pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_...
Submission: On July 06 via api (July 6th 2023, 11:28:10 am UTC) from TR — Scanned from DE

Summary HTTP 342 Redirects Behaviour Indicators

Summary

This website contacted 68 IPs in 8 countries across 49 domains to perform 342 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
34	185.102.219.173 185.102.219.173	60068 (CDN77 ^_^) (CDN77 ^_^)
6	185.102.219.172 185.102.219.172	60068 (CDN77 ^_^) (CDN77 ^_^)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2 2	2a03:2880:f08... 2a03:2880:f083:10e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2606:4700:10:... 2606:4700:10::6814:e25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3	34.117.159.110 34.117.159.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2606:4700:10:... 2606:4700:10::6814:f25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2 4	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
4	34.111.136.72 34.111.136.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	2a02:26f0:470... 2a02:26f0:4700:2a3::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	184.30.25.51 184.30.25.51	16625 (AKAMAI-AS) (AKAMAI-AS)
4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	35.157.179.180 35.157.179.180	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.196.91.239 18.196.91.239	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
8 26	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
5	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	() ()
1	64.233.166.157 64.233.166.157	() ()
1 1	151.101.2.49 151.101.2.49	() ()
4	52.223.40.198 52.223.40.198	() ()
2 2	69.173.144.138 69.173.144.138	() ()
2 2	13.248.245.213 13.248.245.213	() ()
1	174.137.133.49 174.137.133.49	() ()
1	3.66.186.233 3.66.186.233	() ()
1 1	20.127.253.7 20.127.253.7	() ()
1 1	35.204.74.118 35.204.74.118	() ()
4 4	213.155.156.180 213.155.156.180	() ()
1 2	178.250.1.9 178.250.1.9	() ()
2 3	51.89.9.251 51.89.9.251	() ()
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	() ()
2	2a00:1450:400... 2a00:1450:400e:11::a	() ()
4	172.217.16.194 172.217.16.194	() ()
1	213.202.235.10 213.202.235.10	() ()
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	() ()
1 1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 2	63.32.189.76 63.32.189.76	() ()
3 3	46.228.174.117 46.228.174.117	() ()
3	2a05:d018:d29... 2a05:d018:d29:3605:d2e9:b819:ceaf:6f11	() ()
2	3.75.62.37 3.75.62.37	() ()
2	95.101.149.233 95.101.149.233	() ()
1	151.101.65.44 151.101.65.44	() ()
1	69.173.144.165 69.173.144.165	() ()
1	141.101.90.98 141.101.90.98	() ()
342	68

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 185.102.219.173 (Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com

onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-s3.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-s1.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.102.219.172 (Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com

static.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6814:e25 (United States)

ASN13335 (CLOUDFLARENET, US)

srv-cdn.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.159.110 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.159.117.34.bc.googleusercontent.com

event-collector.analytics.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6814:f25 (United States)

ASN13335 (CLOUDFLARENET, US)

services.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-onedio-production.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.136.72 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.136.111.34.bc.googleusercontent.com

recommendation-api.analytics.onedio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:4700:2a3::26e5 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.25.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.179.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com

tpx.tesseradigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.91.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-91-239.eu-central-1.compute.amazonaws.com

fd.tesseradigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.157 (None, )

ASN- ()

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (None, )

ASN- ()

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.186.233 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (None, ) 1 redirects

ASN- ()

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.180 (None, ) 4 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (None, ) 2 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (None, ) 1 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:11::a (None, )

ASN- ()

r5---sn-5hnednsz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (None, )

ASN- ()

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, ) 1 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.189.76 (None, ) 2 redirects

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:d2e9:b819:ceaf:6f11 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (None, )

ASN- ()

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.98 (None, )

ASN- ()

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	onedio.com onedio.com — Cisco Umbrella Rank: 72894 static.onedio.com — Cisco Umbrella Rank: 447840 img-s3.onedio.com — Cisco Umbrella Rank: 364778 srv-cdn.onedio.com — Cisco Umbrella Rank: 411319 img-s1.onedio.com — Cisco Umbrella Rank: 250796 event-collector.analytics.onedio.com — Cisco Umbrella Rank: 484334 services.onedio.com — Cisco Umbrella Rank: 434351 recommendation-api.analytics.onedio.com — Cisco Umbrella Rank: 507304 api-onedio-production.onedio.com — Cisco Umbrella Rank: 419577	1 MB
54	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 ad.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 bid.g.doubleclick.net googleads4.g.doubleclick.net	325 KB
50	googlesyndication.com 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	303 KB
34	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 918 pm-widget.taboola.com — Cisco Umbrella Rank: 3208 trc.taboola.com — Cisco Umbrella Rank: 634 vidstat.taboola.com — Cisco Umbrella Rank: 2607 am-trc-events.taboola.com — Cisco Umbrella Rank: 11890 images.taboola.com — Cisco Umbrella Rank: 1902 imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com vidstatb.taboola.com	965 KB
19	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 325 gcdn.2mdn.net r5---sn-5hnednsz.c.2mdn.net	3 MB
18	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 dis.criteo.com	10 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635 ssum-sec.casalemedia.com	8 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	218 KB
9	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 3542 s2.adform.net — Cisco Umbrella Rank: 6835 adx.adform.net — Cisco Umbrella Rank: 4130	11 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 113 ampcid.google.com — Cisco Umbrella Rank: 2261 www.google.com — Cisco Umbrella Rank: 10	2 KB
8	teads.tv a.teads.tv — Cisco Umbrella Rank: 1500 s8t.teads.tv — Cisco Umbrella Rank: 5633 t.teads.tv — Cisco Umbrella Rank: 2567	138 KB
7	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 imasdk.googleapis.com — Cisco Umbrella Rank: 500	135 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	43 KB
5	yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	1 KB
5	rubiconproject.com 2 redirects pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	12 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	5 KB
5	facebook.com 2 redirects graph.facebook.com — Cisco Umbrella Rank: 118 www.facebook.com — Cisco Umbrella Rank: 100	961 B
4	de17a.com 4 redirects d5p.de17a.com	1 KB
4	adsrvr.org match.adsrvr.org	1 KB
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6705	689 B
4	windows.net pcloak.blob.core.windows.net	3 KB
3	onetag-sys.com 2 redirects onetag-sys.com	824 B
3	tesseradigital.com tpx.tesseradigital.com — Cisco Umbrella Rank: 283703 fd.tesseradigital.com — Cisco Umbrella Rank: 292802	27 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	228 KB
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	360yield.com 2 redirects match.360yield.com	807 B
2	3lift.com 2 redirects eb2.3lift.com	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	113 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	133 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	22 KB
2	fbsbx.com platform-lookaside.fbsbx.com — Cisco Umbrella Rank: 3891	24 KB
2	cloakan.co www.cloakan.co	773 B
1	o2online.de portal.o2online.de	609 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	573 B
1	linkedin.com 1 redirects px.ads.linkedin.com	777 B
1	quantserve.com cms.quantserve.com	463 B
1	exactag.com m.exactag.com	1 KB
1	simpli.fi 1 redirects um.simpli.fi	709 B
1	inmobi.com 1 redirects sync.inmobi.com	746 B
1	sharethrough.com match.sharethrough.com	360 B
1	e-volution.ai rtb2-useast.e-volution.ai	233 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	578 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 52173	364 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098	397 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1191	65 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	1 KB
0	sportradarserving.com Failed a.sportradarserving.com Failed
342	49

	Domain	Requested by
31	onedio.com	www.cloakan.co onedio.com
27	pagead2.googlesyndication.com	onedio.com 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
26	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
19	tpc.googlesyndication.com	onedio.com securepubads.g.doubleclick.net 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com tpc.googlesyndication.com pcloak.blob.core.windows.net imasdk.googleapis.com s0.2mdn.net
16	s0.2mdn.net	onedio.com pcloak.blob.core.windows.net s0.2mdn.net
13	securepubads.g.doubleclick.net	onedio.com securepubads.g.doubleclick.net 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
12	images.taboola.com
12	bidder.criteo.com	onedio.com static.criteo.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	srv-cdn.onedio.com	onedio.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	onedio.com 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	static.criteo.net	onedio.com
6	www.google.com	2 redirects 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com tpc.googlesyndication.com onedio.com
6	static.onedio.com	onedio.com
5	csi.gstatic.com	imasdk.googleapis.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	securepubads.g.doubleclick.net 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
5	cdn.taboola.com	onedio.com cdn.taboola.com
4	googleads4.g.doubleclick.net	pcloak.blob.core.windows.net
4	d5p.de17a.com	4 redirects
4	match.adsrvr.org	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com imprammp.taboola.com am-match.taboola.com
4	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	prebid-eu.creativecdn.com	onedio.com
4	adx.adform.net	onedio.com
4	api-onedio-production.onedio.com	onedio.com
4	recommendation-api.analytics.onedio.com	onedio.com
4	dmp.adform.net	2 redirects onedio.com
4	a.teads.tv	onedio.com a.teads.tv
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	onetag-sys.com	2 redirects 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	www.facebook.com	onedio.com
3	t.teads.tv	onedio.com
3	id5-sync.com	onedio.com
3	event-collector.analytics.onedio.com	onedio.com
3	www.googletagmanager.com	onedio.com www.googletagmanager.com
2	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com
2	ups.analytics.yahoo.com	am-match.taboola.com
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	am-vid-events.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	r5---sn-5hnednsz.c.2mdn.net
2	ssum-sec.casalemedia.com	2 redirects
2	dis.criteo.com	1 redirects 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	imasdk.googleapis.com	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
2	www.googletagservices.com	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
2	trc.taboola.com	onedio.com
2	ad.doubleclick.net	1 redirects onedio.com
2	tpx.tesseradigital.com	www.googletagmanager.com pcloak.blob.core.windows.net
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	connect.facebook.net	pcloak.blob.core.windows.net connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform-lookaside.fbsbx.com	onedio.com
2	graph.facebook.com	2 redirects
2	img-s3.onedio.com	onedio.com
2	www.cloakan.co	pcloak.blob.core.windows.net
1	vidstatb.taboola.com
1	portal.o2online.de
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.targeting.unrulymedia.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	cms.quantserve.com	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
1	m.exactag.com	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
1	wf.taboola.com	onedio.com
1	imprammp.taboola.com	vidstat.taboola.com
1	gcdn.2mdn.net	1 redirects
1	um.simpli.fi	1 redirects
1	sync.inmobi.com	1 redirects
1	match.sharethrough.com	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
1	rtb2-useast.e-volution.ai	1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	am-trc-events.taboola.com
1	fd.tesseradigital.com	tpx.tesseradigital.com
1	mug.criteo.com	pcloak.blob.core.windows.net
1	ampcid.google.de	onedio.com
1	ampcid.google.com	onedio.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	s8t.teads.tv	onedio.com
1	lb.eu-1-id5-sync.com	onedio.com
1	s2.adform.net	onedio.com
1	www.googleoptimize.com	www.googletagmanager.com
1	cdn.jsdelivr.net	onedio.com
1	services.onedio.com	onedio.com
1	img-s1.onedio.com	onedio.com
0	a.sportradarserving.com Failed
342	93

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-07-03` - `2023-10-01`	3 months	crt.sh
*.onedio.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-29` - `2023-09-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
srv-cdn.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
event-collector.analytics.onedio.com GTS CA 1D4	`2023-05-31` - `2023-08-29`	3 months	crt.sh
services.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
recommendation-api.analytics.onedio.com GTS CA 1D4	`2023-06-11` - `2023-09-09`	3 months	crt.sh
api-onedio-production.onedio.com GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpx.tesseradigital.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
fd.tesseradigital.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-06-27` - `2023-09-05`	2 months	crt.sh
portal.o2online.de E1	`2023-05-25` - `2023-08-23`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Frame ID: 5F088B456A93760F4EDB2D33E30539A1
Requests: 6 HTTP requests in this frame

Frame: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Frame ID: 5BC937D0CF50D9B03939D95904154F84
Requests: 167 HTTP requests in this frame

Frame: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F238CFBDE3CD3E228DEBA9754CB1014F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 381F074EE3688FCFDADD747C159598A4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 22DBCE10C108B5E098C6657186B7AD6B
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 693A87EBF10A7CEF9A49216BD6408A44
Requests: 1 HTTP requests in this frame

Frame: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 100F50D2BE3025EC2BCF8EFF8A8109EA
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9dTQ7gEwAQ&v=APEucNVJA3vGnC5rQVR1FWIh4jC5Jlsit0DUhCdZe2afH-e_-X2no-IX9vPdI37jLJJqJQ9kEi_X3QvZpW6yfafmLkkdKMue_JLsttju0zHnpuvjsCclrC1MXPAR0UfuLzdhxE9Ou61CgGXNwB8XY5NdARccBJtoaw9OHF94EULhvcD974xc196QLm_ictCAeuYH0IL8ypwr_O_9s0DTwHvZNsTGKmtp-w
Frame ID: 189B9684FB81BFEF74FC48FFBA9A7A4D
Requests: 5 HTTP requests in this frame

Frame: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 35D64C90BA5EA0AB5D5F6EF3BCFEAA16
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA4A1598C9CAD5744F29580CDC3C35AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD448308D6106C0F0D031CCE609B096F
Requests: 2 HTTP requests in this frame

Frame: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A647ED97F77D5671BC6C5EE90F0A879F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXX3_vfBpIsZPvoho3AdIyc0YTJ4S9swxOpM0NuM2ZWYNFSnPgZnN_jVR0Rp6MfYNukKzHuALYPrjb61dvufiX1-EvZv7YWXTGPd5HrhikzDyrISR7M0naLnih0RftMF_N5gaTMsBdKjNvFktf5ta9Kwe_-AGZQMSKROSqVcBIhlWGPFiwbOpg7qLTaCphooTUD7bj0hdwb_XT2GAzI1S39Web_xg
Frame ID: 256F3ACBBAA152A7AE4F30D182EA9DEC
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 273109EC8E702D68FE4D4AA1BED76A9E
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42D1F1F823B142F07E7D5146AC386321
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB879414B658D861C562D0A416DCF1C7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2215CEE2D7AF5ECCC1B0FF4B8BD416AC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7EEE13CCA416E20F60206439E4960C32
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1688642889518&uv=3296&tms=1688642889518&abt=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4bc0a233-8115-4256-83ff-c4c1e5cb99ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 7B511FDC062D44CA49A93CDAE5318B3B
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C385E652F35E1561773A116193472450
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4CEA9FC97880205A6189FB1F5B9C5D69
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250
Frame ID: C1668540B484F9C7DF9B33090FE7F9C9
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
Frame ID: 4EA9D4D464A70577F842F12ED2C537C2
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 2D9CF18CAD474B6B036646D7BF5DC86D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 985F9FC0C3B00569093837048490912C
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7C6A2F6E3D38DD21BA5AE11A28C0B3A4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

342
Requests

88 %
HTTPS

44 %
IPv6

49
Domains

93
Subdomains

68
IPs

8
Countries

6873 kB
Transfer

16271 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://graph.facebook.com/10221116671685687/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1691234886&hash=AeSACs_PMtDCwM-Mg1c

Request Chain 44

https://graph.facebook.com/10204851241823419/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1691234886&hash=AeTy_tXLSQREwZ5W1c0

Request Chain 64

https://dmp.adform.net/dmp/profile/?pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1688642887101 HTTP 302
https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1688642887101

Request Chain 77

https://dmp.adform.net/audiencetag/adformat.js HTTP 301
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

Request Chain 142

https://gum.criteo.com/sid/json?origin=publishertag&domain=onedio.com&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=S190_Hx2NDExWVVPbHljMmtJeEoyWE83MlNQb0hYSFJKaW9UdXlqWXpZZlMrK1duZjQzTTdocC9ITUIxV01rYkpyRldEbzYzdklDU1RiM0FKeDYwbWFkSUZxazhma2lhNGZVeXlHWjlEUGRBejRCTzFxU1pFUlRycThDbFAwcjh6SEt0WXBpbWFIZEpLS2ZreExPR3V1N3Q0Ykl4THROeUJuRXBLMEpTZi9PZFZRUzdtOWVNRFdDQklPNVJmNGtNK3NGMDlIUkhSZkpoQXR3THJucHc2OTNuVWR1Tis5bi9uTjI3aFVlbFY1SEdGRlNaS1dEMXErWWdHU2xLQnZaU2pBM1E0NnBpK1E4OVRCYlVIMjNBMFZLRXR2WlFmeE41bWQzazNjQTVEV1hBOVV1Yz18&cppv=2

Request Chain 154

https://ad.doubleclick.net/ddm/trackimp/N51703.3848558MATTERKIND3/B30072002.368830480;dc_trk_aid=559763456;dc_trk_cid=193688982;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N51703.3848558MATTERKIND3/B30072002.368830480;dc_pre=CJusnvz8-f8CFaXhuwgddOAKPg;dc_trk_aid=559763456;dc_trk_cid=193688982;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECL__8WyKbQCRsN96iMxQwY&google_cver=1

Request Chain 181

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKalSKlQ6LirERDMhe1ykQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFnkkqisujaYvqYJ2MNdbE4&google_cver=1

Request Chain 183

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D

Request Chain 207

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1

Request Chain 209

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKalSKlQ6LirERDMhe1ykQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB4PNyWUKZnG4ZL0gH51oK0&google_cver=1

Request Chain 211

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D

Request Chain 216

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 260

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECVGARWvGW5z-QmNGLniKoE&google_cver=1&google_push=AaAOQGGMjr6We-euzsCzmKQEEQ98-Y9dGCJoa_k2gpMD1BxTlbjOxfDEtbLXxnNEavEGmKsbWfgDrudBd839g8MS5bt-Dw47YNHjAGch2DRHvmWb5ZgByAcaRvS9IBAJgj4J3XGfur4AJTCJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVGARWvGW5z-QmNGLniKoE&google_push=AaAOQGGMjr6We-euzsCzmKQEEQ98-Y9dGCJoa_k2gpMD1BxTlbjOxfDEtbLXxnNEavEGmKsbWfgDrudBd839g8MS5bt-Dw47YNHjAGch2DRHvmWb5ZgByAcaRvS9IBAJgj4J3XGfur4AJTCJ

Request Chain 262

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENiO1pVf3uaAot2uj7jf4RI&google_cver=1&google_push=AaAOQGHhZV4K6xSb3zF5zmPs0J0pOENQV2fGFrKf0-mMNhwPvO0dBetREnz-TjPtJheGZkxAVXSmSQPMV7cPn_xHwxiRYoEbUy-RPnTg_dgR1sqeRMJE27A881xkdlylTfq05ei315eGmRjp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0ctRC1HQ0Qy&google_push=AaAOQGHhZV4K6xSb3zF5zmPs0J0pOENQV2fGFrKf0-mMNhwPvO0dBetREnz-TjPtJheGZkxAVXSmSQPMV7cPn_xHwxiRYoEbUy-RPnTg_dgR1sqeRMJE27A881xkdlylTfq05ei315eGmRjp

