsQdrrzdwwfw6xRmIxqsZxONjvUNM3MU5ep0USDYRG32wkyibztA9SHGJ3ufWBxkZwKHJI9m7HsORq_xFQA

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 77F9 284 B
536 B 157ms
26ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 298D 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqenRExuaZO-XDcST4gHk64XgDQAAAAA4AeAEAg&bg=!U1ClUATNAAYQ3eRoMN07ADkAdvg8WisKuBQ8_REdef0vv1-NDr8uc-0sTzuESIKRnSuUBNy5LYCdh_EfA2EBk8tpo4__5FYDV8ACAAAB2FIAAAADaAEHCgA-RRoKpsF-tRSoYKsIPisDILdg7FZPzpQUHxtWNgDXYHKpFGe3g0i04caQLFpP6cdZMp8fkl_HAacE5KTpuKyZAwz81RilGhAumM6dgMuFOlMgPVOxoFURMCnQCIImfS6V_DC5StG1hQviFjIi60xE-yjqSPMlmYwPsKRjEAcVPsWOox3OnCWBigq9jbLafkmjBh52-mMhRHwjmPB7f4jQ50kkay9JLPQZgyRrK-f1LKIPRXpEsf2r-5DOHkl9fp8vDJmblpVy32iSrF2quB5VNZVIWr-QKGVLki-i5E6yrT5pcFp1p8Iqk_UMM70wd3qNPmiq337EbmmnvfMhKs8L1a3tE78kwRONXjO5oa1_XlnhnrQWMoEI5oN3P2LQWs5q-MKt6htwHSoUzxEqlw3MVJtaLfH8ty8Ukyg8tispnDFDRxp5u0IApmXVk5F5EcCdvpQp3ZealvCBudPIpaca4NP8Rv2glVv-VTlRnpjJMkS2nOybgYyEP-A_-ZgALUOIYnC_j-Qxynn1xr3gxI6gDvDTr5vP8G5nbaESASgj3Ado0WNcymtioVm1RBddKYCEvjcuKZ15BfaZSZMuxNr27awxL6kVcSTGatXBnNSy853j4_kBFVjWSiH7rXMwk5SaRe3l_hkmSQTcbLJr1vl7qnM-v2edFDDYYZ2Iv8AOAsI0-TX-6amB49gXsJGYFt0CNsa7YQ8VnWq6NfnWR0flGKS4DfLNSeUe0Es_dcydzXcuLV8zy4LAHqAgQu6lcoCbRD5H908znh8p63XS5gIgzfWGQCtsCEEQnCseEbBcedst9m0h4FaanF5TZTMr0mbypcewZqg2q5lgmJcC2mJeOGHtvvSkklMK8bkoQycX3T15zU0MOi_0fVLvS240FWoSxr-0vp2uk7VLcwApQZ8aA5i4HfnEx0bxIEWHHXu2_cGG0LGHx_fBGB3lYQQkPycmf9OGNYlQ9tVv8WQWM3C59QmpbBhm4T5CsmlFUtkeSVveACTy8rqpPFnlFSLpU44UBh8kYJR6L7WXk3poGXcDDXmkBCbPtbnNmUTDVFCea9pJRNdbDIfPG2YK5n3PVp47hzYC3ZPlb0nHb0B6FvdYB5lBDvYCFEKfUk-6uFY

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_9_0/infra/ Frame F2C8 888 KB
147 KB 80ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_0/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e45dd19e8d682418f4489a4e9bbc70edf506cda7740c7e279082e6e2765f898c

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-meta-mtime: 1687597788
date: Mon, 26 Jun 2023 23:11:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: ZT2HZG7GXJC2BRZX
age: 223168
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687597788
x-amz-meta-mode: 33188
content-length: 150314
x-amz-id-2: i8qp9QZzvrGpaNrw0MMmoHuc1nt4d37yqltzJZ5PkS8y7L85ly9XUa1mmabUtbcqs5k5fCPEtXs=
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Sat, 24 Jun 2023 09:09:49 GMT
server: AmazonS3-br
x-timer: S1687821077.092304,VS0,VE0
etag: "6db01c5304c9fefd5d66f93aa41c98da"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 145663

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_9_0/assets/css/ Frame F2C8 60 KB
8 KB 30ms
30ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-meta-mtime: 1687597807
date: Mon, 26 Jun 2023 23:11:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: S35PBNS93W46PSKE
age: 223168
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687597807
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: E+V0cBmtBtzpL5K8WRhT5V1O2F+wad0SmwJPNmDmd9s5Gha5JHOn52LMaTtXVYaDDAtlpZyivmI=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Sat, 24 Jun 2023 09:10:08 GMT
server: AmazonS3-br
x-timer: S1687821077.041184,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 180459

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B496 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxVclExuaZNyPE53Cx_AP7ZQMAAAAADgB4AQC&bg=!3d6l3orNAAYQ3eRoMN07ADkAdvg8WuVsR8dpDtsaRzn3QlEyJVFXpVjfCHJ55JlLx_yxc88-szWiauxEnu_ZB97YrSuXAcySF7QCAAACF1IAAAADaAEHmQMS2ii1mrvr5OX3fYsqCt6ojWtBT4YxBtedsaWWNtACQiQ6DPIzXVCxUvxyNsS0LvV2uC7RMmI7tlhQ4Q8yY1c2vhuP9ZLGUjRmQwCOo12LUgT-qMd2jp4_BUuQBXr0kF6kE9HmM1HViyoozMrLzj0t5ouQ7RAqlZ30g56X8tCTxk4k7Nee93WwM-6eUaoFxOFVtl7gMwxMTYh091lDeZ0rK7yki3jXjwsxGBxNLA7jh9wgJWEfnEiadGCVMSy9K9WGs_siq2DskFXhbIhj0szTEd6lbhSAACxnvC4JhbSfXFyl-ZCBSJD96-MEmpaj2Vfiuad2g-3WShuzhyIDSGoRwh5NpcfTm0d1wroi4uJ8zEZXHTv7ACXJ1IKj8N6YrS6xOxrHIERoovjTqYEGwdrcz0a7bH8PaerQZXx7clW6ULOul0WZwXN9Blf9aiaDgXEf7YKJEgrWQWMF1pNAfoWKKwxKsDv6GzaAb0-tkwbANmht1vrAOIoVPeHrRubqwBpN41GMRUHjKapGLL9HssC_UEy5vL_Jk49fyrFm3Hd6-T1asaiKb7xZGhkJyUI91neGVFTFbPal2e0ZPU7F_JWE8IUn7NpQtTTjxW3761ZmJ-grqhI-7d6jY_FLNHNWMdzW-7E-RJiVadwzYV5Pu2tf0MkF20oPBOYbafR2ys7LN6V1uJ_Mg6AEelks8eXJZVtiiGZLQoVeWAijk14ZW_-PcQKlloRblBC1oOJN5CY1r6VFxrCQm2iJhyb7i9I22mGP6inEHJ4XB1PktIqCZEGTcA_10Impsw_tDN3WNSj35XuyVA40hhscCTWaDbiywUVsV7ayUB65B8IxXxBhdKI9MgiztjMKXAfhxsDguAUN9SgliumpaggF9-M-hPm1kZnBE-RZ_isIfOrEux4jmNDyKtQhionbvWTtuHn5HEdY08tnRr08yA8Ksynl0_UOqb-50sQlbe_cnvqG1mqOYaJbsdmDOY1b9FFo0Uyn4KzxRzPViHYIdsDgTxyg3mlqLF8s9Uq35G7MqD96PcT712AXrvYH