Request Chain 263

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF_eoixBkJpt-Jfdg9W36rY&google_cver=1&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEczibaPOQUeMLTaeDF3_Xhu9HS2OIlsf7dgwkxr9Hwm3eOZgvkNoQ0KqncEa3vP5AXlxnEOX8deRJXdHonocSITTYe HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEczibaPOQUeMLTaeDF3_Xhu9HS2OIlsf7dgwkxr9Hwm3eOZgvkNoQ0KqncEa3vP5AXlxnEOX8deRJXdHonocSITTYe&google_gid=CAESEF_eoixBkJpt-Jfdg9W36rY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4OTk0ODgyMjI4Mzk1NTkxMDMzMA%3D%3D&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEczibaPOQUeMLTaeDF3_Xhu9HS2OIlsf7dgwkxr9Hwm3eOZgvkNoQ0KqncEa3vP5AXlxnEOX8deRJXdHonocSITTYe

Request Chain 266

https://sync.inmobi.com/gob?google_gid=CAESEJ_68EXxWudLvOWyZnVu0-s&google_cver=1&google_push=AaAOQGEur66GhtplzVNn5fPMv4_ujSwOAds0KiUm0SNRRsC365FuodBpZdvlNjGXmO1gDsTlXl2qnP7vRrJHS56TT-wRIaG3fXT_QeZOxZZ21vcIe0QNkWgYszzSdbmzcJrs3bWnyFMK-leSMg HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEur66GhtplzVNn5fPMv4_ujSwOAds0KiUm0SNRRsC365FuodBpZdvlNjGXmO1gDsTlXl2qnP7vRrJHS56TT-wRIaG3fXT_QeZOxZZ21vcIe0QNkWgYszzSdbmzcJrs3bWnyFMK-leSMg

Request Chain 268

https://um.simpli.fi/gp_match?google_gid=CAESEPrZtMSv35qwRpYLcn2oTes&google_cver=1&google_push=AaAOQGGknOiaYGPQBgtz2TdAsp6tv_dGrJyeKo-G_7D08hcEV7m00_G0rkqyvazUru9c_mZR1q9xh7i6sHDV68wJQH6Hj8m8Wms HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4C9AA0BE4B94523A1A22AE7B791F212&google_push=AaAOQGGknOiaYGPQBgtz2TdAsp6tv_dGrJyeKo-G_7D08hcEV7m00_G0rkqyvazUru9c_mZR1q9xh7i6sHDV68wJQH6Hj8m8Wms

Request Chain 269

https://d5p.de17a.com/cookies/google?google_gid=CAESEGsMvkHriIjqMUkRolqa8-k&google_cver=1&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcANnmgeXV HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGsMvkHriIjqMUkRolqa8-k&google_cver=1&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcANnmgeXV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcANnmgeXV

Request Chain 270

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESELOBL2DkWZGYm6q80vrFgjY&google_cver=1&google_push=AaAOQGF2nQV-FgnJaiW2LAJEVTFWa9fUFah7UqinBmTl5yCG3U5n0lktt5KBT_nPKKkVim8x_pa5rM0NIsB3yQqax6Njjlh8jbUK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-IEI2jUtBRcMlSchzqAzymrH1p4qK1We3Vj0bkQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 271

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFxZm8mHSKf_DvNzo908B-U&google_cver=1&google_push=AaAOQGEadPKLwB7Xh9FuqyJ9PybUmTYrHG__BhdHLg4DKNFFK2YBg33taZo0HVS3JSrlSDSRD83rq06N_peF6x-uRU8g-ZJtXkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0YtTi1JNlVM&google_push=AaAOQGEadPKLwB7Xh9FuqyJ9PybUmTYrHG__BhdHLg4DKNFFK2YBg33taZo0HVS3JSrlSDSRD83rq06N_peF6x-uRU8g-ZJtXkc

Request Chain 272

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECGmmx8JmU2trBnxbvx5Nvs&google_cver=1&google_push=AaAOQGH5_5KlpkBCmFSpmJFqEDhBdbiFLFPsUK6BM4s7Ur49VqV2VdJFucpItehKhaSRNTz52ALa95NQ10ks-uvdCuEPBRfGs2XO HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGmmx8JmU2trBnxbvx5Nvs&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGH5_5KlpkBCmFSpmJFqEDhBdbiFLFPsUK6BM4s7Ur49VqV2VdJFucpItehKhaSRNTz52ALa95NQ10ks-uvdCuEPBRfGs2XO

Request Chain 273

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGaRwj44PPosOgtFkqOwP28&google_cver=1&google_push=AaAOQGHJ5o5IeS01buR8oMHr_oe3Plh1XW6stscUgCF76E8YDodBQuYuLenmipujKF5gNAJrud3deBVmgJ392udxQK9yCYD6z4FM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHJ5o5IeS01buR8oMHr_oe3Plh1XW6stscUgCF76E8YDodBQuYuLenmipujKF5gNAJrud3deBVmgJ392udxQK9yCYD6z4FM

Request Chain 274

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGaRwj44PPosOgtFkqOwP28&google_cver=1&google_push=AaAOQGEsqYYELBlXiP4iOxqBd_hy-Po8pKI5ZhCDwBwVVplqVGdvZ5w5qmzGD-59a1971syWw0VDbJCn_NsBuf1vzZ0Au_3zEBZqAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEsqYYELBlXiP4iOxqBd_hy-Po8pKI5ZhCDwBwVVplqVGdvZ5w5qmzGD-59a1971syWw0VDbJCn_NsBuf1vzZ0Au_3zEBZqAA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 278

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/6186EEB37732FB8F686C6F3E05439779559AE776.96000F86D627FD018304FF86366BE5C3D5CD540F/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-5hnednsz.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2DFF3846BDF5403C2A9CE12CE2FDD09C8905EA9A.6FA262CEAB4683D8B7DC1AB2740129F649301929/key/cms1/cms_redirect/yes/mh/C5/mip/2a03:1b20:b:f011::4e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1688642079/mv/u/mvi/5/pl/48/file/file.mp4

Request Chain 292

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKNMDT4OEq8_zh_hlzXIJvU&google_cver=1&google_push=AaAOQGGolvaMPUPSEc6lZgckOA1xp1hxCJGUkLPqxPKEOKtI-07qkqkDCz6rGwFhgYgBnAjYpkAEXZPBthVsHba2t2lxE-OvrHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGGolvaMPUPSEc6lZgckOA1xp1hxCJGUkLPqxPKEOKtI-07qkqkDCz6rGwFhgYgBnAjYpkAEXZPBthVsHba2t2lxE-OvrHQ

Request Chain 293

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDDAABpHepVt19JsdLaonbM&google_cver=1&google_push=AaAOQGGte3jFebh0fEW5s8r5DQv4wDbfotC1ZBY953XdS0FVRt7MIb2JgN2ffRAu1uKfREg8VxzsBuLPjyRkGBfQrKdUDZTDUrA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDDAABpHepVt19JsdLaonbM&google_cver=1&google_push=AaAOQGGte3jFebh0fEW5s8r5DQv4wDbfotC1ZBY953XdS0FVRt7MIb2JgN2ffRAu1uKfREg8VxzsBuLPjyRkGBfQrKdUDZTDUrA HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google

Request Chain 294

https://d5p.de17a.com/cookies/google?google_gid=CAESENh_LNxpgmi7UNjaIUUXyEo&google_cver=1&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiifL3ewg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENh_LNxpgmi7UNjaIUUXyEo&google_cver=1&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiifL3ewg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiifL3ewg

Request Chain 295

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOgJsYe7hw75vsnQYGeaM9M&google_cver=1&google_push=AaAOQGGxGwJIUAIADUrA8Oeps0jm71NKC3HyI6g6mpEwkgAJ1rjm0u4eEGcw9Dsf6t_kf5tAzjBS-W3vC_ivdEl8xKnDDVHMvBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOgJsYe7hw75vsnQYGeaM9M&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGGxGwJIUAIADUrA8Oeps0jm71NKC3HyI6g6mpEwkgAJ1rjm0u4eEGcw9Dsf6t_kf5tAzjBS-W3vC_ivdEl8xKnDDVHMvBg

Request Chain 296

https://match.360yield.com/match/ebda?google_gid=CAESEHdLG_a9_IGnor2ONls6Edg&google_cver=1&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6HI56gT-P3hw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHdLG_a9_IGnor2ONls6Edg&google_cver=1&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6HI56gT-P3hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QEZPbO-pSFOzaMkxaeSj3A&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6HI56gT-P3hw

Request Chain 297

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEtTRSASL8gYkldtligIvPU&google_cver=1&google_push=AaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1688642889863 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-54a7f0e6-4490-4433-998b-b3ce2dd598d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo%26google_hm%3DA1Sn8OZEkEQzmYuzzi3VmNk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo&google_hm=A1Sn8OZEkEQzmYuzzi3VmNk

342 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6y592zf1gbg.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 486ms
115ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 52e537502f71005147165cfb8c67081bcbd6580b86fb92c891dcfabdfac1ffac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: phA55yVw0gHyoxDHiNsKtQ==
Content-Type: text/html
Date: Thu, 06 Jul 2023 11:28:04 GMT
ETag: 0x8DB5ED0A53C8096
Last-Modified: Sat, 27 May 2023 16:37:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 853e4911-501e-006e-2bfc-af1722000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 114ms
113ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-request-id: 853e495f-501e-006e-72fc-af1722000000
Date: Thu, 06 Jul 2023 11:28:04 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 346ms
115ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 06 Jul 2023 11:28:04 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 853e4a09-501e-006e-0afc-af1722000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 230ms
115ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 06 Jul 2023 11:28:04 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 853e49c1-501e-006e-4bfc-af1722000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 55 B
321 B 357ms
159ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6y592zf1gbg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:04 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 45

GET
H2 200 nv.php Show response
www.cloakan.co/ 338 B
452 B 376ms
197ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6y592zf1gbg-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: cb217d0e8ae247684c0dd02ff520bf734a39ad6ea5ec1124286bf47e0f42ec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:04 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 178

GET
H2 200 kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Show response
onedio.com/haber/ Frame 5BC9 345 KB
65 KB 110ms
31ms Document
text/html 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6y592zf1gbg-m
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 61016fb59e68abe6d39bd3ddbac2c6171514f66eae2a909238e8a3f828a436ba

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6650
allow: GET, HEAD, POST
cache-control: public, max-age=60
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 06 Jul 2023 11:28:06 GMT
etag: W/"5649d-JmwOrEelQVulcy4Y8un8GdR7MEs"
server: MerlinCDN
vary: Accept-Encoding
via: HTTP/2.0 Merlin CDN
x-amz-cf-id: LYWsBs4oWTD3iGkrZzvvG4u1sUPpqTCnUWdqD8_76kxXQM0bczEvGA==
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-cache-status: STALE
x-edge: de-fra-dp-s01
x-midtier: nl-naw-ws-s08
x-varnish: 998583056

GET
H2 200 Inter-Light.woff2
static.onedio.com/fonts/Inter/ Frame 5BC9 35 KB
35 KB 234ms
126ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Light.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 41dd65e5d60b12bfae966238332a9260800d9faa4d6b2dd96c1d04050fbaed02

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: AMS50-C1
age: 0
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 35440
last-modified: Fri, 07 Jan 2022 12:12:27 GMT
server: MerlinCDN
etag: "ded6cc07e59d818372f76b530e7c7aaf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
allow: GET, HEAD
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: mnfdhHpd11jrxYBoR7bXE0AXzMfsqv2jWSF1r7JXQQyMt-3Z65WyuA==

GET
H2 200 Inter-Regular.woff2
static.onedio.com/fonts/Inter/ Frame 5BC9 33 KB
33 KB 225ms
116ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Regular.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: AMS50-C1
age: 0
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 33580
last-modified: Fri, 07 Jan 2022 12:12:29 GMT
server: MerlinCDN
etag: "e423db9dfdab27cbe7e6d5d1905c001b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: 9KhWvogC4wUopG_SfHBk6XuWFeWynyCkCKwzTd245DkDx8IiVCXy4g==

GET
H2 200 Inter-Italic.woff2
static.onedio.com/fonts/Inter/ Frame 5BC9 104 KB
105 KB 159ms
51ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Italic.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 106876
last-modified: Fri, 07 Jan 2022 12:12:26 GMT
server: MerlinCDN
etag: "fd26ff23f831db9ae85a805386529385"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: 9II6Vs_YwVdvbAjeuo56O14aGNq0lR8VL5JHYA8B9gm2Di0rfrC9HA==

GET
H2 200 Inter-Medium.woff2
static.onedio.com/fonts/Inter/ Frame 5BC9 35 KB
36 KB 245ms
137ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Medium.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: AMS50-C1
age: 0
x-midtier: nl-naw-ws-s08
x-cache-status: EXPIRED
x-cache: Hit from cloudfront
content-length: 36304
last-modified: Fri, 07 Jan 2022 12:12:28 GMT
server: MerlinCDN
etag: "209c34a0fe25256a1d61f4b87f0bdf41"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
allow: GET, HEAD
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: srHaS671rhZ4RH4J7JcNRpNvgCPMx2hyiWe1Ie4JFKdbmMSU0WvW3A==

GET
H2 200 Inter-Semi-bold.woff2
static.onedio.com/fonts/Inter/ Frame 5BC9 36 KB
36 KB 231ms
123ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Semi-bold.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 36488
last-modified: Fri, 07 Jan 2022 12:12:30 GMT
server: MerlinCDN
etag: "4d3237c6955b3611432f2cf951990f8b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
allow: GET, HEAD
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: ijWUmtFJMZhL8AMx5FT0mcIZqSwg66APs9p-0j5ApUiXOEGZHA24IQ==

GET
H2 200 Inter-Bold.woff2
static.onedio.com/fonts/Inter/ Frame 5BC9 36 KB
36 KB 143ms
35ms Font
binary/octet-stream 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onedio.com/fonts/Inter/Inter-Bold.woff2
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P4
age: 0
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 36520
last-modified: Fri, 07 Jan 2022 12:12:24 GMT
server: MerlinCDN
etag: "86ec6e568f088fdabcca077caa60f99c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s03
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary: Accept-Encoding
access-control-allow-credentials: true
allow: GET, HEAD
accept-ranges: bytes
x-amz-cf-id: friF2IikPGUIDA5YTkpnCt04VIpi_vmlRWV6vj5Z3YzCc_KvclDJBQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5BC9 77 KB
26 KB 292ms
169ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37a492700dbfcf1bda4376f5c65ad7b2ea514a3e544070681d1063598fb4a08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26309
x-xss-protection: 0
server: cafe
etag: 456 / 19544 / m202306280101 / config-hash: 16897811651769644562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:28:06 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 5BC9 126 KB
41 KB 149ms
70ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e1b589a52987caa5c01d9917838d185e95c4bc44127972ebb53a8122616d1dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-1f95c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Jul 2023 11:28:06 GMT

GET
H2 200 pbd7.47.0.js Show response
onedio.com/scripts/ Frame 5BC9 232 KB
74 KB 115ms
114ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/scripts/pbd7.47.0.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: fee5feedcf117324972d35126e99e4d11d098c6437293d2bbd04c7d6153af2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 1053
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 13:58:35 GMT
server: MerlinCDN
etag: W/"39fef-189265902f8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 997543384 997373441
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=3600
x-amz-cf-id: _t-WQhi5pEBf95ijjTiQx-meLBvbam538lMO86cKOiP80NYem7CyMw==

GET
H2 200 e5407f9.js Show response
onedio.com/_nuxt/ Frame 5BC9 4 KB
3 KB 34ms
28ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/e5407f9.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: a740e0c3da79e70748dc3ed8aa400edc9800953443dcceb828150a272be1ca03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"10c0-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 1008954983
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: rFX_MMaW-4vE3yUFoXPdANWGvV6BDBqqU8geHfTvclZ-KbRrYywa5Q==

GET
H2 200 2c983e9.js Show response
onedio.com/_nuxt/ Frame 5BC9 271 KB
91 KB 48ms
43ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/2c983e9.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: ff98ae0f4737ae8354bce5807218b881fae0d9fe3edc295c37c93726eb094c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 1306498
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"43cda-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 856052474 834851703
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: RjnK3kkLZ7tM4vzoV5bp4mD8YrKyxhcwQpZ6aGlzsXtTCbF_5rGjWw==

GET
H2 200 ec87d37.js Show response
onedio.com/_nuxt/ Frame 5BC9 438 KB
131 KB 74ms
69ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/ec87d37.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: c1390c08f2ad9b3d5e5b83456dca76a42beaea002a88625627f3cd16dcfe0e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306498
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:33 GMT
server: MerlinCDN
etag: W/"6d8d3-188be5e0608"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 823108777
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: cRjylljejM8mbQ5Waih903UWWi3g5PpVx3WEwIMkjyokthYuMNuLHg==

GET
H2 200 1719f51.js Show response
onedio.com/_nuxt/ Frame 5BC9 793 KB
196 KB 101ms
96ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/1719f51.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 14dc088d308fca22250f7fb985062cdece95cd07299da915e0038459164a9f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"c63d0-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 1023629232 1023109048
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: 4g3LKxQz3gDEtf0feYph9KmjtNmqEJfKke3rl2Gz1fBHORnlHKa1bg==

GET
H2 200 3bca677.js Show response
onedio.com/_nuxt/ Frame 5BC9 321 KB
72 KB 117ms
112ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/3bca677.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: f685a558d31a02f50b6f3abccdfd890bc94a3f19b44f3a77671afd469561f272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 76599
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"502d4-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 995166046
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: IB9m19LnTTVpC6nm6-bDgbqs-okh_cLmVU9cg3Q921EkjqYtdocJ3w==

GET
H2 200 cb7d719.js Show response
onedio.com/_nuxt/ Frame 5BC9 5 KB
2 KB 122ms
117ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/cb7d719.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 2e3d1ff6714a592eaaa8beb5caab6132f8552884bfca83f52211aec0706ec37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306498
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"143e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 860401250 861610780
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: _O_XV_jlz-84T9kssG4O3X_tXZCDvGOo3qfN_SvjwzO4PsR3hp2KhA==

GET
H2 200 1072002.js Show response
onedio.com/_nuxt/ Frame 5BC9 23 KB
10 KB 122ms
118ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/1072002.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 8b93bcb9d5295ceda227d94b91f40f607adb22f780c49931d5d6324c0fa3168a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"5df7-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 994712056 989819862
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: UycYTNWX6ZGwsIclp7kNqsKIM_j8qq52lcIbMa1JMPn2cnygJ_q8VA==

GET
H2 200 5e4f6b4.js Show response
onedio.com/_nuxt/ Frame 5BC9 95 KB
33 KB 123ms
119ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/5e4f6b4.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 84c62dac4616715b67a6f05f581b9d506c54475ba5fa70324d3a5194387e3a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"17d84-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 993244602
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: keDD0KX32bh5QERBIg73g-UUCQm2WO8zoxUwXbO-F4BKSi4V53ISFw==

GET
H2 200 f92ee1e.js Show response
onedio.com/_nuxt/ Frame 5BC9 17 KB
6 KB 128ms
123ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/f92ee1e.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 5562c13812b466a0a7c04fd2fd0473f62ce7b899ab76808135bd2b324bc6b2ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 76599
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"4359-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 995102450
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: z1HLYzvMgPszF49DKG_8n8gFEKboWMRcShePiqn6qEs-Zl2EkTr03w==

GET
H2 200 7e2e7f6.js Show response
onedio.com/_nuxt/ Frame 5BC9 6 KB
3 KB 128ms
124ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/7e2e7f6.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 4ed54f5ff509297da74f1655ec64b321016c40d2656414ec6f0279d952c35b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 1306498
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"199e-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 862332716 862260919
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: 9nAc1YbtajIPoaqsnhZn86OMMbPvCkWW2rT07YzyT6mxgnOR2h9VaA==

GET
H2 200 ce8e528.js Show response
onedio.com/_nuxt/ Frame 5BC9 107 KB
25 KB 129ms
125ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/ce8e528.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 1635eba10727a5bdcc0ccf080bcbe42e4e451c1e14048c67fae1a1afb017e2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"1ab5b-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 995166004
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: pj8oRtOpHNG6EV3fQUE9LDyF9PTW-MMNcfUSQlXOhzwUBZvMte7wIw==

GET
H2 200 c3b07ec.js Show response
onedio.com/_nuxt/ Frame 5BC9 68 KB
21 KB 130ms
126ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/c3b07ec.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: a165991f6211fccecd49c3e9303c642947b95baa6d82be861f78e921ea9f7ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306498
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"111a4-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 861120331 860633187
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: NhEovoXdfKMgygHo-a7eRFHsQTSe60C0XULhTKabyRBRxDdlF9BKNA==

GET
H2 200 5739592.js Show response
onedio.com/_nuxt/ Frame 5BC9 12 KB
4 KB 131ms
127ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/5739592.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: e74d88acee41342a30d5f497906e7bcb06ec2805ee127dfe39233df129051453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"306e-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 1023262809
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: EE8Bu7XKuuW0F_GUoikY5SgCPde3G1pUnDliV4R1TRyu2PvKozYV6g==

GET
H2 200 c2345ed.js Show response
onedio.com/_nuxt/ Frame 5BC9 1 KB
1020 B 132ms
128ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/c2345ed.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 73776eff86ca177c94173b46bccd0f5e22034be029c332d1f119c181bb64efc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 1306498
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"456-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 823108785
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: WPGQ96zCUK55h50anTheywnZUOem33HG7Dx1MtlqRuxi1W9ftJrGMQ==

GET
H2 200 42524d0.js Show response
onedio.com/_nuxt/ Frame 5BC9 14 KB
5 KB 132ms
129ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/42524d0.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 4292deaa07e5aefa8b0404e89a6ef2202c328e18a172cda3a5459bbae7e31965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 76598
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"3928-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 993086471 995133343
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: QhmfJ8fn48TS_dCxh6ULZ4hOYWjNTnwno5h6n49FkCNr9hkFTfV3Ig==

GET
H2 200 c0cb3db.js Show response
onedio.com/_nuxt/ Frame 5BC9 35 KB
8 KB 133ms
130ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/c0cb3db.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 1b6f6d0bc93212b43eafee41d1d9c2f261e8c42847205ebe371276e6bc6a2b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 76599
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"8a2a-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 993377574 994518376
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: lUJF1al-aXl0UiE9neglt3uRwhRof9f_EiBMydg8W8NW7houIQUgKw==

GET
H2 200 eba3f3f.js Show response
onedio.com/_nuxt/ Frame 5BC9 2 KB
1 KB 135ms
131ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/eba3f3f.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 7fdabb3c4047b5538cb0396037b74e2df9a6cf2435c6fbd5588f7374864d438f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306498
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"87b-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 826010050
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: fPuQRS10OwfduBT5_UEEkdKuBh28H4edXzUBY4cF-FSH677qJDtezA==

GET
H2 200 428efe4.js Show response
onedio.com/_nuxt/ Frame 5BC9 1 KB
1 KB 135ms
132ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/428efe4.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 93f7bf325600df308529816d46a693eba94bf56c62231d7863561b4e5b485057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306498
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"4e6-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 828418209
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: 9Y2LRTHf37BfA-053OfWL0klC5OI5kGFBdfVvx1UOG6iUnMRjyWuYA==

GET
H2 200 1705d0c.js Show response
onedio.com/_nuxt/ Frame 5BC9 8 KB
3 KB 136ms
132ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/1705d0c.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: e5b6cc7b00fe92d3a4af4c9ba7db8488ca5308c97bd20e501fd72795830d32cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306498
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"1f41-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 826010052 829564698
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: fcDnSo_HXV0T2zOR1CpUjZ_IbVUrn3Vjf2NPEX2PQv80_YoXkNV87g==

GET
H2 200 04dbfe5.js Show response
onedio.com/_nuxt/ Frame 5BC9 559 B
799 B 136ms
133ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/04dbfe5.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 01afa1ad1afa1e170e923ac3fc28e70f033f5e74659ebed6608aaeb7200d8adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306487
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"22f-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 827018238
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: mDSiVFTpgRCN84QZwVNkCuQrB4Q6FqaEdwv7VrEDLGppJ28IP3_HBQ==

GET
H2 200 19ffef3.js Show response
onedio.com/_nuxt/ Frame 5BC9 4 KB
2 KB 136ms
133ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/19ffef3.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 8a360dd78c99927f4b72e1277d60df80774c5f9a248bfc37c3444c43b9cbc02c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 1306498
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"1175-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 859756380 859787781
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: dw7fHT2gpZGbf9E8OCQCo7f7ZwSuWAaRfRDk3MoF2-RH-82c7b_V9w==

GET
H2 200 c27ff1f.js Show response
onedio.com/_nuxt/ Frame 5BC9 31 KB
9 KB 137ms
134ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/c27ff1f.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 7849fb00e08e4f940b1f61fe300eba24f63aca86e285c4548d9e93f984320f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"7a7e-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 993760257
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: ToP-6pwSE5S2izH50ZdbP2yGTmRRCdLmUYzpXMGxkWEEcubpsWDGog==

GET
H2 200 5617942.js Show response
onedio.com/_nuxt/ Frame 5BC9 2 KB
1 KB 137ms
135ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/5617942.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 3aa6f4040b6587f7ea3d4f1610000cc2b33a0e99621ebabafae342cdca22dab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1306498
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:33 GMT
server: MerlinCDN
etag: W/"71c-188be5e0608"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 830147520 822849688
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: Vjj9VOjL3gKhulVJvvr9fmA38Oy1VqO5kis4mMArPCeUDGtvVJv-cw==

GET
H2 200 ffa425b.js Show response
onedio.com/_nuxt/ Frame 5BC9 6 KB
2 KB 138ms
135ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/ffa425b.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: fd7b241bc4c86d8e1c6091fc0b97d0782a953c793c527bcba8063f710ca20539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76599
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"161e-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 994712168 994712152
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: pMA6Vvz8p4DEOPWYYgB1mZUIPDqFN2eSdgkxRfuVo9rjll_sGhvIeg==

GET
H2 200 3b5f68a.js Show response
onedio.com/_nuxt/ Frame 5BC9 3 KB
2 KB 138ms
136ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/3b5f68a.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 7f1255a2f606a65de5b7e373bd205bca2f5271778212970f9579a253ed5e0927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 1306498
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"cd0-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 862332872 861545412
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: IcmYtpcG2Xkbv5e9UtcLVmzpBkd3ZoHlLBqXZoAFAciBR5mJ1f3rVQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5BC9 324 KB
105 KB 183ms
63ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba731fde3903207bb0973861c6e321069153e94f683d04ccd14300ee66f27ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106764
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:28:06 GMT

GET
H2 200 s-4de8fff2b24096cdd84cee5c1967660d9a1ee555.jpg
img-s3.onedio.com/id-6124df1c620bb90314d7c362/rev-0/w-50/f-jpg/ Frame 5BC9 774 B
1 KB 109ms
89ms Image
image/webp 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s3.onedio.com/id-6124df1c620bb90314d7c362/rev-0/w-50/f-jpg/s-4de8fff2b24096cdd84cee5c1967660d9a1ee555.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / Express
Resource Hash: 8d65629f8028e0b0f3f75d4d1258be610f0a350aa5c47ca3cfeec1ba56913cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P2
age: 1299487
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: de-fra-dp-s02
content-length: 774
server: MerlinCDN
etag: W/"5a9-uJK5dDmbFbimVLs+jsrQSErI2lM"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: l9skMrYjdRBAtu26WDsAaL8Sg8DdyWYulRmGIToS1IDdjyG16tVcQA==

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/ Frame 5BC9
Redirect Chain

https://graph.facebook.com/10221116671685687/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1691234886&hash=AeSACs_PMtDCwM-Mg1c

12 KB
12 KB

167ms
77ms

Image
image/jpeg

2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1691234886&hash=AeSACs_PMtDCwM-Mg1c
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3ffee9c0bd9411def1f88e476cfc072629841a536edc0abf2927b35ebcaff4d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-haystack-needlechecksum: 2656044498
date: Thu, 06 Jul 2023 11:28:06 GMT
x-fbtype: 30808
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 22 Feb 2022 13:27:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=217840935
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2401581218
content-disposition: attachment
accept-ranges: bytes
content-length: 12616

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-fb-debug: bC0Z2+dUXl5fiR06Iilvx29dfAPjwLxje1V4rWB9KCSay8wwK23n+XUxCnZOlM3vcDB1DAFAFahKpTJ9aBBWGA==
date: Thu, 06 Jul 2023 11:28:06 GMT
x-fb-trace-id: GUQ6jIETacN
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221116671685687&height=200&width=200&ext=1691234886&hash=AeSACs_PMtDCwM-Mg1c
access-control-allow-origin: *
x-fb-request-id: AVZyx-RYZoVKDP7UgnUs9UH
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1007796220
facebook-api-version: v11.0
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 s-2e6293689f5819cdc9c3beec4ca39eff0df32be0.jpg
img-s3.onedio.com/id-5b364aabf7db665011c756d5/rev-0/w-100/f-jpg/ Frame 5BC9 2 KB
2 KB 109ms
90ms Image
image/webp 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s3.onedio.com/id-5b364aabf7db665011c756d5/rev-0/w-100/f-jpg/s-2e6293689f5819cdc9c3beec4ca39eff0df32be0.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / Express
Resource Hash: e38f934d2280782c4bf4cf58e41596ad9dcffa77bdd47e50a616be88a02215e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P2
age: 1170948
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: de-fra-dp-s02
content-length: 1580
server: MerlinCDN
etag: W/"d23-mLbSSycwTXB0Qa6QgzrQY4pim+E"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9qm7cMoC9GImc7W_dS0e3jQnj1mrlFeTI79EfpHGnFZM59QME0p2jg==

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/ Frame 5BC9
Redirect Chain

https://graph.facebook.com/10204851241823419/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1691234886&hash=AeTy_tXLSQREwZ5W1c0

11 KB
11 KB

168ms
77ms

Image
image/jpeg

2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1691234886&hash=AeTy_tXLSQREwZ5W1c0
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ca6445fe2a60e5dbc1e6d30032a038752d6cce4ecf48b49d328378c07e4ad584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 23 Mar 2023 12:33:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1739259846
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1377588197
content-disposition: attachment
accept-ranges: bytes
content-length: 11412

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-fb-debug: XdQEGFY0KPvLcvsWHhaXWCXG3gQbn1G7FiSRmBTooSMACMO1we9cqP9hpLCU+V/m6d0Meqzwump1d3JaB0sojg==
date: Thu, 06 Jul 2023 11:28:06 GMT
x-fb-trace-id: DeHO9mQIH5B
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10204851241823419&height=200&width=200&ext=1691234886&hash=AeTy_tXLSQREwZ5W1c0
access-control-allow-origin: *
x-fb-request-id: AbDnWb47mGg8UHzFCyXTzok
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1007796220
facebook-api-version: v11.0
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png
srv-cdn.onedio.com/store/ Frame 5BC9 986 B
1 KB 129ms
49ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4445041a5221550830f31fa42e138f881676a468e4fedb939c1e0ab0a07eae17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 f4d51e15043614df5b1100d2964816a8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 3531552
cf-polished: origFmt=png, origSize=1953
x-powered-by: Express
x-cache: Miss from cloudfront
content-disposition: inline; filename="254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.webp"
content-length: 986
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"7a1-sa6tAltsWoc5wA5UpY0Z1rF27aQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e278099b89737d4-FRA
x-amz-cf-id: oZVOcdfsCatlRdbJ5ZYU_KOPUQVrqz-66D2Iso3oPhGQGLPMtO0uZg==

GET
H2 200 5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg
srv-cdn.onedio.com/store/ Frame 5BC9 5 KB
2 KB 127ms
47ms Image
image/svg+xml 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c28e62ec408f34ca18b76298f690009e78700af3010365f6a6e7226e924416e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 69bd99223bbe7be5d36f0fa13d71bf84.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 3531681
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"1567-Gf2hzU325PtbOomKigrNqYY2reY"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e278099b89e37d4-FRA
x-amz-cf-id: H4VgMESF_hMswHIa22XLp9IYz4PBiC1BHoitruNOIdm65LC_YMGxkA==

GET
H2 200 6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png
srv-cdn.onedio.com/store/ Frame 5BC9 878 B
1 KB 135ms
55ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 36de549fa81b509bf426b8c57b5842e2857f1ac66456c567d552ac5a890dcd85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 6f5ac69c39e434663876b6bbf4ccb97e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: OTP50-C1
age: 3531552
cf-polished: origFmt=png, origSize=1902
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.webp"
content-length: 878
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"76e-8ctQNEopR+fZIMwoSznLo2H5szA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e278099b89c37d4-FRA
x-amz-cf-id: rvhaUnCsivDMeQ8p2_PNXqIRcQsktz2D-6KRF1gDfn0veKcYqqy8hg==

GET
H2 200 18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg
srv-cdn.onedio.com/store/ Frame 5BC9 12 KB
5 KB 123ms
43ms Image
image/svg+xml 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 39dce9bed1229c0ea63b578fa41d43deedadad5a254d1c109a6b9befab766f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 7d1d59e1d7c17682b3d50dee49f3f96c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 3531552
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"2f8e-DhNaZwN/38b45yAT1OpnoNY30CE"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e278099b89f37d4-FRA
x-amz-cf-id: nSF_u2JRnPs8WCq4G3lcouZQ-UgPFETltECk3KZ3Ss0SUtnTCQgVuA==

GET
H2 200 cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png
srv-cdn.onedio.com/store/ Frame 5BC9 814 B
1 KB 125ms
46ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 15726d6a6db473c829365e69e31d4e97604cd5cafe876d8597b3fbc869719b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 c3e62b5fb62dc34600994deeae6bb470.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 3531681
cf-polished: origFmt=png, origSize=1578
x-powered-by: Express
x-cache: Miss from cloudfront
content-disposition: inline; filename="cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.webp"
content-length: 814
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"62a-Thg0vcfkZSwukYv6/Pk6DHGPLVU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e278099b89937d4-FRA
x-amz-cf-id: FnoDZ0iaTQE61vEUKQyOuQ4SWJyO0ab7aIw5tPubgCfJYlAodvJc6w==

GET
H2 200 76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp
srv-cdn.onedio.com/store/ Frame 5BC9 4 KB
4 KB 127ms
48ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 944089b44ec5f876426cd30b5cd76e18a09d4178aa06f2acea7b50f9fd61e67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 77c9518ff58162b5acfe6c69f9a24ec8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 3531681
x-powered-by: Express
x-cache: Miss from cloudfront
content-length: 4338
server: cloudflare
etag: W/"10f2-SvE1aR+U5T/v7oqvI4RKhTf5zFU"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e278099b89a37d4-FRA
x-amz-cf-id: Me1jlPoJ7Hgg-1WlYW2y8jppRWepIW6yUqG2dJBtUornccNQD9eU1w==

GET
H2 200 a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png
srv-cdn.onedio.com/store/ Frame 5BC9 2 KB
2 KB 47ms
45ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dba49107edbd020f83668ba1c661b3d240621d37c01a6d3d4a8078300b9a4069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 7564e806c7d8686b031d863cf92ad6d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MAD56-P3
age: 1191907
cf-polished: origFmt=png, origSize=4862
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.webp"
content-length: 2182
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"12fe-uBEf34GH694nTuxfI9tSHWFjr0Q"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e278099e8f637d4-FRA
x-amz-cf-id: P47Vnx61eoPe6g63etHJmsayRkHtZrtGIozvUr7nmtQaaBH0rjmMkA==

GET
H2 200 f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png
srv-cdn.onedio.com/store/ Frame 5BC9 3 KB
4 KB 45ms
43ms Image
image/webp 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 55fe4e70c417bb19b37d1824c282a9ec1804103d00436f3236c173a51a2f85b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 6f35c519b101df1a1b9031120a6b276c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: OTP50-C1
age: 3531552
cf-polished: origFmt=png, origSize=4340
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.webp"
content-length: 3480
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"10f4-gsbWFHWJPHVpHvoITTXJalPjJ6s"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e278099e8f937d4-FRA
x-amz-cf-id: ToPscPXs8xoLj-NqdeCgRhtiU58DUZxuVFQbZ-MsJFk1KbDYfmDHRA==

GET
H2 200 667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg
srv-cdn.onedio.com/store/ Frame 5BC9 5 KB
2 KB 46ms
44ms Image
image/svg+xml 2606:4700:10::6814:e25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2456ef3475fff167027aecdbf0400a036b2f383db83707c3234103d0f03d9421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: 1.1 e19aed1f6c91c2644d0ca17ce8be7af2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: SOF50-P1
age: 3531681
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"1341-HkNNtvvRHBHy5muqVr6wRTl+u2M"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e278099e8fa37d4-FRA
x-amz-cf-id: ZaqwjAXdyeFXG6xqit4yqjpB1hdRlxhcq5acrSIQWOT3RtYZWd9FAA==

GET
H2 200 s-6733f109504dec046a91ea51d989d1bef076ae35.jpg
img-s1.onedio.com/id-617049563479d0fc41763e90/rev-0/w-1200/h-800/f-jpg/ Frame 5BC9 17 KB
17 KB 53ms
29ms Image
image/webp 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-s1.onedio.com/id-617049563479d0fc41763e90/rev-0/w-1200/h-800/f-jpg/s-6733f109504dec046a91ea51d989d1bef076ae35.jpg
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / Express
Resource Hash: dff8d5b5010e0d1688047c44227da659b5163ed1af0689bd96acc79f7f3b997b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
x-amz-cf-pop: FRA56-P2
age: 1260517
x-powered-by: Express
x-cache-status: HIT
x-cache: Hit from cloudfront
x-onedio-cache: FRONT
x-midtier: de-fra-dp-s02
content-length: 17406
server: MerlinCDN
etag: W/"c43b-zUgjIWOquD0x3TVFmWyFKRDLisc"
allow: GET, HEAD
content-type: image/webp
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mCrzwVGRMkBr1EjR3VrtuDQVA3MNPHVfQQrjS0Dhn7jtQYSYEXLbYg==