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CD2 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuADgpqYzDvBYDE2RyZSzqZMef8uncXfObhy-NCibGULbzEuRMEny_Tets2WyxjnqkVDeMuV0l7sFdRXRsmL48ZNRgV71lsdWXzMhLGxTUHACouBwG6-0rgHQPHh8TBv6w&sai=AMfl-YRcPm1xRX2OvTDzFTktHXdHUaFbTCagK-tJfvB_p0NmBgnsERiH8qU6KkB9-f1zvrAkdZwKxEfvQfMO&sig=Cg0ArKJSzGYsCJUE54w1EAE&cid=CAQSGwBygQiDv5iXYMquRI1dqia-puPfeSrzdhy95RgB&id=lidar2&mcvt=1029&p=0,0,254,970&mtos=121,1029,1029,1029,1029&tos=121,908,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2332837411&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687821074795&rpt=1271&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame F2C8 254 B
679 B 26ms
26ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 26 Jun 2023 23:11:17 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 2677
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1687821077.153654,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 39
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 255

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ Frame F2C8 16 KB
5 KB 34ms
33ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 823682
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1687821077.297952,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 123537

GET
H2 200 sync Show response
am-match.taboola.com/ Frame EFD4 422 B
507 B 40ms
40ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 837376fc0794da507d975f8f40bad71cf9b790924c6c1f88a656c6e518381f24

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 26 Jun 2023 23:11:17 GMT
machineid: 3406
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame F2C8 89 KB
89 KB 56ms
30ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 26 Jun 2023 23:11:17 GMT
via: 1.1 8f6bdaf52990daaab8fe7162027bdec4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: VIE50-C2
age: 768370
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1687821077.352575,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: KeRHC3LKLO0XQKojJBbD0tHrBXvvLrHwZKSWav-ATh5HE9Ep3r-cOw==
x-cache-hits: 453780

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v134538.860/ Frame F2C8 447 KB
84 KB 28ms
28ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v134538.860/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c09a5b2409b09dd4cfbf45f291001df85a7dcc324f04a7ef198ed3a7a01f5ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-meta-mtime: 1685638040
date: Mon, 26 Jun 2023 23:11:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: EBEH1JFYD41DYMTA
age: 2182977
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685638054
x-amz-meta-mode: 33188
content-length: 85293
x-amz-id-2: JA4v0DGeuO7qR84GaL2tQXTlSfLiByd3g8g1evpOrHwhJhLD1d6TCxOlse4lGVdCby52DTQd8HI=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Thu, 01 Jun 2023 16:47:35 GMT
server: AmazonS3-br
x-timer: S1687821077.334725,VS0,VE0
etag: "774b6fab8cefa719db1237b4c05d7a3a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 104556