GET
H2 200 7daaa5a.js Show response
onedio.com/_nuxt/ Frame 5BC9 5 KB
2 KB 30ms
29ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/7daaa5a.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/e5407f9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 467150f57e3950f97d315a86791fa22e24d1a4f2e3b515bb2898a44cc7e0d494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 1306497
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 14:13:13 GMT
server: MerlinCDN
etag: W/"1486-188586808a8"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 760646438 683228067
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: iQmjHrMU7yrffv-7UQS5f_2MZ75sRtfNHWzK_izyGhK_oLmZL7W6EA==

GET
H2 200 d8aac31.js Show response
onedio.com/_nuxt/ Frame 5BC9 1 KB
1 KB 28ms
28ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/d8aac31.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/e5407f9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 2e41f9946ceda33fce9bba3f4a1702e2a52e2cfa7bb6b600661a7333523f9e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: AMS1-C1
age: 1306497
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:32 GMT
server: MerlinCDN
etag: W/"444-188be5e0220"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 857729211 861705254
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: Gj9huTmz5buyc7tR7fC3Uv7LoFNv2ycswdAgNaWah1Bb32tZwoGoFA==

GET
H2 200 tag Show response
a.teads.tv/page/118539/ Frame 5BC9 752 B
802 B 181ms
65ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/118539/tag
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 887a3a4f200a899e84097749a9412f749c61744b76f287de50a76cb532308166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 469
expires: Thu, 06 Jul 2023 12:28:07 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ Frame 5BC9 11 KB
4 KB 154ms
39ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 7M143009WAXN3Q25
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=

GET
H2 200 status Show response
event-collector.analytics.onedio.com/ Frame 5BC9 52 B
241 B 217ms
42ms Fetch
application/json 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/status
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/ec87d37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 56639c53fbc08d334e0001abb9cb4724cb57cb476150d64d7fc1211570d2bed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"34-LvmAuf9zCrGFmWivWzjtCzRpG+o"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52

GET
H2 200 91769df.js Show response
onedio.com/_nuxt/ Frame 5BC9 141 KB
42 KB 35ms
35ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/91769df.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/e5407f9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: ed1f184fa3d298aaf01b99d934858b3ecb6243cd4efdea6b0f14a0b3d1ae480f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 1306498
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-cache: Hit from cloudfront
last-modified: Thu, 15 Jun 2023 09:23:33 GMT
server: MerlinCDN
etag: W/"235da-188be5e0608"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 827969061 829267644
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: D_aHVqOQmpzXPITNC3hyaxNKfO5TemLh8Fy0dM6L-mm5wXXdX2naTQ==

GET
H2 200 hit Show response
services.onedio.com/prod/counters/ Frame 5BC9 105 B
379 B 320ms
227ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.onedio.com/prod/counters/hit?key=article%3A61704b2b6e8a878b642c2aa3&referrer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424959c1701510c4c49f73abd3c3584b948df2aba0e6372e937dd8bd57f4629b

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cf-ray: 7e27809c8eed2ba3-FRA
apigw-requestid: Ho7DLiNSjoEEPJA=

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/onedio/ Frame 5BC9 966 KB
69 KB 108ms
33ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/5617942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2522ea72cf85a59bf326c15b291a9ffe12f2cdc9e2ac372afb444ed56b6fc19f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: VyIPb.afvwWQ8fIRFqFQllzkaqHd.NBr
content-encoding: gzip
via: 1.1 varnish
date: Thu, 06 Jul 2023 11:28:07 GMT
x-amz-request-id: SZWVFZPTN5QBTD7C
age: 5416
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 15
x-amz-replication-status: FAILED
content-length: 70196
x-amz-id-2: PFYQgzr65GxO1PvrzHXXd9dC3JlQdw7ZJ2nvEOcz1PV6ffJBk5t9Die6VEueiBX7PMN1bWwL6f0=
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Thu, 06 Jul 2023 09:47:03 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688642887.192568,VS0,VE2
etag: "4b7f253e253194a70209f11fc939dec3b93d9086"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 32
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 466fa35.js Show response
onedio.com/_nuxt/ Frame 5BC9 44 KB
9 KB 31ms
29ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://onedio.com/_nuxt/466fa35.js
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/e5407f9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 3bcf5308354d3c79138aafdf9ce68893233c06571cefb4495c92ebfc8f0e535f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 76598
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-cache: Miss from cloudfront
last-modified: Wed, 05 Jul 2023 14:03:24 GMT
server: MerlinCDN
etag: W/"ae10-189265d6be0"
vary: Accept-Encoding
allow: GET, HEAD, POST
x-varnish: 992595153
content-type: application/javascript; charset=UTF-8
x-edge: de-fra-dp-s01
cache-control: public, max-age=31536000
x-amz-cf-id: gaxRvZzIhdu02uXaTueN-3bUOQdV95ZANl1lex3MKQH3ILKROQIJ2w==

GET
H2

200

/
dmp.adform.net/dmp/profile/ Frame 5BC9
Redirect Chain

https://dmp.adform.net/dmp/profile/?pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1688642887101
https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1688642887101

35 B
231 B

43ms
43ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1688642887101

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

Redirect headers

location: https://dmp.adform.net/dmp/profile/?CC=1&pid=10548&sg=Do+It+Yourself+-+DIY&timestamp=1688642887101
date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0

GET
H2 200 recommendations Show response
recommendation-api.analytics.onedio.com/api/v1/ Frame 5BC9 84 B
272 B 134ms
40ms XHR
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/recommendations?placementId=1&scopeId=1&organization=onedio&product=onedio&version=1.0.0&categories=Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F&page=1&limit=9&additionalFields=description%2Cauthor
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e3c5113869fed7cf5fbbb2fb64ba2e5c29fc9043e01e0d3a90b39024e0d0b20c

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"54-mjGPcqtI3tmtCT/QyDHmmCBl1DQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84

GET
H2 200 breaking-news Show response
api-onedio-production.onedio.com/v3.5/browse/ Frame 5BC9 11 KB
4 KB 173ms
93ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/browse/breaking-news
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cd7c1633b735df848f65451a671504864a2e2d56337af0ab785cdf512fdeae

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 1ms
date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7e27809d594a3764-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 5BC9 2 KB
1 KB 107ms
28ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230706

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e74b44db7c72f59a2d83ee6f05fc07fd206b4ce562af4307000d9977bac0ffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 11:28:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26834
x-jsd-version: 1.0.1742
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 887
x-served-by: cache-fra-eddf8230049-FRA
x-jsd-version-type: version
etag: W/"63f-4r+4dfby0UaHM4qLw7kYhIZg2bE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ Frame 5BC9 136 B
540 B 101ms
29ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

0322b00cb6bad591b726254678daf5a09db33b9f34db5fe69dbd4ae2095d2929

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Thu, 06 Jul 2023 11:28:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5BC9 43 B
365 B 37ms
36ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jun 2024 11:28:07 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5BC9 43 B
365 B 39ms
39ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jun 2024 11:28:07 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ Frame 5BC9 392 KB
125 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 06:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19455
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 06:03:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5BC9 121 KB
47 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26809107-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8133d9fb7ff61ea55d7ef4b8831893b41c47c599c91cabb4aa6e59a7976eeaa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48155
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 11:28:07 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 5BC9 197 KB
65 KB 286ms
75ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PGQP2CC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d003df9df69b47f263ab9040f056fa8d7af14844454a853cebd9bba4c4b0a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 11:28:07 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 5BC9 212 KB
76 KB 81ms
80ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-7NQXL6GR3D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6b30f926a5a539bb0ddfd4e2a2347bafe72c237adc749dd55d1dc5f1a3c2c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77669
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 11:28:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5BC9 52 KB
21 KB 257ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 10:35:20 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3167
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 12:35:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 5BC9 171 KB
47 KB 31ms
30ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:28:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: GmmoD259ziYv5Lrtv0T2Wd6SYSiuyuiLiGlkF5aVQXzLDDrHTtFo/4VRRCe4/uAj44gASNEpvHRr+R60woj1hQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

adformat.js Show response
s2.adform.net/banners/scripts/audiencetag/ Frame 5BC9
Redirect Chain

https://dmp.adform.net/audiencetag/adformat.js
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

7 KB
3 KB

203ms
46ms

Script
application/javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 422f44f37be3ad1dc211805c2f45188eb4a74e2bb9b6e4afe2379c8f0c239008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: gzip
last-modified: Fri, 19 May 2023 06:39:14 GMT
server: nginx
x-amz-request-id: tx000005b23c409a5a92cf9-0064671b3f-32950a8f-default
etag: W/"2a3ea2bbef52aa72db12b0bc03214445"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 5BC9 264 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1034ccaed1f9dbb4c6c0d3895ee792b931e539ecad7d3e0491632dd4df068c65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5BC9 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c85ff0d2c0dba739701435b4ecd7ff4c4139528bef936a19f28ac4ac7cd26065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 5BC9 33 B
397 B 209ms
43ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: onedio.com
URL: https://onedio.com/scripts/pbd7.47.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

40d139ff967f625b8d7de0995ee0b4c583a84f18ab771876db589e9f8710ff3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ Frame 5BC9 605 KB
132 KB 37ms
37ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/118539/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 92d18b6789b50e67200333a9ae06a35404dc41dbdd634ef7d8cfb0898227382e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 08:46:24 GMT
x-amz-request-id: BADF9D9GDZGJMV1G
etag: "9d5d08c73871a5e0b624fafc83cf87dc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: e
accept-ranges: bytes
content-length: 135073
x-amz-id-2: lmfctl+I0c0wSmyquMre34VqKlswV7H90m5yJnWxrzmLcFMOz/cnyMC5pjBfScB7tNyN/ZDgtzY=
expires: Thu, 06 Jul 2023 11:58:07 GMT

POST
H2 200 events Show response
event-collector.analytics.onedio.com/ Frame 5BC9 32 B
124 B 39ms
39ms Fetch
application/json 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/events
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/ec87d37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash: adda67abf8e0f8731a86e3aefb53b93847656f20799f63d181ae0c9cd2638adb

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"20-LpvOmjUM2g6vtazb7wSJ11MN1rM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 interface
s8t.teads.tv/logs/publishers/ Frame 5BC9 0
0 245ms
82ms Image
text/plain 2a02:26f0:4700:2a3::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/publishers/interface?%7B%22source%22%3A%22script-analytics-tag%22%2C%22errorMessage%22%3A%22not%20top%20window%22%2C%22exception%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22analyticsTagId%22%3A%22PUB_21080%22%2C%22scriptVersion%22%3A%228480ba3%22%7D
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:4700:2a3::26e5 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

OPTIONS
H2 204 events
event-collector.analytics.onedio.com/ Frame 0
0 40ms
38ms Preflight 34.117.159.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event-collector.analytics.onedio.com/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.159.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.159.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onedio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 06 Jul 2023 11:28:07 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame 5BC9 15 KB
4 KB 108ms
107ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=530bd809764e7634c69c39c9&page=1&limit=8&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b476265f9e71b99380c41f578380a85bbd0b825f0e9e980c3a2174c71217ab9

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 2ms
date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7e27809f2bc03764-FRA

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame 5BC9 8 KB
3 KB 74ms
73ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=50ce951f28e98bd23f000011&page=1&limit=4&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be8a3425835bfaafbc29f69b9abd874c517cf3394efe197e42e458a7a0d337a

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 1ms
date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7e27809f2bc13764-FRA

GET
H2 200 articles Show response
api-onedio-production.onedio.com/v3.5/ Frame 5BC9 11 KB
3 KB 106ms
106ms XHR
application/json 2606:4700:10::6814:f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-onedio-production.onedio.com/v3.5/articles?categoryId=5f7c351b57dac2cfc44d7f78&page=1&limit=4&sort=agingPopular&useHasNextPage=true&author=true&categories=true&breadcrumb=true
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/2c983e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b226caa0ba4d269c9285e9aef4672d688aa8fc6c7cbe5f539461a96e85e596b6

Request headers

Accept: application/json, text/plain, */*
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 1ms
date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
cf-ray: 7e27809f2bc33764-FRA

GET
H2 200 load.js Show response
pm-widget.taboola.com/onedio/ Frame 5BC9 3 KB
2 KB 330ms
313ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/onedio/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6c21bbb6b819f7dba5c0b474b64535c13d53512c9c1e402a92b94b424dac95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: edibv5YY0QsddQPLEPWDiAieJ7baIXqS
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 11:28:07 GMT
x-amz-request-id: 8W5CZMY53R0APNT2
age: 39322
x-cache: HIT, HIT
content-length: 1314
x-amz-id-2: aEuxUep1Kcn/2gsrcvuLMq5vZ5JpCfcls6YX9qvCft+CZ+jARAwbQ/sCihVwiFiefQPksQ6qC6c=
x-served-by: cache-bur-kbur8200123-BUR, cache-fra-eddf8230081-FRA
last-modified: Fri, 28 Apr 2023 08:20:15 GMT
server: AmazonS3
x-timer: S1688642888.600384,VS0,VE276
etag: "a01bae8d0f5282875463a44413e5a731"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 23171, 1

GET
H2 200 impl.20230702-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 5BC9 784 KB
163 KB 32ms
32ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230702-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 713c1febf6652315a352173ca5d8b84c2360a8581de2b966edb09c2cb92c48f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: c2ylfPoDZp3jnzZXBwwN81L6rXDdm0Qw
content-encoding: br
via: 1.1 varnish
date: Thu, 06 Jul 2023 11:28:07 GMT
x-amz-request-id: GM2KZXWSVJPE9QPC
age: 6685
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 166013
x-amz-id-2: o0sTp/iotV/rYTE4jIlCCSiyiqYxYTmYH9ao7vkhPaJ0RKZlKGk7D/MJCawZR9ctJNiP9BIiay4=
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Sun, 02 Jul 2023 09:28:56 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688642888.584089,VS0,VE0
etag: "2ecbba8c7a0f1c2a29795dd93a595afe"
vary: Accept-Encoding
content-type: application/javascript
abp: 70
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 21444

GET
H2 200 status Show response
recommendation-api.analytics.onedio.com/api/v1/ Frame 5BC9 91 B
186 B 44ms
39ms Fetch
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/status
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 96c248ed6596a211aebf66eca21eb95634a613c77b3aea467801aea400acb1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"5b-mfr+JSkeyM+9BEELxE6+6OT8+sU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91

GET
H2 200 418147985044065 Show response
connect.facebook.net/signals/config/ Frame 5BC9 300 KB
86 KB 36ms
31ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/418147985044065?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d8c85a1ac410f13b7a6aa3ca691d1f716189e04d6ecd734f64ee9e2e2a46d32

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 11:28:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87943
x-xss-protection: 0
pragma: public
x-fb-debug: zJd0Kf1QrYF6N+1ndfAf3aNEO2djbE8IGsGRxZ1w15gC6vvK9058hQjP7+aoARU+BEYecPJPM4Gx4bViK0aE5g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
192 B 166ms
44ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=25150488472

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
191 B 165ms
46ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=8508581588

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
191 B 163ms
45ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=79669538221

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
191 B 159ms
45ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=32511823636

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Jul 2023 11:28:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H/1.1 200 1291.json Show response
id5-sync.com/g/v2/ Frame 5BC9 241 B
645 B 152ms
54ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1291.json

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

c518fd56efade963216339c5eaf82afa6221043302a69f595a4e78c6dbf1457a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 track
t.teads.tv/ Frame 5BC9 23 B
104 B 163ms
58ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=5260ed2d-8abb-4a16-adb2-f1b4302e58ec&pageId=118539&pid=128615&debug_metadata=8Eb1tXtKQJ&fv=1214&ts=1688642887825&f=1&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame 5BC9 23 B
134 B 175ms
70ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=5260ed2d-8abb-4a16-adb2-f1b4302e58ec&pageId=118539&pid=128615&slot=native&fv=1214&ts=1688642887832&f=1&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 06 Jul 2023 11:28:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 5BC9 3 KB
2 KB 291ms
176ms XHR
application/json 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a4cda632f3318710f2d98d632b05ab010790896e0b098175f49fc9617a4edfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5BC9 0
172 B 126ms
34ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Thu, 06 Jul 2023 11:28:07 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
191 B 61ms
61ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=7497492346

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 ad Show response
a.teads.tv/page/118539/ Frame 5BC9 541 B
698 B 68ms
68ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/118539/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&auctid=5260ed2d-8abb-4a16-adb2-f1b4302e58ec&formatVersion=1214&env=js-web&netBw=10&ttfb=31
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 61dab6ed9bacee774fb16e7676dad70ba2897ea2c97216b1bc296388e121cfbd

Request headers

Accept: application/json; charset=UTF-8
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:07 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://onedio.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 362
expires: Thu, 06 Jul 2023 11:28:07 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 5BC9 0
619 B 222ms
179ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://onedio.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5BC9 0
172 B 55ms
33ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Thu, 06 Jul 2023 11:28:07 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
191 B 46ms
45ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=70646871016

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 5BC9 3 KB
2 KB 211ms
173ms XHR
application/json 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

25a5c06c35c1e7830da4bfe3e9e4e5f281e1e1464b4f4ece082e234118fa0b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
191 B 45ms
44ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=16178146329

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5BC9 0
172 B 51ms
35ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Thu, 06 Jul 2023 11:28:07 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame 5BC9 0
191 B 46ms
45ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=48377139367

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 5BC9 3 KB
2 KB 189ms
154ms XHR
application/json 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

228a36ed635b941f6d4b7c94b25aefe85c8d68875b8d9651d0f04c2e35442985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://onedio.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5BC9 0
173 B 46ms
33ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onedio.com
date: Thu, 06 Jul 2023 11:28:07 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5BC9 0
78 B 46ms
45ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5BC9 43 B
365 B 39ms
38ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jun 2024 11:28:07 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5BC9 43 B
365 B 38ms
38ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jun 2024 11:28:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BC9 107 B
456 B 205ms
66ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onedio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 627 B
383 B 1360ms
1358ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=1503716979755997&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Pageskin_Genel_Left&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C140x600&ifi=1&adks=2081268503&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642887967&lmt=1688642887&dlt=1688642886347&idt=1360&adxs=80&adys=376&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=uy2zup5w4tzr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x5350&msz=160x-1&fws=768&ohw=0&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8f58403ae42d7f040e0c25f450186b5043f0199db4b2e6be6b4563c2fa09c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F238 6 KB
3 KB 222ms
65ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
expires: Fri, 05 Jul 2024 11:28:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5BC9 0
78 B 45ms
44ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 347 B
177 B 107ms
105ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=3317444728037766&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Data_Collect&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=511466349&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642887987&lmt=1688642887&dlt=1688642886347&idt=1360&adxs=251&adys=5726&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=84hxurxf4y6d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=1100x2&msz=1x-1&fws=256&ohw=0&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f0afd448c2df25721731bba58e9819ae9583833eb2e90f0a538f8a821cf2348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5BC9 0
78 B 44ms
44ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 58 KB
14 KB 437ms
436ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=3429803775327055&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Sponsored_%C4%B0%C3%A7erikYan%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&adks=2318357959&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642887996&lmt=1688642887&dlt=1688642886347&idt=1360&adxs=1029&adys=541&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=5et4g9h08bc8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c23967b0c54829af72943eab72c944232ef2172d16a1d58194b1e02954533431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14515
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5BC9 0
78 B 45ms
45ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 414 B
196 B 370ms
369ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=1478325252848310&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_Pageskin_Genel_Right&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C140x600&ifi=4&adks=3875572001&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642888005&lmt=1688642888&dlt=1688642886347&idt=1360&adxs=1360&adys=376&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=uldpkbsgwogu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x5350&msz=160x-1&fws=768&ohw=0&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fd68eb38200a435d3464725406880ae786dff9dffa8dea7d8e39ca008a8c718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame 5BC9 3 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Jul 2023 11:34:26 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ Frame 5BC9 74 B
435 B 208ms
64ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H3 200 push-notification-platform Show response
recommendation-api.analytics.onedio.com/api/v1/user/ Frame 5BC9 69 B
85 B 42ms
42ms Fetch
application/json 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/user/push-notification-platform
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: de7713832e8617ed0535afa5ccf9ff63dc6b8bb4512664185a4b9e5d7f1abcc6

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"45-2rSfLWY0Uw0T3cV0z/i/mcLPZVo"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69

OPTIONS
H3 204 push-notification-platform
recommendation-api.analytics.onedio.com/api/v1/user/ Frame 0
0 41ms
41ms Preflight 34.111.136.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation-api.analytics.onedio.com/api/v1/user/push-notification-platform
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.136.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.136.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onedio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 06 Jul 2023 11:28:08 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H2 200 cookiesegments Show response
dmp.adform.net/audiencetag/ Frame 5BC9 2 B
246 B 44ms
44ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDU0OF0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJkbXBfdXNlcnMiLCJleHAiOjE4MDE3MzQyNDUsIm5iZiI6MTQ4NjM3NDI0NX0.4SMC1tfOK3v649sBGDbZNaTlLE_E9L479UK90GsG6TI

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ Frame 5BC9 0
185 B 100ms
28ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418147985044065&ev=PageView&dl=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1688642888052&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&it=1688642887595&coo=false&rqm=GET

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:28:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 5BC9 0
31 B 100ms
28ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418147985044065&ev=ViewContent&dl=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1688642888054&cd[content_name]=Kredi%20Kart%C4%B1%20Aidat%C4%B1n%C4%B1z%C4%B1%20Geri%20Alabilirsiniz%3A%20Kredi%20Kart%C4%B1%20%C4%B0adesi%20%C4%B0lgili%20Bilmeniz%20Gereken%20Her%20%C5%9Eey&cd[content_category]=Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F%20%3E%20&cd[content_ids]=%5B%221010878%22%5D&cd[content_type]=news&cd[content_editor]=ruready&cd[content_date]=2021-10-23&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&it=1688642887595&coo=false&rqm=GET

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 11:28:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 5BC9 46 B
288 B 137ms
44ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230702-3-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 258346
expires: 60

GET
H2 200 pmk-20220605.8.js Show response
pm-widget.taboola.com/onedio/ Frame 5BC9 86 KB
24 KB 28ms
28ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/onedio/pmk-20220605.8.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/onedio/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 077a758c165eced3316ba482308d475ebebfecf3040daacf54558be0db9d19af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8RaoF9DwyxjBcgKM6OBDbh1U_YlysD0g
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 11:28:08 GMT
x-amz-request-id: DZRT7QECK5TNJTN7
age: 5972830
x-cache: HIT, HIT
content-length: 24009
x-amz-id-2: W/o/L7cS+NJrL0Lm/4+OteToJnHPAw9Hcn8dNdc/ZEpZUGAxz6dwRTf+U36cRd1c5m9slPuK6ww=
x-served-by: cache-bur-kbur8200113-BUR, cache-fra-eddf8230081-FRA
last-modified: Fri, 28 Apr 2023 08:20:12 GMT
server: AmazonS3
x-timer: S1688642888.102275,VS0,VE0
etag: "745d9593e177572ec01004762570e98c"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7757, 1644

GET
H2 200 track
t.teads.tv/ Frame 5BC9 23 B
134 B 56ms
56ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-browserInfos&fv=1214&ts=1688642888092&env=js-web&auctid=5260ed2d-8abb-4a16-adb2-f1b4302e58ec&pid=128615&hb_provider=null&f=1&debug_metadata=orientation%3Alandscape-primary%2Cangle%3A0%2ChistoryLength%3A2%2CviewportHeight%3A1200%2CviewportWidth%3A1600%2ChardwareConcurrency%3A4%2CdeviceMemory%3A8%2Cbattery%3A%7B%22level%22%3A1%2C%22charging%22%3Atrue%7D&referer=https%3A%2F%2Fpcloak.blob.core.windows.net%2F
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 06 Jul 2023 11:28:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 83 KB
27 KB 474ms
473ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=2924267341726625&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikYan%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=1969900062&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D0.65%26hb_adid_adf%3D25efb2ead15421d%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.65%26hb_adid%3D25efb2ead15421d%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642888146&lmt=1688642888&dlt=1688642886347&idt=1360&adxs=1029&adys=1275&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=4y5kg81l8qjn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff12a318c9a34dca0830f75f8bece850f8b02c8be85b914f9561ee4f0286e026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27190
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 59 KB
14 KB 604ms
603ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=737900181144229&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikAras%C4%B1_TopRight&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=6&adks=3569613027&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D2.06%26hb_adid_adf%3D264606a47660541%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D2.06%26hb_adid%3D264606a47660541%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642888162&lmt=1688642888&dlt=1688642886347&idt=1360&adxs=636&adys=907&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=38nb39ttl2w3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=357x250&msz=300x250&fws=256&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

613c98e975ac5b6d613be6e5559805524d5f9946f06851acf809ac55866e430f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14632
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 23 KB
10 KB 382ms
381ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=984671682024732&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2Cmasthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1100x250%7C980x250%7C970x250%7C940x250%7C728x90%7C1100x1&fluid=height&ifi=7&adks=2332837411&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1%26hb_format_adf%3Dbanner%26hb_size_adf%3D970x250%26hb_pb_adf%3D0.65%26hb_adid_adf%3D275a78f99c7a84a%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.65%26hb_adid%3D275a78f99c7a84a%26hb_bidder%3Dadf&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642888177&lmt=1688642888&dlt=1688642886347&idt=1360&adxs=250&adys=241&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=94n1ueoj8yid&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=1100x-1&msz=1100x-1&fws=256&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb215af10c84978b06159bbcfbcfbac0464ea302415f83edc4133f3a192ee27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10697
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BC9 23 KB
11 KB 484ms
484ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107566322556794&correlator=3522008165489735&eid=31075759%2C31075761%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=21814681%2COnedio.com_Desktop_%C4%B0%C3%A7erikAras%C4%B1_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=8&adks=3485359229&sfv=1-0-40&prev_scp=PageType%3DArticle%26kategori%3D62390e534c037f8216162716%26etiket%3DAnasayfa%2CMan%25C5%259Fet%2520Galerileri%2CMedya%2520Galeriler%2C%2523kredi-kart%25C4%25B1&eri=1&sc=1&cdm=onedio.com&abxe=1&dt=1688642888187&lmt=1688642888&dlt=1688642886347&idt=1360&adxs=279&adys=907&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=1a4f7stl2qfe&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=357x250&msz=300x250&fws=256&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1034511302.1688642888&ga_sid=1688642888&ga_hid=1103887255&ga_fc=false

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85bf7170e4c4975a16ce5099da122f2829f0181ee17ad68f9f5d483384c5b22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11010
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ Frame 5BC9 3 B
364 B 208ms
65ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://onedio.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 381F 15 KB
6 KB 49ms
48ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 395097
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5BC9 15 KB
12 KB 254ms
111ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env

Requested by

Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

569cf4c6f4f4ed37b079c0bc84b13c80548dbd23f35ec36a221fc8c72a634fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11869
x-xss-protection: 0

GET
H2 200 bundle.js Show response
tpx.tesseradigital.com/dist/ Frame 5BC9 26 KB
27 KB 138ms
65ms Script
application/javascript 35.157.179.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tpx.tesseradigital.com/dist/bundle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T48ZBT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 950604ea8e00e89a075ac97048d1eb53e8a8c49036246c461c8ea5f8f60da854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
server: nginx
etag: "7bc04eb0f9fee8dffd6296dff9fa69ca7e71898e"
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 26906

GET
H2

200

sid Show response
mug.criteo.com/ Frame 381F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=onedio.com&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=S190_Hx2NDExWVVPbHljMmtJeEoyWE83MlNQb0hYSFJKaW9UdXlqWXpZZlMrK1duZjQzTTdocC9ITUIxV01rYkpyRldEbzYzdklDU1RiM0FKeDYwbWFkSUZxazhma2lhNGZVeXlHWjlEUGRBejRCTzFxU1pFUlRycThDbF...

435 B
654 B

110ms
32ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=S190_Hx2NDExWVVPbHljMmtJeEoyWE83MlNQb0hYSFJKaW9UdXlqWXpZZlMrK1duZjQzTTdocC9ITUIxV01rYkpyRldEbzYzdklDU1RiM0FKeDYwbWFkSUZxazhma2lhNGZVeXlHWjlEUGRBejRCTzFxU1pFUlRycThDbFAwcjh6SEt0WXBpbWFIZEpLS2ZreExPR3V1N3Q0Ykl4THROeUJuRXBLMEpTZi9PZFZRUzdtOWVNRFdDQklPNVJmNGtNK3NGMDlIUkhSZkpoQXR3THJucHc2OTNuVWR1Tis5bi9uTjI3aFVlbFY1SEdGRlNaS1dEMXErWWdHU2xLQnZaU2pBM1E0NnBpK1E4OVRCYlVIMjNBMFZLRXR2WlFmeE41bWQzazNjQTVEV1hBOVV1Yz18&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f1db52e8374c5efa6d73c3a2ae9d15b493e6b16ae287963a8412be67186b1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1062391
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=S190_Hx2NDExWVVPbHljMmtJeEoyWE83MlNQb0hYSFJKaW9UdXlqWXpZZlMrK1duZjQzTTdocC9ITUIxV01rYkpyRldEbzYzdklDU1RiM0FKeDYwbWFkSUZxazhma2lhNGZVeXlHWjlEUGRBejRCTzFxU1pFUlRycThDbFAwcjh6SEt0WXBpbWFIZEpLS2ZreExPR3V1N3Q0Ykl4THROeUJuRXBLMEpTZi9PZFZRUzdtOWVNRFdDQklPNVJmNGtNK3NGMDlIUkhSZkpoQXR3THJucHc2OTNuVWR1Tis5bi9uTjI3aFVlbFY1SEdGRlNaS1dEMXErWWdHU2xLQnZaU2pBM1E0NnBpK1E4OVRCYlVIMjNBMFZLRXR2WlFmeE41bWQzazNjQTVEV1hBOVV1Yz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 262840
content-length: 0
expires: 0

GET
H2 200 imp.js Show response
fd.tesseradigital.com/ Frame 5BC9 0
191 B 101ms
30ms Script
text/javascript 18.196.91.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fd.tesseradigital.com/imp.js?_pid=163594704&_ouuid=Dwi9lRPi8mJIDBRmEdfLG3VANdng4UIQooebA9NKlYId&_oprio=0&_oref=https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Requested by: Host: tpx.tesseradigital.com
URL: https://tpx.tesseradigital.com/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.91.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:25:27 GMT
cache-control: no-store,no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Thursday, 06-Jul-2023 11:25:27 GMT
server: nginx
content-length: 0
content-type: text/javascript

GET
H2 204 incoming
tpx.tesseradigital.com/ Frame 5BC9 0
78 B 28ms
28ms Image
text/plain 35.157.179.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpx.tesseradigital.com/incoming?p=false&a=false&b=false
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6y592zf1gbg.html?fbclid=PAAaYRdg6q-IbWktmwCiywbPD9fVMM3RQSD2b356fwPOuEXGVTgfjrmQkXN8c_aem_th_AVwzKiIITSboZvjK_t_N_mG-3JpgOQuwh4DWbjCXpjwYt6HJbGAt22sHK3sfl6mf5fVaiT-coTKgl1RNMdtUlAzC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
last-modified: Thursday, 06-Jul-2023 11:28:08 GMT
server: nginx

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 22DB 222 KB
61 KB 205ms
56ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 65837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 22DB 15 KB
5 KB 313ms
164ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 68944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 22DB 94 KB
28 KB 318ms
169ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 68953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 22DB 5 KB
2 KB 337ms
189ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 68944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 22DB 40 KB
13 KB 339ms
191ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 68950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 22DB 3 KB
1 KB 181ms
63ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400&lang=tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 10:41:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 22DB 3 KB
739 B 184ms
66ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 09:54:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H2 200 15345886465899816651
s0.2mdn.net/simgad/ Frame 22DB 175 KB
176 KB 184ms
55ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15345886465899816651

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8048bdeee305e2dcc903b93015d69d3e0c9c2523bd5c46d2ccba31f59885c896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:30:58 GMT
x-content-type-options: nosniff
age: 370630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179416
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 11:54:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Jul 2024 04:30:58 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 22DB 42 B
668 B 208ms
86ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWwxB6XPBwvOr0e0piEOeS4clh7XW70hdZFcVp4zpieiKN-hbKfbq-pmVUff-s4dEZn36k8xzsFRD7XgV-T5ZjQ100TQnOa0QOlKgKECxOie1cn37EZxoUL1hLpdahlwiV6NbHkppaF1uGHvCl03t5WlOiUQ&dbm_d=AKAmf-CIBdQzrUZJkQdFuzXfcInegRxP_PXPdwtqvo6BM5LAmdaEF9LWQ-iciass6bkvc3hPw-PbSeXwYrMKidELvomf-frPdqSfqsFticRXIbvH8IlGfd7nOiE3wUYqGfim42nLGMETpIpCRY_DNn4zke97GOYKyB6W4DmMZq9D1mESmqfMMnfIP7txcxbR5kVcVbFtKgnbVrJQCCWZDtaTP98340fku1Bv9x0YT1LSLsveMasMjWNUla0umXMA8X8y1qVhGu2-XkFtI7TtzS0KHl9Od4RfP_tkdXOCWJoIFihPW7G9sonyy_Bx7iSW3gavrJ2yYhgOB1ux-xXvYpvX3LeiORl3SFcUoyVpKVxpm3BNyEY5FmlrnzherFjetGsy8lCN07WolKKDivRlPL3FPvO-FKAE-KNjqonz4zjXrG8sYTJd8eonJ7S68CO6Lwupi989AfVak7XtkykX96THylBCtdEcVWbQiR1jWDsQgpdGkm01oraILVVP7PmRbtaKucEfziVoieYWrw1fd4deEwWN5WL2X7DoqUnXnixea7fBQIzhGdnQDf9QJyjS3qD5mJPic6oZlMFutkjBBWjpNKwkYDXwRsGppIS_ND1gU0126Prtby_HA_wXnj1HC97JfIPPpkZXEqSOvHPt7-Gqx0QM-udyFaBNFfYc0X0bed-gm3U1wHibgbLquKATbA3jK1b0YyKq2WNihcytOolQGHyp-Piwf3tFjLKEK8knJCR1lbi3UkiYNQjeGswLJ2sGBw4BzmzirvMqutj27b6rMQ0akzmFug46sjTLetVxYN8UcrjdMj9jlcg32RQ6bCNTRSSEfv4wfrTktGIkAQrmorkZn3YRoTGnbIYq36rRc5xz6jKP5NBr-kk4IdKNIQeY0Y8z5i_Skei7NzF54KwO0DtklfJ18ZTm1O95v3iY_B83DAsQ2BqwZBjVg4jCU3iLV5Vp_UOXwycrOXSUxDbyjc6SDznQBnzTDx2phxlzHc7a0cwgrR6AxKU9EdHkN50Qtxr5UzPkG5im0_N1545DnuVa_Vlu0yUO8gKH4C8cWRo_-sTHCGl6OGTR6v4EFX9cMAI9YzxGV6l9TujE-Q6UO3P-MWonTKdRcpb_ZXCAKvCIcALN7jUf978yimgH843D7UrN3Fq-QxdsWSmrY07stgkx3II6bzjJGBNRk-vEVYKji1xR6hoJl2MabM-qnzNBm2gaFthKUP6thb8J8GV83FObEE-Ao8XZoqi51Le2EHCs1bRMETxS0sTODJ3Ppti6f1T75IYAm5UGDbAeajoB6m_LOjOnFj2GUeitvuQBjtay4ayGKpMwXvFy0MDgiSlvnPFoOs7mZwxCJDWy5_U9CqecIu47HeyQGUAeybsaVDEepeji5DMqce5eLaSX7LUGcUw-1Rz7og5PJo47zFbyYX-GBebabzrRcEROhwDorRzr-0XNlNkCHBb4v1IdLCYlaTijcxpnYLCrke3J842hsVVaBbq0_QWqyhwsG2dx2CoPJamkaAGGaosaTxqvmaCWkk89BWSl9bjrMC1urk-SF2ikkNq-rlSgyBNj7B6Yt8rWYgIjO9tlTZNs5uASuiaKT6Hluotea5ISWiVDN6Xl0DIKFOSDf72C7CKFKDV_obnzOHp88upgjw7Jb6_c4cWur0m6zO2ApRux7whY9BDF3Uf9WyVWGfABq0BkRgpNiv8vFvZpoI0K6fwsQyz6GWZ4Wp2GW9Ylqh8gHmN9sXHat-Ow0tgfYowuwpCwJ1lpPFJh7m1Kvjw8LDQ3fjz9yq3MwUewWz-wHpajuo50TJwCWuzT7FY06YPgHIBzdPikET_WMPLOrNvz7nWqgXuZvKsfSFDRfLHElroIJMIa96u1KAKqUtIfCI6RJWRU1xKblzH3t_KLdLKJK-S1fQ1cNU8XFukIE9Gto-Ix2VXgIjOD5LtP2_MOU7lVmqUT49zzyYoeVpPNYW4DGwJd6IjBFnsF6CbfRXiycP6U95GI1sy5E1a8zOi5lOximbnDhk7O-CsQ5oWgUrTm8VT4urINIkj5izN2vyk2Epa0bEbQIHqQ4Tpq4nB9s0UYdmVLNJq_mp6jZJTDb0rImRXxjlBnJoZcHTCemf-TOrHmN_Gip6UlPWywHwmVfy5osG79nX76BjyuykNKaaGkxQwIoq0fS7BFKm7_Nb27HKJUOmqkkzdTN68gHu7iHQB8t54Q-1xjx92gYsqFG-Pqu3TwOyjcp-osasaVL1H3NUFywiAUFFZNO6xwvI3lHfMgo-5HO_k5KfPCPVP89_fvDZdQSPEMuGUQStb4R_iPr5WKX2eAt4xY2Etv2vW0ayHxyIoZGILmwkQsdNeKRVU2ir8depTjpb5wt-NkGVpsKoINVpBy1Cwt8ZsUcduzTL9TJQwTWgiQgYWiSgXB7to44TgRNeHAA1jTswCgOr9Pv5uKEj25Yp_sfBSyhkiL6yCiWCpyHR42H0o_isUaXA2CFXi0TtGWabXbn0SacuJiQE-_hzyU1wgmXQhLn9KqC4xZjLwMAE4bFgTjiugn3QG26PE_-xwvFT7XQi_ULcAuIZ0bnGRx5Vbdv3NsdqXVUsRsMnpvqXDkB-vVu76sHecf0Cg5CY0Pdsu9HUaXWPbW2ZYMOyFVhXTxMb0ThcnzSzHvcJfRpgzHMs5BjXHKEnNqZaORt898zkniZvr1k_SUARO29WNiUOcEiavRviHZYkVXCzRqK9fDCf6zXRqcVEPlwWnPcdODunHgaRt4ndBvv9rNhZ82Uu5C6X2OOCiilyPgr-YcKtIuYDZddmNvvRQe5Ubnkq3-lDwwPEFmDUBUoxJDygxv8iHAxF6B9mHR6t0FxhGH5YrFCdPZ-ANQQ1ExcXpZ5UU_M3KWvDyVmoMU-w4sqaBuMWNaR0D55PW7xJ3NJ5yUB1cbM8rK_NB32_juzsxVGjj3RHaF1kQ6weKGH0xmy-tTfj5UWI0dFxIKqNlRWMlKH19wv0pY_2JPsG3YAGxHmsO8E9e0U53f4_pvhH2x-JX88jBdN_4QiyJ7tzGheUGOLigzkDDRhXmlLtFp34FR5f7_H5ZV2EgD1cWpi4INxzqf0OqkbkUtGcP-XXjhNEtzz1F28fH7MfsEuUJgn36Lk4h1RV17WRGRxOflJ0U7kxHw6pEWgaFzlW-WhnnGqaEpXlryEnHWXdLUQEllMesdvdMDLRRlFoTT28R29wFKEzmDLJJAsNkuxGAMFNtvmQpWJfj_aZxmW9pXspePJL1SV2FdEFzJPCIsylqrio5dMdDnRf6KLOqQGD6CroIPI6aalruNJ4khRIRfJKbEmviCTGpmg7SmbODLG5krIhM2FDIuTIajSuODuoMpy4gwteT3jrxcpy2wYgiemEX-eIUe89qy2VKY3TxlYCB8femEt-2wb9BwK9J7fX8bLXtGZ8EAoRFDnqcsxt8ZBHA2muNKxpWQbYv6mCfYLnVO02HrmfqamaES3Ln2MjJfOlqAMm5HzqglNWg1JRzyhLAfhXep4Plv03bekiHYRFaAQV0VO3OEEtaaOVNS1PRRwm8a7D5g3fUYkBVsixCQyyJfyk3XDYxCaAPZtxIHkN7P8QKEUOsBiaGas14Kr32VaPM_l0fO_Xneo57Lrgib1-B7QLUFwyGJzZeDNfXOFOXDL9FZL9GUw2uPVSFLE_uHvGzvfcMkjXFSIkOXPCNfoqM&cid=CAQSGwBygQiD0VgN3SuWZv7x2pBTPfJ4DFnYGma4YxgB&dc_exteid=31149963193895165395644420398615707&dc_pubid=4