GET
H2 200 st
am-vid-events.taboola.com/ Frame F2C8 0
43 B 37ms
36ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=31579697&cb=1687821077324&uv=3290&tms=1687821077324&su=3&abt=nonrv_vA!ntvc_vB!tbt_unit!ufm_vG!ul137296-322_vB&ru=https://pcloak.blob.core.windows.net/&ft=2&unm=FEED_MANAGER&su=3&
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
content-length: 0
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 922E 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4530300537440&version=m202301230201&ct=76&x=1&cor=13718948736120257000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CD2 0
20 B 62ms
61ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8635277492060&version=m202301230201&ct=77&x=1&cor=610331278590014500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F10 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=818117898333&version=m202301230201&ct=76&x=1&cor=5475442731296184000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame EFD4 70 B
264 B 49ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093
pr-bh.ybp.yahoo.com/sync/taboola/ Frame EFD4 43 B
425 B 52ms
52ms Image
image/gif 2a05:d018:d29:3605:c153:9878:d174:5b1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:c153:9878:d174:5b1b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame EFD4 43 B
145 B 28ms
28ms Image
image/gif 3.122.77.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8a0ICLAZkWLzWY0WakhDIsHitx4o0JSkAAABgYID-AMnNNhPLauRySyyT4Vq02E3Wwt3MuFYubA7LYjBa-GYWIyC52WZiWY1cbollMlyLFrvJWribGdfKhc1hWQxGC9_MYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMynJzXU7_AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ7d-nyi4WRQciBc1FGAEAAACgmni9PTJJJ6hYVPn__--3AnAFACAAMT9_uDGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iElsKR0gTB6IWr-QUEAFjzCwgAwEbdAAC8CYATdAxkNputZquTEIPNZLFcLBazAwAAAHDn____Xw8ITAyLyci5cVlWhtlwZtptXCuTceJZbWbG4cg33J4LBwJXDo6Ylz4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsRgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZuEbTIyLlVszXJjcoo1xtJaYhjO3brNZmRaujc2wcK1Fr4_p4twsDMvNFgkG8O1F8rRIJ8KJzTkzrWYry8wycs12E89isHBYFiPXcmVcWSYTsURzskgnssu-MDEsJiPnxmVZGWbDmWm3ca1MxolntZkZhyPfcN9Z-AYT42Ll1gwXJrdoYxytJabhzK3bbFamhWtjMyxca9HrY7o4NwvDcrNvzIa74WQx2K32jdlwN5wsBrvVvkNn-K4-Z6MxJbx4bB6PNVwL2pwGhctg8f4kpsW0Ozuofr-jU-gxJos6o9_v9_v9fr_f7_cbtJ6D2aDwPZdf8W2xra5_z8pBbDAoYongIp3o7S6T028RS5Smi3SiFzosLstfa3mZnG6tw3J6uhVOk8P0tDutT7fOZXm6FWaHxWl2Wj5Pu9P61lpeJqdb67Ccnm6lw-TyPN1Ks89pdrolTrPbZXda3zqX5eV12d1Cl-WteTnfisFiMNwNJ2KJ4HSRTkQv4-mi_qMGHM0Vy7lit5orhptVAgAAAAAAAACwBNNMNwEAAABwMpDVYjJardNBbIaz3Wa1XAARDVS6foZx7iPKHQJ23UBCvHtndJwXa-wxg7e7TE6_lQFEOOEz2-wzglir1bIGAAAggA0AACCAm268CVCR4v7____HAQAAkJFDDwAAgH4fEBSlXviRKwW_ghgMh5P9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.77.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-77-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85DA 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvweeSli1d-c9ig5zElfDyLlVshI8qC3wUUDv1bG1DVM0SYAW2Le9maLuJaSViek69cU3MnC1LqTpVpgZauPNV2Ov1ylLGy&sig=Cg0ArKJSzBeZXQi9L0SkEAE&id=lidar2&mcvt=1008&p=0,0,250,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1148619617&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687821075024&rpt=1384&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85DA 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1b-mTC2rkOH_LzGLgFPA1hqbV1b1R1NAzwIPXe3dnPcFQjThk881p0KpZfbbHmQMEKuLCcvEl4Unrg-A4vpuyXpzBvwyPFcKw8h4NZ0VSbynaXYDG0AfNlYBrGr4hI0PiUXFehOMbZOMJ&sai=AMfl-YS5nzL_bwT2gK9S2rDMLLoFi2ExxHFoxnBgyNBahdYOAiQQzBY49l2_qmJoTwGEXz5GqmXIev8RdVRe9MhFgQVmnxIfVSkpXOI&sig=Cg0ArKJSzGcnUWVoTThmEAE&cid=CAQSKQBygQiDlP5izwjJgU0xAIbRQruYVPT1gwS0q8iSUujv61Gps_x606FpGAE&id=lidar2&mcvt=1011&p=0,0,254,300&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3569613027&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687821075024&rpt=1380&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6DE 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BY5nlFBuaZIXUA_Kyx_APwd-nwAMAAAAAOAHgBAI&bg=!rq2lrfnNAAYQ3eRoMN07ADkAdvg8WnbpZhZZgNxXCLodxKAq1ppthyxIVwYu1BZ1A3zUBsb_uAq9skgk-XYVvyKUqoOKYu6oRTwCAAAB6FIAAAAFaAEHCgBuGfbwuqvtPPQN0fPqglHXgNAIgbCYyC0vITvO25UpV3iQ6uy7GxsxA2blvYvSLUsJ770taIXHh6pNaxfTNk9dscNgQOjilIgw3W65dK3QB5-dUORQB8EnBe6sGc9QUXbnzwt4qWfhoBSKntzwPWOZAwkyqVW9jT8Bw-XSxnQz6Wja8eAM2BFaUf0hUKB0-GkYxJDmzmgurm_8w-GuTEje7neWUM0ahHZ3Zj22_9avFy_pTkxByR7cIszuw4D7Of8169K3wbcK6PuBlYxv5yypP29HY4JuMseN93UvCdthwWHFiO2FYzTWauB_eb5NUeeOLhC-lbypxiLXNihhR9qCfsDyvEyRKPWgFCZUZdJbwuBq5xbJgS603q2DthxVsMpK0CYBcc10I6f9N4HYCyqbVfMzUfd99C3CqqJ_lwVdPWWxBdxktqQmA1tQx8l2ctr3XK9ftUDvf3vapkTvlOsRGZKWBV6Ewp66I4sRdWuo0Wjj4vy3k_Hf7Txd4ZSEwprFL2QnqZuUAt25cSeiaZFZkLarVEL64VnwYAdZE2JD9Dav-ut15UXUxEzcff7KjJ5vZaylpWFR_yOLeoKQVLWV-T2QRgLvJoPCJ2EUrEa-BJJeWo_8elI1P_voz7k7lTHGyBCa-EfXj9MkhWM80fQbKwSAMlWqNFPt0ps2Sm7pFSnEckaR5hzLH3AV_blMMUISO2PuBc1DPrEnOs9jdUcYipFDtPPHMITdbXuaxB3HPeT0QDGflIdMQlN6MYDGlPnzIIM9ydpdzC82x5RcWfe12Jni48VS6PUprbY90hX13NTeTZsEGXmNvTSCB2GD7e-Zbmb0iDzgp-P1Jjv6k6g6Giaxqv4pd2IfO8pf21DsbJMZcSHgd559ZvY6dj1qHrz4sEYIL5XekVjmyInr9ymoT_60y7jpKDQm_VV-ikl6FrxVi3JU3LMDN1-pmDzKuN9smJuwGVh24JHITZ6AjCx7R4o9h8rngvGZaOp_Bv4ljkABI-nv2LTxvAZ0jXqgyKB_TRyJVvDpYKTl1yuZf1XfbirdtECdukCVloFB6Xqom9Dfg5vZsgKARMhzLqOYVDLT3WrJ3_ylz9wRFSJXHuMl-ZnFfG89jB50QP4ZRFwpZTmiFxOUdtNJaLiPnaeeSla5X__rZiluQa3VIjEzXHxkCCHmSeAXTrekuPU

Requested by

Host: 697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
URL: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85DA 0
0 67ms
66ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswzQjQ2YeBfWn-S-ztdctFzx4cyrfRotrknJq-qjVH8e_0rT1RNiliZGwKsizN1m71tPrPfP8RzF5R-x3l4oXy4FsKjkoYFcEvtJaut8AmmS0VBeHtao5jxJVrZuXHQWF-gqP_rLHMGLhycyT3wo9jv_6S-jLv4BHIuvTeo_35YbqFVC5BoKMPWHs8NWnFon3b7o3a_ejiiRWEZd_8VgOTpQk7Q-6PnfTQPXWJiuKTAQQhqXNv4n8zly5oawGwARIgo7D1bvDziXqtasX1x2fyE71c-ZL59ItF_WYGnvrSAV37jiUCrKzdClVNKfhX1rKXxp1367aeiSUSn2ZGUgq7JaPUG20UVUxuxsxKGVYBZQJCrm5SocSwbO0p6hzUYPaWt6L3wGoTPppQJMPsgE4IBchgswLxrjEEXGOcBQ561mmH1oI3_rswzoV5YmHU8rsibWn4T5BybQ7h6PK_TAOL9pqVYoCV4zaTNizLGf4tT9bOCyrJ3YcN1Stw6oBiwcx0U65fM5AjZOV7SYsNb3CIprg9pQ27zkUxa73osJNH0o_b4xb33madLXlTuXKol65uZikFnpaLZFjHyQQyr0i_W73eyDxS6Dky0nJ55te0YCgkxaqf0jSySwJgCTlGSUy2NbNuwKUMKaLqwOPrr8skonSHRdHIZoJZisjJebfkI4XJeH5FkIi3qqUySNptt97v6-EiNBVuqJdpidnBvZ577CrB-BvhcgJEme--QHpj_5YXjqox6Urf04yX5sOwdnrrOYLyatWrvWu6qTep8l2hS3zpmTsteJl2fPWjMKRABKH_1G87iuiLo5ge9HpLKLb62y9wp_BBTKm5azIgdtiGHVWMbZGm9VtlaP33drOJsiaKNWLrMUwT2FxKIu9lu2lxWP55YBhNW2kyTRW5fLZrboFHiS1LKiQVHUhrVdkF5tQxyvD0wyaR3T72yv8cmsHjdYtSrISwyVoDITNvQZVoxwhriPjhO4ZacN-N3V2-3hYYXuGDII8KA51VdX-SC8qIuFgeu5a0ZwCjI2-QUjxnBz77WSf6HoLGssDwGhPZSuaSABoasL42WgS5JPm19OeRPUCcw6R-OZbUhSigaJTGR5SJfbinCBks1HeCBDioV6xpjv0H4jN-5eLZaSYwEb0bh06-A6ILWHeQL4dXdJBY57nf6joV0P2UsWiri2Wl1i5bTK4l&sai=AMfl-YSzc-fSoZ7u0zDievxX8FZkZjAprJv858WqtOYgltBNe2-oG_m4urMJkeWlYQauzXvBomnqALxPSrnn8_D6HJ5PhVM3JcmcyfWxzqYh8k9Cba54TSt2cQm7CACFstutyNIOen9tnBtgIjXOqCcdJIKr5Q9PTJlwlB6Qi4Fq-sRxoM60R86ZSUpj1TYPk9rJU_WNqaS_aU2c&sig=Cg0ArKJSzEPMFdPr-1IeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2011&vt=11&dtpt=2008&dett=4&cstd=0&cisv=r20230620.15174&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 23:11:17 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0EBC 15 KB
6 KB 35ms
35ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 278243
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F2C8 15 KB
11 KB 38ms
38ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306260101&st=env

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96569c4b91e37f96bd8225af7181e71f724ad128a563c88cc30d37f1f0a80995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11305
x-xss-protection: 0

GET
H2 200 bundle.js Show response
tpx.tesseradigital.com/dist/ Frame F2C8 26 KB
27 KB 167ms
69ms Script
application/javascript 35.157.179.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tpx.tesseradigital.com/dist/bundle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 33b23188bf54a8d5acd1d1281504f4021ac4cf2f607d79efd65b55364aa73b62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
server: nginx
etag: "0040d0208a5bebb658c6ee23ac998498ff44b5e2"
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 26906

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0EBC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=onedio.com&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=dgUkcHxLbFJ3YW9vVHFCSVl6U0piaEhuNk5BejhLZmkvb0xPaXBtalNyeENPNVFEYURMSVhreStLaElIVlFIMjIyRTBjdGtlTkFONnNOcVVFUzNUMVQraGxKVVdwU282aHZiMUtOVTFQUmlweU1LR3JIMkRXMTdKMWkyck...

422 B
652 B

164ms
41ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dgUkcHxLbFJ3YW9vVHFCSVl6U0piaEhuNk5BejhLZmkvb0xPaXBtalNyeENPNVFEYURMSVhreStLaElIVlFIMjIyRTBjdGtlTkFONnNOcVVFUzNUMVQraGxKVVdwU282aHZiMUtOVTFQUmlweU1LR3JIMkRXMTdKMWkyckVvanQ5Ums2UHl5REFHcW9Yako2eWlVRmpySzBrM2czYWRHdjc0Rkx1SVVxaURac09pQzJyNmlueUxzMjBQSkYrWVBXSnBoQXhva2RoT3JLR3BzckhSNmJGK05PZUg4aE1kVkloV0NzMlBjTkF1QnBLMHRXeGhvelJQTk1IbmJWL05yWW9PMWdVRVJWZGNUVXZsd3prZFQyaGJiNG56c2RNUjNhdlZjWElVUC9yLzJqbldnYz18&cppv=2

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e729904545d5ebffe1a3761a271a5a3ea944bc178dba33820d08cb1f4c147da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1185884
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=dgUkcHxLbFJ3YW9vVHFCSVl6U0piaEhuNk5BejhLZmkvb0xPaXBtalNyeENPNVFEYURMSVhreStLaElIVlFIMjIyRTBjdGtlTkFONnNOcVVFUzNUMVQraGxKVVdwU282aHZiMUtOVTFQUmlweU1LR3JIMkRXMTdKMWkyckVvanQ5Ums2UHl5REFHcW9Yako2eWlVRmpySzBrM2czYWRHdjc0Rkx1SVVxaURac09pQzJyNmlueUxzMjBQSkYrWVBXSnBoQXhva2RoT3JLR3BzckhSNmJGK05PZUg4aE1kVkloV0NzMlBjTkF1QnBLMHRXeGhvelJQTk1IbmJWL05yWW9PMWdVRVJWZGNUVXZsd3prZFQyaGJiNG56c2RNUjNhdlZjWElVUC9yLzJqbldnYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 317344
content-length: 0
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F2C8 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js?cb=31075685

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 23:11:17 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame F2C8 3 KB
2 KB 29ms
28ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230613-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 23:11:17 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1757
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1687821078.646682,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 71
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1888

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DFFB 13 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 10:13:00 GMT
expires: Tue, 25 Jun 2024 10:13:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7759 783 B
970 B 36ms
35ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee039ecced7c577c7a6f63d4057dde56fa45d5b23c9de7effae34eb4fa0e5b4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C9m8a6Wp9-524Tc23Zr4dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-C9m8a6Wp9-524Tc23Zr4dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 23:11:17 GMT
expires: Mon, 26 Jun 2023 23:11:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
pips.taboola.com/ Frame F2C8 4 B
95 B 38ms
30ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230139-FRA
date: Mon, 26 Jun 2023 23:11:17 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://onedio.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js Show response
pagead2.googlesyndication.com/bg/ Frame DFFB 37 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 17:02:22 GMT

GET
H2 204 / Show response
cds.taboola.com/ Frame F2C8 0
82 B 495ms
114ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=3a70b81e-38ad-4c84-b48f-733e4a5cf0a5-tuctb93a093&mbl=ZmFsc2U=
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jun 2023 23:11:18 GMT
cache-control: no-store
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7759 0
0 64ms
64ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306260101&jk=2803446206606070&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 imp.js Show response
fd.tesseradigital.com/ Frame F2C8 0
190 B 162ms
37ms Script
text/javascript 18.196.91.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fd.tesseradigital.com/imp.js?_pid=163594704&_ouuid=938oFrFVSieqr0agVfq17aeYBqOtj4e8dL9WWBIPUNk0&_oprio=0&_oref=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Requested by: Host: tpx.tesseradigital.com
URL: https://tpx.tesseradigital.com/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.91.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:08:40 GMT
cache-control: no-store,no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Monday, 26-Jun-2023 23:08:40 GMT
server: nginx
content-length: 0
content-type: text/javascript