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B30072002.368830480;dc_pre=CJusnvz8-f8CFaXhuwgddOAKPg;dc_trk_aid=559763456;dc_trk_cid=193688982;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N51703.3848558MATTERKIND3/ Frame 22DB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N51703.3848558MATTERKIND3/B30072002.368830480;dc_trk_aid=559763456;dc_trk_cid=193688982;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
https://ad.doubleclick.net/ddm/trackimp/N51703.3848558MATTERKIND3/B30072002.368830480;dc_pre=CJusnvz8-f8CFaXhuwgddOAKPg;dc_trk_aid=559763456;dc_trk_cid=193688982;ord=[timestamp];dc_lat=;dc_rdid=;ta...

42 B
118 B

77ms
75ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N51703.3848558MATTERKIND3/B30072002.368830480;dc_pre=CJusnvz8-f8CFaXhuwgddOAKPg;dc_trk_aid=559763456;dc_trk_cid=193688982;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N51703.3848558MATTERKIND3/B30072002.368830480;dc_pre=CJusnvz8-f8CFaXhuwgddOAKPg;dc_trk_aid=559763456;dc_trk_cid=193688982;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 22DB 0
0 97ms
96ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoeluSKWmZPHaA464bdzHjqAD_KjGnHGQ3sKC8hHwLhABIKGqyCpglfrwgYwHoAGv4u32AsgBBqkCzvlMuxs2sj6oAwGqBOYBT9C4yF7KbHaKQVumfI5Lr6tBDZJz7nJ8fbDWQT5jxuI2mKyRdDR7iG8J-3bafvNMdWoFeQk3K3fUn1fX9Dfx_Zx-LwNHu-EahB7W-5DpQQd53hH8nCGz3BR_60vxM-7EcdejIOkhYZ_sMzQcwTraOp2H7PSM2WELSGxCnc3THY8nhpm58tba1BqpP-X9do5NVGc5QG3a3dkKG6BC9TxnJKxV-w7mUMTN76WfP-wHCa8ETz9k6iTJ7W8YeqVcFTE9Xh_uszmlZpH3GbusT3m1C4We0e9DasAQKwDhPJ7H-bUrUnWzzSTABMuh8_iwBOAEA4gF78S_xkuSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB7mdkokBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQou0GGJae5O4B0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbAT6ezaE8gThcKG4wPQEwDYEwqIFAPYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzY1NzY5MDc5MDI1NTEwNRjBgBPoFwU&sigh=9U2goYG5iOU&uach_m=[UACH]&cid=CAQSGwBygQiD0VgN3SuWZv7x2pBTPfJ4DFnYGma4YxgB&template_id=509&vt=10
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 22DB 3 KB
3 KB 179ms
55ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:49:55 GMT
x-content-type-options: nosniff
server: cafe
age: 56293
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Thu, 06 Jul 2023 19:49:55 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 22DB 344 B
715 B 179ms
54ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 59059
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 06 Jul 2023 19:03:49 GMT

GET
DATA 200
OK truncated
/ Frame 22DB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7296124cd80cf0966a1923f45c6db31207a4175244084e082cec5e65ab655ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BC9 17 KB
7 KB 161ms
66ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 11:28:08 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 693A 0
45 B 29ms
28ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedio.com
Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://onedio.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 container.html Show response
1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 100F 6 KB
3 KB 58ms
57ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
expires: Fri, 05 Jul 2024 11:28:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 json Show response
trc.taboola.com/onedio/trc/3/ Frame 5BC9 64 KB
19 KB 315ms
301ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onedio/trc/3/json?tim=11%3A28%3A08.635&lti=deflated&data=%7B%22id%22%3A7%2C%22ii%22%3A%22%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1688594087422%2C%22vi%22%3A1688642888632%2C%22cv%22%3A%2220230702-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22vpi%22%3A%22%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6555%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5724.828125%2C%22mw%22%3A715%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%2CBelow%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91977d4aaeaa221c465e96cef54c47a2cdada83e5686e96cbc7e5427816e46e5

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 272
date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7417
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230081-FRA
server: nginx
x-timer: S1688642889.662233,VS0,VE272
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://onedio.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 189B 624 B
310 B 101ms
99ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9dTQ7gEwAQ&v=APEucNVJA3vGnC5rQVR1FWIh4jC5Jlsit0DUhCdZe2afH-e_-X2no-IX9vPdI37jLJJqJQ9kEi_X3QvZpW6yfafmLkkdKMue_JLsttju0zHnpuvjsCclrC1MXPAR0UfuLzdhxE9Ou61CgGXNwB8XY5NdARccBJtoaw9OHF94EULhvcD974xc196QLm_ictCAeuYH0IL8ypwr_O_9s0DTwHvZNsTGKmtp-w

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 100F 78 KB
27 KB 219ms
108ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 100F 42 B
63 B 199ms
88ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4xMykHPR1VFbhclskiSiRw2nkO9CiDgR3hh9mJFeV7gTBi9kfAsWDz5YkrAlB1nZUa_7-noAaJU3R_QqrdU5-EUxhi7zOgB5rq2Ne56jDl8Fpm3M

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 100F 0
20 B 200ms
88ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11220896851996413942&x=1&ct=76

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 100F 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 11:25:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 100F 20 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:12:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 100F 0
0 186ms
63ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRv3TUljA1BSodkpt-duClUql9ESbEEL4ldiOeLqa_yONmCebzb3_yur-ziuWJscOYus3pwY348ftGZ_mgnXJ-K5d850w
Requested by: Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 100F 179 KB
57 KB 197ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H2 200 container.html Show response
1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35D6 6 KB
3 KB 57ms
57ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
expires: Fri, 05 Jul 2024 11:28:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA4A 13 KB
5 KB 56ms
54ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 10:01:21 GMT
expires: Fri, 05 Jul 2024 10:01:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AD44 783 B
1002 B 145ms
65ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbe1650f96113087eb6d3f63def3e41fb7b03fff33572cc4584ded9afa6ead77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8STjSFyIoA1k4fPxAPE3Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-8STjSFyIoA1k4fPxAPE3Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
expires: Thu, 06 Jul 2023 11:28:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A647 6 KB
3 KB 55ms
55ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
expires: Fri, 05 Jul 2024 11:28:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 35D6 23 KB
9 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite_fy2021.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:12:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 35D6 8 KB
824 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 10:58:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 35D6 15 KB
3 KB 183ms
58ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 07:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 07:46:02 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 35D6 371 KB
127 KB 185ms
59ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 10:39:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 35D6 20 KB
8 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:12:36 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 189B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECL__8WyKbQCRsN96iMxQwY&google_cver=1

43 B
632 B

32ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECL__8WyKbQCRsN96iMxQwY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9dTQ7gEwAQ&v=APEucNVJA3vGnC5rQVR1FWIh4jC5Jlsit0DUhCdZe2afH-e_-X2no-IX9vPdI37jLJJqJQ9kEi_X3QvZpW6yfafmLkkdKMue_JLsttju0zHnpuvjsCclrC1MXPAR0UfuLzdhxE9Ou61CgGXNwB8XY5NdARccBJtoaw9OHF94EULhvcD974xc196QLm_ictCAeuYH0IL8ypwr_O_9s0DTwHvZNsTGKmtp-w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECL__8WyKbQCRsN96iMxQwY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 189B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKalSKlQ6LirERDMhe1ykQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9dTQ7gEwAQ&v=APEucNVJA3vGnC5rQVR1FWIh4jC5Jlsit0DUhCdZe2afH-e_-X2no-IX9vPdI37jLJJqJQ9kEi_X3QvZpW6yfafmLkkdKMue_JLsttju0zHnpuvjsCclrC1MXPAR0UfuLzdhxE9Ou61CgGXNwB8XY5NdARccBJtoaw9OHF94EULhvcD974xc196QLm_ictCAeuYH0IL8ypwr_O_9s0DTwHvZNsTGKmtp-w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 189B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFnkkqisujaYvqYJ2MNdbE4&google_cver=1

43 B
1 KB

35ms
35ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFnkkqisujaYvqYJ2MNdbE4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9dTQ7gEwAQ&v=APEucNVJA3vGnC5rQVR1FWIh4jC5Jlsit0DUhCdZe2afH-e_-X2no-IX9vPdI37jLJJqJQ9kEi_X3QvZpW6yfafmLkkdKMue_JLsttju0zHnpuvjsCclrC1MXPAR0UfuLzdhxE9Ou61CgGXNwB8XY5NdARccBJtoaw9OHF94EULhvcD974xc196QLm_ictCAeuYH0IL8ypwr_O_9s0DTwHvZNsTGKmtp-w

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
AN-X-Request-Uuid: 130f86bc-e004-48a8-8118-a6598897b04e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFnkkqisujaYvqYJ2MNdbE4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 189B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D

170 B
243 B

67ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 06 Jul 2023 11:28:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2e7546d8-a717-4a44-b9ab-e5d93f1011b9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 256F 624 B
285 B 103ms
97ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXX3_vfBpIsZPvoho3AdIyc0YTJ4S9swxOpM0NuM2ZWYNFSnPgZnN_jVR0Rp6MfYNukKzHuALYPrjb61dvufiX1-EvZv7YWXTGPd5HrhikzDyrISR7M0naLnih0RftMF_N5gaTMsBdKjNvFktf5ta9Kwe_-AGZQMSKROSqVcBIhlWGPFiwbOpg7qLTaCphooTUD7bj0hdwb_XT2GAzI1S39Web_xg

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A647 85 KB
29 KB 188ms
187ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29790
x-xss-protection: 0
server: cafe
etag: 4661881725859498467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 42 B
63 B 93ms
89ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGGfCgjVHrvIrAzVVl1udbB6lCQifpDw4CAt8c7cE8AxkM50lRRKQ-Zd3NHtMW3F4Z1VAfIBugkphS3WOhX3ehBCE8zSn-75t9V1dYzn-_8dK25D8

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 0
20 B 92ms
88ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11781860860078272613&x=1&ct=76

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame A647 3 KB
1 KB 65ms
60ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 11:25:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame A647 20 KB
8 KB 58ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:12:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A647 0
0 68ms
64ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFH9uQfF8rK7rrObCFgss6dJd-_qMwQ1KsMcam6deyQ0ng0ag0QRt7V07SWLAzxRQp496hYru68tV51ucVXM8u88FzqA
Requested by: Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A647 179 KB
56 KB 167ms
159ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 2731 222 KB
61 KB 57ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 65837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2731 15 KB
5 KB 84ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 68944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2731 94 KB
28 KB 85ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 68953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2731 5 KB
2 KB 95ms
88ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 68944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2731 40 KB
13 KB 96ms
88ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 68950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2731 5 KB
774 B 70ms
63ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&lang=tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 10:42:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2731 5 KB
774 B 78ms
71ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 10:06:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 11:28:08 GMT

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2731 3 KB
3 KB 60ms
54ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:49:55 GMT
x-content-type-options: nosniff
server: cafe
age: 56293
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Thu, 06 Jul 2023 19:49:55 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2731 344 B
402 B 63ms
56ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 59059
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 06 Jul 2023 19:03:49 GMT

GET
H2 200 9597120908755590033
s0.2mdn.net/simgad/ Frame 2731 109 KB
109 KB 60ms
54ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9597120908755590033

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cd82166cb272b8a918be1e38f7bfed0672846ac839bd22387ce309b5f0ca937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:07:53 GMT
x-content-type-options: nosniff
age: 454815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111950
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 09:23:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 05:07:53 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 2731 42 B
107 B 92ms
86ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2W_A8mTeolsRSmROcidYfh3hFhMTFgJ8upWYNGkN-EoAkQ-sXLUNT7zI2etTEtkU1WU7gwt73grdSg8Cr8tjNsGV9wxs80A1ks7kJI59jSQVuj_1NYEQKD-yhkfhCw9tg50dgOXnrRG9505AzTtn_EFgoukZYVVp7XqgbjJzm0UDrvQ8&cry=1&dbm_d=AKAmf-B7zX0m4GPyCJnfPWHyg4Nj1d2Q61prMWzVCxoUb2dHTGM8wTEnJ-OcL-mpQNtpsIyE_WqvofQ9o9pJOZ5o-4wkgOowiYm-JEC_2-2Vxo2Sy8Zag43sGeNLrDbzKB0vx587W0dCSnX5ZfjdUw3EhTg6wwC7ylGjwGeo3_e_RaZhp9AfFrI9TtFCp7AMpUxZmXOpDxw_uYwnb-U8P6xfjuczCLQ1PdDeMCJkjo9Yt7CO1EtLrlpySb-nWJ60eMm-zbzZ1Rz-m0QrOknrUAaHNtl7Nx3Z7Qf3CUjPW5UriXLWzzJ7Iz2kf3v4qLq_fMwKzLfP4Dl_tveHhLmDThCg4pOOTYikadwwtxek33g2Hp0TVpwo_NhFemR92yaCk6XBIVk5DbJSeYH45iUCfqK0G4Cyde0lRCc2zBgAbO0arnpmybufhxgrNe1e9hRAY8UhsLROuyn44_7XIl-8Y4Jy5yXxAaJimKoLhc0ibh1Zsq-Q5fWtQ26FZC4PYoiyGVYUH4IrL9_Tk1bAk1N4Hy_PT_3MySkgOvBuiClX5F6De10Y-Upn7VLGW5RbkA6Ad7recJ6cp5YJhp1sqRGCoqJZLb8xDfy7jq64Zra94T51bVHhla8yS5lRJ4lUAB070_Q1jyeGDO2nOWbo_RqLYPsIw68B6JQqjyRK-54md6C0QI8UAR7voW9tf0gyf1VY1uItb8DV08wlxlaW1lsmQkimj6Z9d5h4x50MG2RAccJirs3hvpCyMpjsmdiDrdUZXUa-whuzyfHp76oBx_igexBQA_iVf8YHgRL4Z6CqJNbcfEDonNyqHrFoKFnM8mRlR-VdYgIJl8g_TZsUu_idtVjAuyNeKK-Q2ZFsGlxb-LQjzBBOsGPVWSFfAWAjvQYngA4KeRvriCQw2oA_jGRtrhOQ29Tk_3VBrg4RYJMui-gTbSqgY1OVUOp80xpn7FPawJgf0ATbIlqVqWO-aNahEWjOW-BBwN8S-cowoCOdQhqID1Ny3d0CT1SFug2x13fQzDlDqRvYve5W7AD5fZBCBmpCHPBKlhAqdhvA2saL9gjf3nBPIUa6kLSdq1RMz2O-tjjWCYtmujNaOaCI9FA2OUkr1vmbOLSn-CNz-DeMFNSUVc5Ve_9lQQMm0YtC3W5zRnmRdP3dQac_ePXae7MujmYxRWme7B7sRBqSJGy4YuDfdqxLMlVMJ2_6OwD1ukUDl9s_EfnQ6VEAUGUyXIODpAjH8FkVzwcCciZpROdUiOCDZims-9T2Ud68aoUnhQizURdsARv8VDQNaIp2bJzkrqKWXQFOUZnu84KPh1_2I-zEaBVF6z317-rBWRj8371hK1Ziv5eV6swJ1Up0cHILJEUo45X1r1nTl8M-q5zQWKfb8a8PVanp3RMPVHw-wS37lZVkTUv3iVECz8yxx1cmx8mMMx_TmpMYcqWkoLwwvSxcN4bikfE_3EzKBBg7QvDjeaKggr9DXVTUZ3kWSUnpnpFta9_w3at4Y8eEGEd6pDmxyB7pxkhFLjXVjEkHsGjbQ-JqALkI2vZFWs6j904yqm2I1CMoowOUICuc5esavIEv6pooi3uOz1bGtzxwX-zn31ZBno6raASHkN3Gaur1V4LkpfToHS8J-CEtCL-nhfc7B1Fp85eqiVikRR8menZj4d3ihfzfI6KqWTJ3E1tpiTQvNl9LmD8-MHtkKRcuSna06jEwUJ5YfTG8msSYX8ji10UrzOkJ1sJMMWgGvt9OOCJnzXis19IZl0cS0_InHc9ULbOkGvEBE2z3AnaxMT3_GjRVqTYdAiZ4zhzKgI8nOdpO_G_IRWQS0v8If-CDFa8ciYFAB_E_9y63aVsCxsf76i9vaKDpyfe85yk7kzsDs7lT-6_L_hIEMLZY1rFqTQVVQTq1g6SB5GOsgeOqSibslJtEM4hw1exsFh43TJCSZJ-z05LudpXizBozP1ma6i1gmO1hwdt9FyquaEfacqB9eDQVSSmVEWt4iFQd3b-ZTRRzOlg6Fvegz7PYm4P3gXQFCmoSAsX-0QHioRpoimgs8PeUmP5REkZbF45jI93v9qAPqx8_aVG7pngz-9YHqHjApi27x5BbQXH73x8TEKI7Ww3McoKkI5-a2LUer_CES99MKR-e1xiwLYM0N2ML5M06TLsnM6xROK80kkzs6k1B-c_E6HQZAonmxiTmFW0A3lNgZ4thEwBPUHtucLOheo2nRtBIWcjlwcgOy1FFMUHGh_H4BnINW1MFZtfQZfONcSvOoL-ldCnOUgCe_SRXpFeNN1a7Rq6qk7J8mwx3v_RpSo4nl735Vpp1Nx5riEoNUioqKw_6y1hYpo3eVJhJmYdg3jgEoSEutXSIHl4_AhGHIFdJWt3R4W4CZAthsxD0mzUH1V-w4fmJcHeurK92tlev5e61r-vzqDWOvEBj6qOOuz0U2Etm8YFXUXA8QMj3aRKo-gipoLDx7T3ci3nGR2SuZg8CE7JwOWurgoMVnRqPAIaNj5nPQdZMjwj81WiZoqUXxGrwHrU9yYpU9tv48SDg6BWNRmDLA0ToinzVZzgQWaei09Id-omDI6gYrbCUEV-h7ciAw9POr9hlmBOk9HP2bETIhw4u-dpLZHxO6KgL8c91eFNu7NglVj5z08sNvLyrjdLcIsYOxBDNpoMXPTYjtnwtpvtfCCudJHbot0piVH3CcG09AfaGXxQCqENISnZAo_nO08kyl_qOyezB7Sg6wUTQxlZaJqmtnDAltV49mt1I1KemlO5455iqsHwT5A1AiLyo7_wl2yu1Nq_EtDtBQ01VDtA_HjC6VzmFNB7DiG_2cRfVu9QzfGSURG-rFVySfpW_e5b58UPBV-ENQDfzGLpxAwi2SQE_h6aMIpd2tzpxQQwcmd85v-CgQLEZniauiTgmBiwYME6IE2z5Lh8XG5VWQd0gHvV_yqLbvDC76JXjepKZh7nhlv5Lwb-1q976pKgy-sIr6XM_wWeVS5p0nJfJIx2xtnq8fy0-NVm8wQRkAthTGtFc_M3Q23NCdzBgJIQbmLW-DLnFg6rphrwyERsHHv3ZGpzjfATtQ9QqblvA1tgLtYaXTN5D_Q0FLEempthgxD6rlUva2FS5_TR0cNTwL74kasw3tNT92tVqyqZdaJODEDDgjjuMOXSLaugm6Uitdca3DPTNc3Smp4XP9ZOfc8u21gpwzWlrgoiBo7XwWzU6TOu6WRg2dutBJnrjfmAShhUHqAKjpjLzC3P8yQQ-P5WSZXemvM9yM1IjESWQxzOK7r_B08Q09R-oQX3ZeLxlZKLoKxniIhKPAlsVCtUVjxnYSL6CD8E7kuPv_F-4AniD9JjRwxULDjG6ghaTgV7GqVvF7E9zna0-kPRsgLtLymTRaHOLqToMT74qV9gCfeDJ4IWcDTbe26_3OLcjiQuNBqdsIXxkFO-JUYtLHorh-tS0C36_TKYRqIFvTiq-QRR2jt24f-nKpoRCzRG_J4f3AuIn5h0nBKMJLyrqZyITqGp1ErzQtlWWT_Bt2mpfobEBFOSw2PT0jdbcuuvAoieMlxeVq8WamwgDfbEbhyppKXoP_CwT51c09OaSIekX00HriQ9_LtVtioUc4Dp2zuEUB2Ezj9iB_B30fJ3H-BE-gg5SGyUV7oWLQOWaSBq7qU3t85aTRG2sPegOhBdqZq4_COe_BAFYUVHRTM-s89fEGLLAuFA&cid=CAQSKQBygQiDTBpCz66HNq_H5sjApnVxIh2vUWQqjhvgqHf-h8RQSCx_NKsfGAE&dc_exteid=31149963199990135658291923916916894&dc_pubid=4