GET
H2 204 incoming
tpx.tesseradigital.com/ Frame F2C8 0
76 B 36ms
36ms Image
text/plain 35.157.179.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpx.tesseradigital.com/incoming?p=false&a=false&b=false
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
last-modified: Monday, 26-Jun-2023 23:11:17 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DFFB 0
10 B 31ms
30ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-54V8Q
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:11:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5CD2 35 B
626 B 44ms
43ms Ping
image/gif 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=3409677078983164515@@64068332,4470476773106655504,100|1039|0|0|0|0|0|0|0||131|1|||||1|0|0|Wx0rx1czz0DxBx_RTJEBJ3yCixSfztV4VQGCVk1pi2CJfVu6s-Ip7_L_QlhaeLlf0||1|11||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/628/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2C8 0
0 60ms
59ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306260101&jk=2803446206606070&bg=!R0SlRBDNAAYQ3eRoMN07ADkAdvg8WnbpvRl-NfzH_6Bl6v698Nsy2F7jh8zR7rYzdkIsYRT2TwSZ7bQv5Jl4V3XmJzLQs_MfIWkCAAAAb1IAAAADaAEHmQK8Asp7Pl3-EH990JMv4Oj86cXyTYSaxzdA6IvboZxKskj3Dfo-58AN7gcPWwGUZYPUSLzZnCXP2LmbNsZiGXoef8JCOM61S5CTkcngysNtFFDNgr7UuNSFbJ8ndCfqzQ85h68x7I3TiTTIMwOgSdHxYYMLPAYeLHBv9-7tXdiLoMXL0VCy0sLd20sppKZpWRFOd4psGZPRIFH8S5JNyxMAz0g2nzXBmod9YbW2uYgttmaty1ESD0iyp7MgqiCchavryounC-REpc0h1VskGwdJFzw3Aseg3OjUbCSVKd5B_iE5LnmdgXaTBxU99-arlLEctU4SlpAsO4HXWmKgbpYU5HBfxpQgSrQbJZEbRzQd3OFvdUfQEyhTZMn9DIP81XjpIeO1WSpZ5uZxwFLNIUhxv8dafORzie4KNPKXjXGcjx9Po8Pf9EHsreGr27b3M2LlpqFnHHlmWQ6Cg10ODdIdKgvHN4BPzZ8h1JUiyqR2CGbTDuUiup0CXT7DXujT1sbaoELDaIU9J9FtgI_bTUy4WPrCF910VQeKoCa2FFvR_tyYYgldJ2cGP4pFju_KG43X6mWaApf25rqOuJqViC8d7M2NkNYhmR0-2ms4jNJ4RuY-ZBrwNp_h63gnzwQOaaCsYA_3vsWxrN7HDJAdzrHeYnwOMzEncXoBF_OvOI3RLKysPZ1p7KQDvvQ8TaO-HkqZV587fbv5-0uIjrTogHBptmm3aj_XIA8N5jYQz2Sbyczj-RWwDllc2KCtRkq62Vb7vdh_NMIrWjEpSBRsgHuRgs3fe32hzeeDXHQweTvaTc_v189zGcuVBSr3JEyDCbggWTuGj_7TrCb4wfWmMyiIeJBOKsAQsOOewYaAlPHhc_BKQxuW2TsAPniYFH9UHxQRm_vPqDvvj3NyYFMGgyQVjzX0LSbPX6sRmWog9w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85DA 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4397655472090&version=m202301230201&ct=76&x=1&cor=2597558365005991000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 23:11:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-20 13:33:33	Name: C Value: 1
.adform.net/	1970-01-20 14:16:45	Name: uid Value: 3409677078983164515
.doubleclick.net/	1970-01-20 22:11:57	Name: IDE Value: AHWqTUk4QBpFjSzEq7JHmlRV0AKVoPnL46ib_5WDTBwVFL11jRf1WYD9ED8yPR4iI0o
.casalemedia.com/	1970-01-20 14:59:57	Name: CMPS Value: 2153
.casalemedia.com/	1970-01-20 14:59:57	Name: CMPRO Value: 2153
.adnxs.com/	1970-01-20 14:59:57	Name: uuid2 Value: 8332244428281608687
.casalemedia.com/	1970-01-20 21:35:57	Name: CMID Value: ZJobExSXFwgZ78erpnNvuQAA
.doubleclick.net/	1970-01-20 12:50:24	Name: DSID Value: NO_DATA
.spotxchange.com/	1970-01-20 13:30:40	Name: audience Value: bffd37e1-1476-11ee-b31c-1ce730eb0306
.adform.net/	1970-01-20 13:00:25	Name: TPC Value: 1687821075814
.bidswitch.net/	1970-01-20 21:35:57	Name: c Value: 1687821075
.bidswitch.net/	1970-01-20 21:35:57	Name: tuuid Value: 416a102d-0fa7-4757-b2ac-e6503cb67e6c
.adfarm1.adition.com/	1970-01-20 14:59:57	Name: UserID1 Value: 7249136318642321551
match.sharethrough.com/	1970-01-20 13:00:25	Name: AWSALBCORS Value: qZsYJfY7QgPJGrY0OFEQlj2M98BslUpudLQGuiTAcl3HxXmU8ZU9Y2OVLJCCyCpLN3lsUkNcyVwDzvoEZTOtgkqFBuEKKDY0jd2+8PgoEcDdG/OvNAJv3LLNWMoj
.turn.com/	1970-01-20 17:09:33	Name: uid Value: 4536482565588019743
.bidswitch.net/	1970-01-20 21:35:57	Name: tuuid_lu Value: 1687821076
.bidswitch.net/	1970-01-20 12:50:21	Name: google_push Value: ATf1kGPVWhZ6N8m-5Vh7Z6iF-djZ4NxCmuaW_9H8aMoCvPaUn1dxNyXio1CHCSE1RkdpSFBTzrxwAmJSq2iWicV8s7mCSwkPbOE
.yandex.ru/	1970-01-20 22:26:21	Name: yuidss Value: 182680611687821076
.yandex.ru/	1970-01-20 22:26:21	Name: yandexuid Value: 182680611687821076
.blismedia.com/	1970-01-20 21:36:01	Name: b Value: 649A1B14F8D1DD9A1FBD00A8BLIS
.simpli.fi/	1970-01-20 21:37:23	Name: suid Value: AFC7154B9E7B4E28A75A1E2364C7D0B6
.dc.arrivalist.com/	1970-01-20 21:35:57	Name: avlcnt Value: 1
.dc.arrivalist.com/	1970-01-20 21:35:57	Name: avlukey Value: 649a1b14a89216.57774391
fksnk.com/	1970-01-20 13:00:25	Name: AWSALBCORS Value: B9Tv5mFfNN78cvXCU3oeBCQHMrOVqbsVCvvkp2vVa4CgxKUwe9XJif59odlAxkjuePnFjF4Yev2LKM6Bdh8tyDLkLLlF3HiOkERo6tWxhCP8rHopbx+CkAknB4V3
.fksnk.com/	1970-01-20 14:59:57	Name: f_001 Value: 7E10D72E68F998AA
.fksnk.com/	1970-01-20 12:51:47	Name: g_001 Value: 1
.adnxs.com/	1970-01-20 14:59:57	Name: anj Value: dTM7k!M4.FCxrEQF']wIg2GVSh'ZCH!fst<)t=9Jnb.s-Z=4.Sr0$EWqO(ldCwo:wUbybanY8bmVFKpI@3b)nL2#9)GdD0[%p[s>%q)3R77^@F
.c.appier.net/	1970-01-20 21:35:57	Name: _auid Value: qgv44GDKBkq2zEWbFRuaZA
.c.appier.net/	1970-01-20 13:33:33	Name: _gu Value: CAESEAE87m07zbCek8EvFhCp9iM
.criteo.com/	1970-01-20 22:11:57	Name: uid Value: ea9b3e3a-17b9-43ff-bd1e-cd9da41046a1
.tesseradigital.com/	1970-01-20 22:26:21	Name: tpuuid Value: 938oFrFVSieqr0agVfq17aeYBqOtj4e8dL9WWBIPUNk0

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/adcad43b3aa9adf261fd29a97ba586e4ed703cff8c40daeeaf5237d3d3ca1f5d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/7a78e650453961fafb46fa74dffc67e19c4470b8985cf5a12b8cc452b7837c07.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1259) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/c824b637c7e69f8b2b0c611fb2770c1b2221b0cef22c5b827c5cf28d0de9f30e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/c824b637c7e69f8b2b0c611fb2770c1b2221b0cef22c5b827c5cf28d0de9f30e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/7a78e650453961fafb46fa74dffc67e19c4470b8985cf5a12b8cc452b7837c07.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/adcad43b3aa9adf261fd29a97ba586e4ed703cff8c40daeeaf5237d3d3ca1f5d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=61057656933 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=40481774977 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=70098350706 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=2092814178 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=32914929394 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=96666262413 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=67609380122 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=137&profileId=185&av=35&wv=7.47.0&cb=20514570041 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

697730247a5dc842d2e74436492c3992.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
ad.doubleclick.net
ad.turn.com
adservice.google.com
adx.adform.net
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
an.yandex.ru
api-onedio-production.onedio.com
bidder.criteo.com
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
dc.arrivalist.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
event-collector.analytics.onedio.com
fd.tesseradigital.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.taboola.com
img-s1.onedio.com
img-s3.onedio.com
imprammp.taboola.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
onedio.com
onetag-sys.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pips.taboola.com
pm-widget.taboola.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
r.turn.com
recommendation-api.analytics.onedio.com
s.ad.smaato.net
s0.2mdn.net
s1.adform.net
s2.adform.net
s8t.teads.tv
securepubads.g.doubleclick.net
services.onedio.com
srv-cdn.onedio.com
static.criteo.net
static.onedio.com
sync.search.spotxchange.com
sync.teads.tv
t.teads.tv
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tpx.tesseradigital.com
tr.blismedia.com
track.adform.net
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.cloakan.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
124.146.215.42
141.101.90.98
141.226.224.32
141.226.228.48
141.95.33.111
142.250.181.226
142.250.186.34
151.101.129.44
151.101.65.44
162.19.138.82
172.105.221.240
172.217.18.6
174.137.133.49
178.250.1.11
178.250.7.11
18.196.130.47
18.196.91.239
184.30.21.51
185.102.219.172
185.184.8.90
185.80.39.216
185.94.180.126
2.18.161.51
20.60.220.36
2001:678:cb4:bbbb::11
23.37.42.132
2600:9000:2450:ae00:1b:5138:8a40:93a1
2606:4700:10::6814:e25
2606:4700:10::6814:f25
2a00:1450:4001:803::200e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:1700:890::26e5
2a02:26f0:3500:11::215:14dc
2a02:6b8::90
2a02:fa8:8806:20::2040
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::485
2a05:d018:d29:3605:c153:9878:d174:5b1b
3.122.77.224
3.71.149.231
34.111.136.72
34.117.159.110
34.235.215.224
34.96.105.8
35.157.179.180
35.204.74.118
35.244.159.8
35.71.131.137
37.157.2.229
37.157.2.247
37.157.5.73
37.157.6.254
37.252.171.85
44.195.215.121
51.89.9.254
54.92.8.61
69.173.144.165
77.245.159.14
85.114.159.93
01afa1ad1afa1e170e923ac3fc28e70f033f5e74659ebed6608aaeb7200d8adf
01ea2cc15fb800694f9fe0f871ef584af8a2512f018ad1e24c3d900418e36ab0
0322b00cb6bad591b726254678daf5a09db33b9f34db5fe69dbd4ae2095d2929
0328a6c2f97160ada64bacee0554de4678f3e4da5535c11752764c131c583b8a
03b787d47dba6f2e8e69f23a1bf90d27b76e3ad3183e39c5af66141aa5709dbb
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
077a758c165eced3316ba482308d475ebebfecf3040daacf54558be0db9d19af
083e1a52326761bd888b9ea769f2077fdd6dd9e979ad150b54bc3a48f50c6c85
0874b021e319f0a4f61ab79f4d7a4e4bea4187c3f211ded57fba06188e572cb7
0b50de1211aa305f3725c36a2d69bfcfe10b5a5d6a1f26ae644f9d7a69a3ab9f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8c85a1ac410f13b7a6aa3ca691d1f716189e04d6ecd734f64ee9e2e2a46d32
0fe86d7c6260a1348308c5fc2efa26dd3667d50f4ae30bb4bf9c3157a297655f
1034ccaed1f9dbb4c6c0d3895ee792b931e539ecad7d3e0491632dd4df068c65
1068448aad848bacd4586d0100c41f15b99e3bbd0d808bbb18fa0abd4eb17c7b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
142585de3616a2b2aeda9199f67790f3a46d620d6eb93f88de9f81ec44874fcf
15726d6a6db473c829365e69e31d4e97604cd5cafe876d8597b3fbc869719b42
169fd870a93b53a34363e7fda578ef8c951d28c148b51e81b966d416f66233ba
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1b92a8a493657f0885ff7c4147921de9d386899cdbe2e6b980be50cd0fadd71d
1e14b20679f4209e926dd3781ee792401cb5702c9a66fbc8cc844bcc22a496d6
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
1f3a1b50164ccf915f1c2871b79140f2b8cd36005a01cc1dce8b0f1eeea940ca