Requested by

Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2731 0
0 99ms
94ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDLmFSKWmZMWhDbqL9fgPj7KbmAPv7oX1cKL5_cDcD92qvNfyAhABIKGqyCpglfrwgYwHoAHz3rS2KMgBBqkCzvlMuxs2sj6oAwGqBNoBT9C6Lp4mDon6uLYmA5RwvcGV2eUmKSVqRoRN2kNd_MAsiuyrkrtj8iZPmMLWD52HSjB5DdSY9NAZ9KNEMywvLhz87bWmyEFvhF45Rv25DcQxNJRY24DcMixpVQeqVvngbtfmLLZGte3uCDNxy39mkX1C2fu6hl_T8BKXq4nFgD_uCLFsdoUzqsU0ikl4iS47eixwEJA3kPm5loqcrBVrBR3-dQcdvFEYFnPQMOYR4bMIa5xj3Sx7b8uY46oGmr_mgUadm4hpumruyM_2VA6gMgE9lSgJ2Ee1N8XABNG0wo2CBOAEA4gF8O2u2j2SBQYIAxABGAGSBQYIGxABGAKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB_OWhZYDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQobETGJ7g9sIB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbATgrXfE8gTzNrQ3wPQEwDYEwOIFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzY1NzY5MDc5MDI1NTEwNRjBgBM&sigh=SN8AGw_myck&uach_m=[UACH]&cid=CAQSKQBygQiDTBpCz66HNq_H5sjApnVxIh2vUWQqjhvgqHf-h8RQSCx_NKsfGAE&template_id=509&vt=10
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2731 0
0 67ms
61ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLQYj-bM33WKMV7VQNGiZHinztzdqlpHQ-Uyq7KtYOEBUqcVfyG6hR11IyPJle-HktSh-byuNKN53bObG14LXwGWEAGQ
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2731 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdcf091e9192472f9a3e1438acea12d60c454a1a65af3b43c25278472b4616a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame FA4A 38 KB
14 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 09:16:54 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 22DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

66ms
66ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 256F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXX3_vfBpIsZPvoho3AdIyc0YTJ4S9swxOpM0NuM2ZWYNFSnPgZnN_jVR0Rp6MfYNukKzHuALYPrjb61dvufiX1-EvZv7YWXTGPd5HrhikzDyrISR7M0naLnih0RftMF_N5gaTMsBdKjNvFktf5ta9Kwe_-AGZQMSKROSqVcBIhlWGPFiwbOpg7qLTaCphooTUD7bj0hdwb_XT2GAzI1S39Web_xg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 256F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKalSKlQ6LirERDMhe1ykQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1

43 B
766 B

34ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXX3_vfBpIsZPvoho3AdIyc0YTJ4S9swxOpM0NuM2ZWYNFSnPgZnN_jVR0Rp6MfYNukKzHuALYPrjb61dvufiX1-EvZv7YWXTGPd5HrhikzDyrISR7M0naLnih0RftMF_N5gaTMsBdKjNvFktf5ta9Kwe_-AGZQMSKROSqVcBIhlWGPFiwbOpg7qLTaCphooTUD7bj0hdwb_XT2GAzI1S39Web_xg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnBMdjS9OINkvHbl99rbsU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 256F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB4PNyWUKZnG4ZL0gH51oK0&google_cver=1

43 B
1 KB

93ms
93ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB4PNyWUKZnG4ZL0gH51oK0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNXX3_vfBpIsZPvoho3AdIyc0YTJ4S9swxOpM0NuM2ZWYNFSnPgZnN_jVR0Rp6MfYNukKzHuALYPrjb61dvufiX1-EvZv7YWXTGPd5HrhikzDyrISR7M0naLnih0RftMF_N5gaTMsBdKjNvFktf5ta9Kwe_-AGZQMSKROSqVcBIhlWGPFiwbOpg7qLTaCphooTUD7bj0hdwb_XT2GAzI1S39Web_xg

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
AN-X-Request-Uuid: 536be858-ce2c-4682-bda4-1d91b5c41c0f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB4PNyWUKZnG4ZL0gH51oK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 256F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D

170 B
188 B

67ms
66ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 06 Jul 2023 11:28:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f1c30a79-6418-44a9-b482-c1a87e5454fc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyOTk1NzMyNTAyMzU3MzgyMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD44 0
0 87ms
87ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=4107566322556794&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 100F 0
20 B 88ms
88ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4108376718993&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 100F 0
20 B 89ms
89ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4108376718993&version=m202301230201&ct=76&x=1&cor=11220896851996414000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 100F 89 KB
37 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4fe3tj3YimYybfAbW8q1cIxHbOS7bE163-9JWXPU8owT1TFtC0TyY5paihhwsGBMIWCVjuORGgsyIGczU_vsWSIyJ0246q7BTxDqYAcEwso4GZ-8&cry=1&dbm_d=AKAmf-B53etFoYrJKiNzcNPSwYOTZKzNtO_uT1XUOwt0yMcbyq1-tubTOAc8LD2WxzL-_8nxDFiKgAFjQQ7QVnziPeQFJGWoSpnTIcmEeyiuTiO7-EMxzl4MXV6M68-VpxDUOdYNPTSyngJ2VTL3usFp-BZiYNcVe0Ehz6ywPK-5KBmiKN9HPddZYunKBXgJMTof6NgjVzv0zfMmMSoXwixmJv1BM0D_5zwRHetymb8uS1Ir_AUlSeNxkODazVbY1DzGQwXbyax_MBPRcdkyl721hv7F-g8NWt01amnyI_u6smg4AD_qDVKd8QtuDkCMsf7dd6XNo4zlHusKcjEaxkOjTYe_zlQU5lBuEPzUKY-CaQdyxGwVQxtlMay7yvyU9aYAqYdDFCxd0Jsq62-d6adAKUnyB6-_VOW3L_RCp9WMF_bym1P3Z0kcW04UVuVsXFzWTrykXugjAXCxtlFagdjxeOIcVrFjqgKu6BBY9Jtjqt7XOHcxnKny3gl51ITZa-y5VfY4tFfRq43UrHLxa2j42-FPylOOQuUWhmBv7jDtIrMPXk75vdpu3zBaH17GBTKAw0ioFBSm5OUkjO1OgTOsChLs8EEyoW4TrK5B3cT5om80xw_pK4aiP0N79ysw0JRI26tpx0pertqK2_DI8iVaPDcIkk8c9tCftZiQwwFwLfsTAmc_Zy7V5lgDcO3xcCTiMx1FQSWvAAI9rbXbrec4EzfLYvSTN_seKKYNFvCaVVuJaPoc5wo4GufruKiiJl2e7Yo1ygkS56HKAnUonz4u23Ki3tRtwKvAxTlsyc27hQzUkQepe5XdU8YYGwH64Fk9sct42g_fPSIu8c2E1StROJ3jU5xAFWnE5CotUanrYhzu2kSo8eV70KJZe-ATEORoBKz_4haMvwUEXV9Uqr8oxYfNmrZOZEpk3oXdTRc3HIbgHnWDo7gK3LHQPE_7j7_7TbQqu5K4r4BWyRUqLAs3rllcT9RduYnCHUATjvlcH6Ph6UhuE0cHA70eVO80o79MWG46PtpO2A--JHLDmLEDYplI1BVPbGOOCWBWTf7EaCEuJTzdp4m2CHCGZVeToWHMLozewuFOwgF-Lc2W9kRoKbOPViFkgXQ1l1StzjdAQqnwBGmS1kY4cTUE6qXeOCK7d6WP3fAU2ZvctT50Tv6Sfc1ySEtpGxQRdF4_1RpjWsLLMdkswCbFJGw_tV6HcS_jz25SWpTpM-sL2jo1oAjpG6MHrQ9bbNzdjkNuzVLPa9wj3XyxEqXOXjIaZoMY7Tny00PEiidYPIToTOXgIWQRZdEIv_YpMomibU_-eX6Tgc6JY41Fp_uRfDOkoLDlayO6o4tJB1XSMlzPvJNW3YOIblvtrzxhCU035BWlvxUkpPO1P8KWXe4Oq7mzTAKzH6n1D6jq1azGbU4a_ENgyW5eZ6y2CWamB9aToNrNillya3pmF09GsRgHNEepsfrTditVS4RJWBzt31yVM6yX3K8JGF1_v-yyYSz6SixNhCu6dqAw2D4cS4-tNFLdo6Dn29UQph4CWzmIaAuIhieUZHajPHinCpAiHp_6vuh3X0chALGFmzbTydhRBqsQOYgubpBrHSit8nQ915pj5K8Fy7Rq1QyQYrEhJ9H7fw8d0v_eqIn9qDq4YKitW9KG-rkwl7nk67kwaC3rHUYifLyWFUc3KTDJ5M_c_n9PVckLzzoZCMqYSz_rBxMHvkmyvJpSIjj2Tcd_JbZ9FL361Ncu0kYujp5IC5R0haLQ4k1oUPscp6-hHhvzwCRqGwuGKF8h3mWSLLPkAOSugBTdg9HJJyY2o0-FFEktL7qO8X0Ih5XdmM48YGby2rJ5jFopNnMbO8t4o0UeIhk5wGsz9xGOn5TTz7j6JwGlxxeeWIOKujgx2mfMA6ZvryPapsnecIQQuFMwCIVHIO0zk2UgUxpZzHijfwkGfEQgnVoLpq-D9FFGU-6BOubQBxd4JVV-oAvtu8uXpqsUHoUQ-jWg952vV8Sek8WPOELfvhtXv6aLhDMSxqSUtYpRvbibkFmH1DoXu97xXm6MDcy_QProjsXckPNJEBKa0llefSWTOyn2VPPyxuqWxN8eoYL73xJaJMIybI-cPi9KW9rntsx_-BObYUkwE2B1OUtf9n5sOuFa-S9mCQCmIvEsZuVoLuXhTgxdroyXYRf0HMlqh8YsyFqtmu2LFAY2l1ERbqUCH1RLrclPEdIKvTKY6PWYQ3eF9HJ8LQF0xZ0J_sitoytwRi8A9208jaEok6JGmx9io9bJrzhAmpY9Y7yJ4x7vOzXy5UvxwVmwcX9WefhkJ_KSPulw8pf_PHiIv-7J9jU1hbk4He3AfJSr4bse_89O9_s3BZ7b-K39s_3WKVX7rILqRXOaavuv39QfeMgO_V8IFhmLi1Zbnpijvn_CTD_cw4VgApEtXCbcvSFKBILfSQslxXM0KpHEkM9BDpw7xQ0dd1F5R8aAT7vF3t2fGmKq1v19XbcxUTRxqBVq1uMlvL1liAV9f9WB0_QsvXTz6zVhbl5Xyx1A5WTET7yqdO9gtLpamqbUmOuQgu3yiTuR-efMw3-Mwk8_qdfX3UPkUYbWBOAR4MUb52l42L3ADBa0LIHq7wy3LmhOC4yamVhXB484_YPCJ-puqo2w_gPApkN3crpkOXhjaU4vI4M1htrbi7iH9QlDMrZgvUwKVbkpBueODr-R_bsv3qJ9x2_Xk1XJpt4lL2veIeID0Jd9xJ2tNQJtWAZ1tOusgk_92pQeXw6oE4sbJjPcLU_sohilK2PggRFh7uYxBteZo-F0kHk_UkNAbnZYS1R-sNlgGwJS7__5pa8mzdB2A0FTTTcMwVsJNiE4KoEfyAE8vp75oi7E22ie_5LXE3RbRklwaeNLvSHb2YHhFgpCt_SMTndjybokvje1DkcEfyWKOtS6_Gaafmz9SWj6-VzL7qznXNS8IAeiaFaSdipUqq5uJfw76CYlDTsOxEsVC9EeH-RQtnQF7NqUHGubWGrTdJ2g9xMsjwb8DnkatS7lpYw_TSUJOA7D7IuqHtzp57cPshS5v3dsgszvjMS0rZs2yz2Sd5NAjOC8HfD9-636JKusNfN_IpX85f9wQB6QzXDcQhjMg7PwrYChvNMX8AL-DLClNCCya-LOjQep0pERBPk6Hk8Zh5AKQdlwZhPy4ZFpdoSbKRJp9jgPdxluPNij6VTJd42vDBsH2poTNR1ktcl84cRG2ZqKwc0Yyr3r5VZWVGeCGOM8QO_NKYNM6M_UZt3XDv_0it1RjArMRiNhZE3pXAA8b25NJ-wafevHIE3BT9Xj9IYf9de00AU0eKcSPCNhxWwVa8ExneLsO-iXKy_832Kd-v9snrfvwnX5G0_XIYrGsjBNg5llZ4ANI6pl_Q0p3tbIsBvMxWRcMK9zczIR8OuQdbfNjzjRBFwysCYTtdodzBU&cid=CAQSKQBygQiD8BdBlQgckIXyRvDhT5BZPunfqXUoENVgAPy9aaKXeuHy2u0RGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11220896851996414000&adk=754613069&idt=257&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a45d8e47ea52ac176ca6e051545f1ec1e559c5f1682fde82530dad93626da85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37638
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2731
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

76ms
75ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: onedio.com
URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878
Protocol: H3
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/138735.383.0/ Frame 5BC9 122 KB
35 KB 30ms
29ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/138735.383.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230702-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f3e153297f9e4fa0eeee46f00cf8cf60211d60fd8df843d1a642fb545330a50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 7295
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 34897
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Thu, 06 Jul 2023 09:26:11 GMT
server: AmazonS3
x-timer: S1688642889.007971,VS0,VE0
etag: "3a9f6c675c70fad415cf07a9f23386f8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: G5hSPZAQ6C5k1_OTILG59WO4YVYNLOS-6xLN45oPITdTA1zeQsm79Q==
x-cache-hits: 277

GET
H2 200 feed-card-placeholder.20230702-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 5BC9 5 KB
2 KB 30ms
30ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230702-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2328e7491d0aab769e20e7c1151d1614e24c33724f8399fe3fe7f84ae3d98d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: yVGdFfyjKTWtAawY60rZQCJghbDodUM8
content-encoding: gzip
via: 1.1 varnish
date: Thu, 06 Jul 2023 11:28:09 GMT
x-amz-request-id: JP3CNTFDCTC54Z6M
age: 251025
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1261
x-amz-id-2: Y/9/fOfr29Vh9XeGsbwir0QszmuSB63UkIRYkp3mYnhapZ8mlJSRYLlN+gOqPPP0wjD10JKQntQ=
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Mon, 03 Jul 2023 13:44:24 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688642889.009344,VS0,VE0
etag: "92ce506b03a0c438e8dea552baa54a0c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 73
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 282742