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2456ef3475fff167027aecdbf0400a036b2f383db83707c3234103d0f03d9421
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2a9f93a0d930b8bd72bd4b9e9fd00307696b166db6a4a69e183bb7d2a82ce541
2bf774c5da97bdea26c4a23ae32fd57c1f387c76f8cbbd3ef08b986979363b48
2e3d1ff6714a592eaaa8beb5caab6132f8552884bfca83f52211aec0706ec37a
2e41f9946ceda33fce9bba3f4a1702e2a52e2cfa7bb6b600661a7333523f9e96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
333190cb60b21ab9634fb0dd5163c478c0e58435efd042d7da80bd6d6af8a238
33b23188bf54a8d5acd1d1281504f4021ac4cf2f607d79efd65b55364aa73b62
34248150d4e7884e26ad1576502ca331e945c5e778e01860af19dd1a5116b4e5
36de549fa81b509bf426b8c57b5842e2857f1ac66456c567d552ac5a890dcd85
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37e36c252e75ac6304964c0e13474b369452f559467167337dfcce4e2862b0ad
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39dce9bed1229c0ea63b578fa41d43deedadad5a254d1c109a6b9befab766f57
3a828af656d81c11ab2dec2bb2e562d27b9690b2481d41342291664a4c3a4fb2
3aa6f4040b6587f7ea3d4f1610000cc2b33a0e99621ebabafae342cdca22dab7
3b7df3c42840b6bfc54d5f5d9b8a30c9893825471860b29a63d0e3d4fe58409d
3d821e45c0c21e1253a785cdcb078428f35a12ecdfb9fe1a0d2fa2801429a08b
3e3e6ec523836351b5ed090d20ee28948242138f9cfb7bc592850d05342cbccf
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f153b38fd5e00d6bdb8249dd0d7532ec47a758e6bf7ce26c2ca59a3f46b35de
3f165c18d4068098e2ca6a51713c5df0771ced1ccdbcec4ea6be99a6aef10e78
3f354e097022f46b1a0d9705858b8060064da6fdbb21933c35c81027a8e4671e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41dd65e5d60b12bfae966238332a9260800d9faa4d6b2dd96c1d04050fbaed02
422f44f37be3ad1dc211805c2f45188eb4a74e2bb9b6e4afe2379c8f0c239008
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
4445041a5221550830f31fa42e138f881676a468e4fedb939c1e0ab0a07eae17
452606c9f6a3466e1055a944cf5fac7eaf6af76927d10b6d14139da6427ebc74
459ebbd7b5cbb3d007a973b20d740aac4003148187ccc181dcdeecc8f68fc564
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
467150f57e3950f97d315a86791fa22e24d1a4f2e3b515bb2898a44cc7e0d494
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4800d1ddcb624759884f88dc16588ba7c5548440372363acb693093a396e9573
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1ba18784dc977c714a5b55aba070e01ae269ab5f95a988ff2d41cadc936271
4da7e15fa02074cfd3fd9128547223f53472736a5f7c5fa922cecdc00a1ccc6d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec8b2b157346e00c34295215b5179eb0372c7161bd197136f164969a60ff740
4ed54f5ff509297da74f1655ec64b321016c40d2656414ec6f0279d952c35b64
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51852dbbc5ba83eeabcf17f02e03c459bdb3936c4f364a3a3b7515df9ab8e6aa
52d9aafbcddc8ae466884e6dfd7915e39af35742fc0084606916540a9d50f1e8
52e537502f71005147165cfb8c67081bcbd6580b86fb92c891dcfabdfac1ffac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aa94f53399161f1132a710e087d4f3d9152aff91e268132f28ec09f80a5224
55fe4e70c417bb19b37d1824c282a9ec1804103d00436f3236c173a51a2f85b2
56639c53fbc08d334e0001abb9cb4724cb57cb476150d64d7fc1211570d2bed6
585a0b8a113e799c98a1b6fa34c69c1b29ed6c365d2301169ec6b04b0ea95ff2
5c0c5d259722512879f917320565cbf0145bd9ecb26ec7df477cd3a1878a945f
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
5d510e5f495f47a251ee719a26fcb15c52050531561fd6effb516dea253cef5e
5d8f3b16878137d3d1867b7022fb248c00c3f84752138621a6fd37bf4b2bcbce
5edb90fff40d609cdca246dccdbd2019b5745e0ebe1d8af15738b5f49c181085
6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6296ca0caa0ea059bbde8758b1e13d4de06a041c2ae716181e27bd728160b466
6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5
695a5f97154f7ad73570f00c93bf0e844185b238e06ece903751234501f5c3f7
69b89df9999b299b0fd479d7c0885b6675a4a0760494e525041c531d7b842998
6a496247c8793bd90c3031454499f1c72953ec1feddfb55c3434efeff5512d6a
6d536f941e4e2b0ef3a3575d4d1e033638e63ba823d1c52001f635a8e50cc5e1
6d6a81816d592a41ef7ac452300246b8947162cf584498486eb8711a6164a296
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f041c7d2e0dc9b549da07b2949094f34a017d2cd7c737ebe28ea360d35d2795
7218d4c9020c050d9bd04809f8073a752639cb3362f1493dd7e6aa380f870ff1
73776eff86ca177c94173b46bccd0f5e22034be029c332d1f119c181bb64efc6
75a4652125853a945a31d2262da42d0bbc892271ee28a53d4db1a02b2bce05ca
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e729904545d5ebffe1a3761a271a5a3ea944bc178dba33820d08cb1f4c147da
7ee8b20ce18299a6b6f95a8ee65b7e45a77628cc9d92b5744b6042093a2096c8
7f1255a2f606a65de5b7e373bd205bca2f5271778212970f9579a253ed5e0927
7fdabb3c4047b5538cb0396037b74e2df9a6cf2435c6fbd5588f7374864d438f
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
828c60168c1b3950934efc49f15579b24f77907a9f574650890dffcddb963cff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836ae30e628895d0ff827e02bb62ade684da008263ed73c9d9b1955f38b8c976
837376fc0794da507d975f8f40bad71cf9b790924c6c1f88a656c6e518381f24
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
86031077493229099d4d888a95ab6adc9c0fb4d98282275abd17825c8a85596b
887a3a4f200a899e84097749a9412f749c61744b76f287de50a76cb532308166
8a360dd78c99927f4b72e1277d60df80774c5f9a248bfc37c3444c43b9cbc02c
8c318bd5144e8595b335e7f114e87511df4ab914c9add7918f830d8a29f6e075
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd
8f4557e9f00d34167fab5b42b70e3b308a7a4dcd399689b0ffc59ca5980e0ec3
8fef13ab2f860035fc87d045008b7cd9a128c425c52ea7d1ad5638db53534291
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
93bd0f79c8ba99a6ec0f1abd27501be437855549ae14ec607ddfd978af685473
93f7bf325600df308529816d46a693eba94bf56c62231d7863561b4e5b485057
944089b44ec5f876426cd30b5cd76e18a09d4178aa06f2acea7b50f9fd61e67f
94e674632f6ea7da559a9b5015b6d6dc5acccae2020340d5f2ffde13d4ca1e24
95a0fed802e3139d5828f8b6f581e956f46d81f02f52a0035b7c5f673dd547ec
96569c4b91e37f96bd8225af7181e71f724ad128a563c88cc30d37f1f0a80995
96c248ed6596a211aebf66eca21eb95634a613c77b3aea467801aea400acb1c2
9834d566addfc91f7bc74e4eab1e62598056524f9c9d85d4d024f5c159c45ccd
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
998e6aadad190a486be8310130c56509f9481861fa4fbbdc1036e404ae313318
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cd42d9b26ec40128c15c3e9a6bd1aa4e5ee58171dc7bde3cde62c21684a7736
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2
a165991f6211fccecd49c3e9303c642947b95baa6d82be861f78e921ea9f7ffd
a454f4169caeb8fa44fb4944340fc2c9361d17fe83d97597c5c113ff677f76eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7ec3ad1dbefd1780bcb041c357ccef3e1072b787942366a5389820ade3ebcbc
a9262e4f0004178b2eb384213e53dd3e0c71eb13584d3f6b6dba57437014c1b1
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a
adda67abf8e0f8731a86e3aefb53b93847656f20799f63d181ae0c9cd2638adb
aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812
afd8f0857ea78c5062357999db000e31d7469b088ff8eb6bdb5f6842d552d9cc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a393dbaba4b75f14c07d22beb75334206de35c996d594d20e246e8e8db7239
b1abfa23ef585d6313b33383cbef0e1fdd17621d286122a1aa633c18eb22d139
b1e254a7cc54e3d17cd4c02d5a96ef0b71601ff6d16629980bb833545b214021
b2bc2f1968523b981d2b3da25565c98aa85da4556e4ec34662836b2183fbf4d4
b53aba3a1c4100308d0e148348e557b4b870abfc2869a54415d6dfaf8e890e97
b6c21bbb6b819f7dba5c0b474b64535c13d53512c9c1e402a92b94b424dac95e
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
b9788db7625137f65db965102859de70d200ba5fcfe9a36ab7f04a45b4a89737
be77d7730a869cb3e7f47175ccef5a7e92c95cde385080e283003379153e497b
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
beeb4ddbb224e8fc9b9f9b816f8c64ebf7b8c761a00706a44f0d3e938bc8e387
bf4bfd502f33603f3f3e4dca01b1f8e63d9f9cd4e679c847dd3fd850a1429ca2
c09a5b2409b09dd4cfbf45f291001df85a7dcc324f04a7ef198ed3a7a01f5ea9
c1390c08f2ad9b3d5e5b83456dca76a42beaea002a88625627f3cd16dcfe0e67
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c28e62ec408f34ca18b76298f690009e78700af3010365f6a6e7226e924416e9
c6d56b3addafd99887333318efc4e493386cdb33ec8d4636975bc2315c186802
c85ff0d2c0dba739701435b4ecd7ff4c4139528bef936a19f28ac4ac7cd26065
c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb217d0e8ae247684c0dd02ff520bf734a39ad6ea5ec1124286bf47e0f42ec63
cdd13cb3fe2b189660e22ad818d8dcdc948ede141397224995d5d6e992d83ce3
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12f6ca81745950ad8e0153d8eec3e628d1a6f23f6babf5df8f3850c538166e9
d19dca040e74cd8fc30291933896f5efb2183715484442e5160e8a5a149426fa
d53e65032e0f92945d35600118450d12bb0e8ab8312d97f1f9742c3f48d1bca5
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
d67150f2e83e22aa952642ed4ee5a0b14ff53a6878ba2cd7dd49d3a15f213883
d6f44659922c7cc06d3ae64b712d27e003c2ad4b57c9166dafdbcd9e98dc6e28
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
dba49107edbd020f83668ba1c661b3d240621d37c01a6d3d4a8078300b9a4069
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7713832e8617ed0535afa5ccf9ff63dc6b8bb4512664185a4b9e5d7f1abcc6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2ed8b1df83d48a9bfaa342d71eba6f7c23c6c909eecb1cbf08198cc26f55d47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5113869fed7cf5fbbb2fb64ba2e5c29fc9043e01e0d3a90b39024e0d0b20c
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e45dd19e8d682418f4489a4e9bbc70edf506cda7740c7e279082e6e2765f898c
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b6cc7b00fe92d3a4af4c9ba7db8488ca5308c97bd20e501fd72795830d32cf
e764b0e5e07c0ccad56adbbd40356d2562a9749739a5779969fa8161bd5e6dfa
ea2dbc62b8ec4f46791448b828bf5b026d8ad28f87994e94bb874a9efe2391a8
eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757
ed1f184fa3d298aaf01b99d934858b3ecb6243cd4efdea6b0f14a0b3d1ae480f
ee039ecced7c577c7a6f63d4057dde56fa45d5b23c9de7effae34eb4fa0e5b4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa9230eb742fe60368d3a007ec3e93bb89d0673456c88ecf2d0672fc7922b5f3
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fced3c4710a90ebf2a7e0c3db57e587697c5d43b93f71b4505bb6a4eb756830f
fee5feedcf117324972d35126e99e4d11d098c6437293d2bbd04c7d6153af2d7
ff98ae0f4737ae8354bce5807218b881fae0d9fe3edc295c37c93726eb094c8c
ffdd4832cf5187eb8f908ded7ae3f87e19034d405173a1f6b10bcedd6ac33f69

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

385 Requests

92 %HTTPS

40 %IPv6

52 Domains

95 Subdomains

71 IPs

12 Countries

7144 kBTransfer

16474 kBSize

31 Cookies

0 Outgoing links

Redirected requests

385 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

385
Requests

92 %
HTTPS

40 %
IPv6

52
Domains

95
Subdomains

71
IPs

12
Countries

7144 kB
Transfer

16474 kB
Size

31
Cookies

385 HTTP transactions
7 data transactions