GET
H2 200 userx.20230702-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 5BC9 17 KB
6 KB 29ms
28ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230702-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onedio/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fba7b33e2a9172b7c0305c2dc390ee1faa4af90ee5dac1ccebd6a48977135814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: z.X3_o0ufl_QBDKAXF5EaN1Sc3iq3_WW
content-encoding: gzip
via: 1.1 varnish
date: Thu, 06 Jul 2023 11:28:09 GMT
x-amz-request-id: S4NCZWEESRN9ADEJ
age: 250996
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: HtQgCXUM4K8oTMgNy3ytXJvbVp7B+WK4SOq2U8kax7TZiAMxYVdh+6FCjRujz7ydwyrqN160lsc=
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Mon, 03 Jul 2023 13:44:53 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688642889.026146,VS0,VE0
etag: "09ef61b414ae16c050043d2cba0be7df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 27
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 68803

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ Frame 5BC9 4 KB
2 KB 29ms
28ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 06 Jul 2023 11:28:09 GMT
x-amz-request-id: KH3H54SRP4YPB9PB
age: 116
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: mP0nZ+4KDBKHVDyhuUEzb3LuG90df21M5809hL3yrjZ20OaHTMiCTGdDl6kK0Ov0/jyat3qi0Ao=
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688642889.078099,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 15
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 203

GET
H2 204 social
am-trc-events.taboola.com/onedio/log/3/ Frame 5BC9 0
231 B 175ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onedio/log/3/social?route=AM:AM:V&tvi2=54&lti=deflated&ri=91a3224bab8b775705caa16642c1d3a6&sd=v2_f990a4f9dbcd3994839c95f6054d7794_ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8_1688642888_1688642888_CNawjgYQ1JpEGLjH1teSMSABKAEwODib4wlA_4kQSOOG2ANQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8&pi=/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878&wi=4003718691141787111&pt=text&vi=1688642888632&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fonedio.com%2Fhaber%2Fkredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878%22%2C%22rref%22%3A%22https%3A%2F%2Fpcloak.blob.core.windows.net%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Kredi%20Kart%C4%B1%20Aidat%C4%B1n%C4%B1z%C4%B1%20Geri%20Alabilirsiniz%3A%20Kredi%20Kart%C4%B1%20%C4%B0adesi%20%C4%B0lgili%20Bilmeniz%20Gereken%20Her%20%C5%9Eey%22%2C%22sec%22%3A%22Nas%C4%B1l%20yap%C4%B1l%C4%B1r%3F%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimg-s1.onedio.com%2Fid-61704b25e95c836a1703d003%2Frev-0%2Fw-1200%2Fh-597%2Ff-jpg%2Fs-c98243167276ad228ced3fe6ae8b03b608984a22.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=11%3A28%3A09.101&id=8551&llvl=2&cv=20230702-3-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 0d5d0ac3e8e2f02caae9077304cdada5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 99 KB
100 KB 31ms
30ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d5d0ac3e8e2f02caae9077304cdada5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0285275fc3c76bcafa84cd4b6b2d9a855be279d892e1aa06f94bea4ae3b9583e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d5d0ac3e8e2f02caae9077304cdada5.jpg
age: 2673916
edge-cache-tag: 501887284145181606509394526970282742652,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501887284145181606509394526970282742652,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 260
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: http://fightnights.com/match/5247
content-length: 101788
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100115-IAD, cache-iad-kjyo7100022-IAD, cache-sna10735-LGB, cache-iad-kiad7000151-IAD, cache-fra-eddf8230081-FRA
last-modified: Thu, 11 May 2023 16:15:14 GMT
server: nginx
x-timer: S1688642889.130670,VS0,VE2
etag: "c689fb9a91c11600456add4ea4da3890"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 54, 1

GET
H2 200 0f9780008909d905ba620957d6941c40.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 10 KB
11 KB 30ms
29ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f9780008909d905ba620957d6941c40.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2c88caf170bdda7a6852c6e44ae86ec12733c75a47fd7e0d8cc34c272177876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f9780008909d905ba620957d6941c40.png
age: 2070035
edge-cache-tag: 331208042925282676003572768795640513761,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 331208042925282676003572768795640513761,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 242
expiration: expiry-date="Tue, 13 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.dailyrecord.co.uk/sport/football/what-brendan-rodgers-tell-celtic-30269469
content-length: 10296
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000074-IAD, cache-iad-kiad7000123-IAD, cache-lax10673-LGB, cache-iad-kjyo7100122-IAD, cache-fra-eddf8230081-FRA
last-modified: Sat, 13 May 2023 17:26:31 GMT
server: nginx
x-timer: S1688642889.130681,VS0,VE0
etag: "e10df26883c2d57e33b5c7d83984c29a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 847, 5

GET
H2 200 1fc15c5bdc1b226b607c7dfd15e4ddab.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 7 KB
8 KB 30ms
29ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc15c5bdc1b226b607c7dfd15e4ddab.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 602078f74b8a98dfad5c0457920f978ee477cdc8837dcef5a82616c4930e19be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc15c5bdc1b226b607c7dfd15e4ddab.jpg
age: 834912
edge-cache-tag: 477731326413695223734754229992102529877,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 477731326413695223734754229992102529877,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 175
expiration: expiry-date="Sat, 01 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://happy-woman.com/
content-length: 7292
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000117-IAD, cache-iad-kcgs7200047-IAD, cache-lga21972-LGA, cache-iad-kjyo7100152-IAD, cache-fra-eddf8230081-FRA
last-modified: Wed, 31 May 2023 06:52:57 GMT
server: nginx
x-timer: S1688642889.130656,VS0,VE1
etag: "eae0d33a1f19f8bf05ff6125038aa7d1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 66, 1

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 0
20 B 88ms
88ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1572310529256&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 0
20 B 89ms
89ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1572310529256&version=m202306200101&ct=76&x=1&cor=11781860860078273000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A647 93 KB
37 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj1TY39Y4W0I0aAhfowB_kvenvP9Ibryu5KQWIzAlHbWNyl3FGcAdxzqubrD4YR9sUuUA4eDe3Ax0HhOnGzNF7UtgmAb7LtTlPcD210SaYgGz1fOg&cry=1&dbm_d=AKAmf-BlNKJynr_b_mdnnPtM1qopaVAxsKKTAEoQkr6j4eWfY167brT6EpMBi8QFk73s1Z3l_7v0WzHnwPuyaxoKPEFSyrr775roPVkwrxFiHoRhE_2SqfXCpqF5lKFjXw0n8EkW5FxlFdDYN7gHfjimWc7F0cyn0Nkp1W1Pi8qIyiEno3DjrNpjOGW0n53AbHwiE9nWOhnV_Kkb2c_96Mt73Zz1RzquxIUYvK4YDqwuZ3EqYYCSp0lXpl9Vcj3fibjBjta3pp5xTu1NQBUac7DF4x36Nizryue_ngqavEu-OlVEBSsyA4VGK0KFpnATKVSeypQOVlDioTUrObrTIpPNXIxRmo_3zgQIcrxL1xXtFBcGwpI94QgbsMZZC6jscbgpIRLKhzX-Hb9eDA0BCiaH-1amsu5SmSVGqKryX63H-HoelJFBZc4RiNnu1iEtxznFQhrUWy-MRmTlTGT8q-_CLKQ1fow_OVButh5GEOVEUl4lPfoFBWq0yfW7uI7M4CDBYA4BceKRfDnh2LRn98fOWasx0oL51bqLqKcRMfPJYxC1i7st35IuAq2gIv_PNDY9RL-0UcMy5CbBJtuCwV9yKttZSJEscdebEv4ruO09YoJTFH1u85XVJxPIFeP3RaRcJlKPa2q34xKEi-EXDOWPvE1E9sJkYtUSWBDQgLW60lXCHkZsxFmZVpXelANxSQuEymA9XXc-NCGwQHtv0qYOkTin2WPFeIPx_MquyJgsf8su4GT4FHgNjI1kUkBXjMv9cyEoGjpuNJtVolJ4WtujjJHj6eKg_0n3R4g2sVhvGEsU1IhPjduruXFjSRbwhm-g4TLSH5GeDxH0jHeKpK945UKg_YDSXcLCB1AEqwyZWdA4OV8_2_r0ulFuQI5rxTe6EOMUfK686TUURmhrxPQlSkX40Qe35X2biowokfoM_ZcQMEKmrNsIrWGmwrInt3pagPDj2frdZKXWyl2HwvZlZNIuo0iIJ3wyxJcgH85vqZneaJTa4mYR2YaOIefE7_WxTvdtsTdcjcW8Q84WgDIWdyCfmalzsrrlIFXTiQh8X9PbJN_8l29LKA735E6zqcALVxh6ZMgzScObZfUZPhNU7i6FyoItyKFyYb6TAsXSO_M9KaIGxf44lXDwPj24qRXrW2njQdn1sM_-wCcqs-Bt2DUZN_LlavhK0qM8fG2htDdnbQJVoEGORG0PGIvfzn7QNianxB-tYnbbkxWod-truOogTPfmyw4uMOeCBklxnHvV66NVrJJpfB4eGsoknenLwCVmB63xh6Ei-A31fWqAv52aJ4SWKqAWlS5tCbtlhrBY1s2ysg-lGP5wTYva5CDabSginV4r_nD0Fa3DHZAlWgTWbI47yu6AcnOhMJxn1gTuDM7zJWKsnSUOrqUeGV7uwLdX0j4VF_eKPuBYMOH6gG5bAl5FT1DnsTdZWVEfLGfhtP-aQSa2Pj0_qFbNQPEF0xSyRxL7TzxbjKE6p5vVUzkMqlpo18qp_QQIYvAO4BeGoZ1WF6rR7E16zgNJ7FUB2IC4dl_iDoGnzNgIWMF2CQghjSbDqibY3BFNoWUkGX04whEAp3hZiRE6nTzlwTH3B6mJO_aLQ48MJSnJDODzwwK9flu71QLgjafXJ6l8OTgryvXP0grHATp-tHgVDe53rPxUs8yGPCxsv7eMKUDQZcYdmxNFj5MXV4iJIw8YnlVw3XRJDZti35B6l07vVu64BQa7vA46K3hOPCCIFOd1s33G0cQlVLYDTu8-vHJ7dNCq6Xjzp0QUrXtjbya53l6uxPWaHD0jqLyAJva5IDl89ppz9vyzlhi9HCIFRc1TFXwWaPxVZpszfmchl2Hr1E1ky1IdHifGFiJMZM_Yo5BIf89IkfP_NdzvAqfl-gPm51oP9ZpnlkacFdpAOzPj9qcdapRyNbY6j-1dGkgtVZ-8joYAdPuCavYPTDSIb8_UcM7OehmF7x84yppVAjBXtgUqMEkAu5eFyBInkKJTEFq99nQbmTJ3LHkCYylA7vLQ9yClfH3Wx2bIi0ZK0qWZGqXHA15UAePDdMAsk-5sW9gF-hL7MboLPqjyqK41Q_inMKkxi29pGJyWfnxRUoGyATrViPvXgGKBw7HCvRWLVVB_q5XGOWqrb93OmuDXQ3iSNnbhfYrWdHUtkPzYoPhMoL_9m5pBs1uIqYnTmKc-Q8gGIg9szastvS-1cB_nY98zEOyNAT0up7_ETNe-lIM_DwYo69Yqc2mk-eTiJ72EEMvTMAtZJo87Umy72UwLzWlma28nOI0ZzT7zIKO0mHxC6TMlJ1icIC7FYYzSh8IGmGZtsV7MYkIBd0Y0ThzYMEx2QpKa2KlXHSFiD5DeUCTPXyj4LSl9IZ8z9rPgrH0Wj6ktw1tB-A68tIXkDfB_9926qAZEk1Ry_LIi9jmFEOd59F26er3eWNK7M0ezPh5AlgmFZh1T4RH_b-oRpxfAtJ3s0xChvuBbnqacPTdMdlqS25Q563xZRIqxIHZvQCHWLTWm4NJBzHNlz4y4IhcJRBjyIuHqfwdhpDP8RnGaS6BnVrl5JbnJYAhcha0nERSGIwPw-KVr6-5iYTR74KP6umhA0GKsuVVWADAoYdjDlFUUce-uLSKUvI8Z-gvwrLcitYO01qzQCmop9Z8qcVp0QGsHi3e2ExtIWNAArG1mpvFy8dhJtKbuF-ej-taN1IZHYtzjzseI2OcEsVbPwyVJv8bce-6vU-2cIeolk3iaoacwzXCY_A8mVfgKGzyRM56Ec9Zaf2CyxY7YYmUd2Wg14zRwOo3aAhQRO2KQbwxAncdoM-lT65tp-R2duZiEOT38Oj9sMw46POL0rScitQLJlKpxh1jRugROPoVhibP3GSq4IQwTk2U_74Ad7D1ftl0v5V59cI7YOKtgTVPu-oaQf981wrLFbA2vz_wBpDPiz9wClXQXjCH6w7e_bS1vOlybL5G_7hy514_v3CV5CVXMQoBTlJp8uXIue6R1kopZt4QH3XXkVg5V6OrpgpkVJ6JQw17EUfZGSSm2-oL3jqP1vbyc84eht3J5JIahIKybYka6XFlkBcGxAngKaio4P7S6oe1G6Q9LK1dth3iqwa1-9t64xryqAfKiiDJ6B9u238nHfXB4T49vlaEwUs1Wrzb8YkJaTe3ocdHS4RxxqW2TI07fXU9UOxbfz8q7FzBk38_GmNcW3Apnk2R9_brQ04G3Hf9gEISE9MDHZvEkMDXei4kpCWrJukn_tG9UMBEW-PjazKqI-QAk_kVUxXSWW4uzFnvpjURXQxvwnpXATJw7MLLNL0SSf8o16lfSr8cZVHzCjaUwrJn4WtnoiyLF_FYesfyBZ_9ZjQjZlyJqorpPdsGzCp1eNYRIZoWSJa2T00uAXREQe9RKGsqof01C4yqBCthM5Fl18dsMfQHnuhjFLjHK5M0c0kUL6kAx1NYk-rGt4gnBGqdGc0wMF3A7jHEoisYodFsuPnT6A6dPuIUaBuJ2fqJ8tmXhk4QNWkQvPFIjuyp_vdZHsi12_MRETHBO9ZWug5Jj3WbM345opY1rv6XAKm5GosBd12-Td0ALub1tsLiKPnKEywu4csCx6SZCBY04zIexWOC8qZ5dIN6fpRjOvRjpP9zpAzTL_7Uj2knjUJF9fxuSnudEZrNAaIp02jjKwrpfcYbpPJL7oVCA28Ot6DGV5JSLAp95Sa8tVkmQDGl2K-HvK4aVto146YBxFlZQ1jKUx2YckmQ0L8y3_G-f-_UnyrytPoE&cid=CAQSKQBygQiDA96PbTlnkwvsUvnb3Y9wvKAdeE3q9UEjeeklO0JLpDo5exm8GAE&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11781860860078273000&adk=1599433117&idt=207&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aedd8d0238fa8ef610ac191a4b7b35b38a89aa7c408968239dd401fe436c0e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10741ea058f151b67db4230bafbe812d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 49 KB
50 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec27f7bb31f1c4d2ffd1a2a7e2cf18161e79d984985a9ae1aa32262c6b1b917b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
age: 612856
edge-cache-tag: 630794942868811789712213737048539066062,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 630794942868811789712213737048539066062,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 307
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://posta.co.il/
content-length: 50238
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200165-IAD, cache-iad-kjyo7100052-IAD, cache-sna10746-LGB, cache-iad-kiad7000113-IAD, cache-fra-eddf8230081-FRA
last-modified: Tue, 13 Jun 2023 04:37:37 GMT
server: nginx
x-timer: S1688642889.152806,VS0,VE10
etag: "71408ab62bbbc35cd611114abcbb25ad"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 1

GET
H2 200 68a067b57d206a7e3712cda1cc7c39f0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 16 KB
17 KB 31ms
31ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68a067b57d206a7e3712cda1cc7c39f0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c99e343bd2b1e4c3830e6420ccc7a004d261b40419bf159d9e61631407b3cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68a067b57d206a7e3712cda1cc7c39f0.jpg
age: 2749642
edge-cache-tag: 539136729262515993336422658210190975734,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539136729262515993336422658210190975734,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 243
expiration: expiry-date="Fri, 09 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.huffpost.com/entry/italian-teacher-summer-assignment_n_7570680
content-length: 16148
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kcgs7200131-IAD, cache-sna10745-LGB, cache-iad-kiad7000097-IAD, cache-fra-eddf8230081-FRA
last-modified: Tue, 09 May 2023 08:07:51 GMT
server: nginx
x-timer: S1688642889.152802,VS0,VE1
etag: "f322bb424eb510fc39387e51246885ec"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 18, 1

GET
H2 200 69a967a4d5bbc0a04055c14601660f3e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 13 KB
14 KB 30ms
30ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69a967a4d5bbc0a04055c14601660f3e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 25cc24cd00981e91af68a7947a862074d65f52c070864add7b726b1106a5f45f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69a967a4d5bbc0a04055c14601660f3e.png
age: 3702404
edge-cache-tag: 609787574242879397975342852598842292351,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609787574242879397975342852598842292351,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 57
expiration: expiry-date="Thu, 01 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://bookriot.com/
content-length: 13246
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100119-IAD, cache-iad-kiad7000174-IAD, cache-chi-klot8100059-CHI, cache-iad-kjyo7100166-IAD, cache-fra-eddf8230081-FRA
last-modified: Mon, 01 May 2023 23:41:02 GMT
server: nginx
x-timer: S1688642889.152987,VS0,VE1
etag: "6e439574cfb404c2a2d1f3f5b2faf0ab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 44, 1

POST
H2 204 csi
csi.gstatic.com/ Frame 35D6 0
45 B 115ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljr2dk8o&c=3549218858330&slotId=1774609429165&qqid=CIrkg_z8-f8CFZJAHQkd6B4Jrw&fb=outstream-lima&sei=21062100%2C44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 35D6 15 KB
16 KB 176ms
55ms Font
font/woff2 2a00:1450:4001:82f::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 411834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 35D6 15 KB
15 KB 189ms
69ms Font
font/woff2 2a00:1450:4001:82f::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 460662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35D6 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CEQ-JSKWmZIqgDJKB9fgP6L2k-Aq4vMWyce6BrIi6EaCHgOyQAhABIKGqyCpglfrwgYwHyAEFqQJM986DoDeyPqgDAcgDmwSqBOoBT9DY-y00PUabGziAWleGx1RIdNIF1u6E8RORY_znyVqQM2YFH1Gx1JUBKmo86_2tY9SJF5IGxwJ9R433hlOi-xZtTjQ8JTIKcHpaRFzbdrVS0hIW_P-6iMcKReGhdk2eTAuilakVK7xwGEc-1TXdVKnIL9-OjeUdqZ9TN5c32yjSDnhAkw4Sb7tUbs6UzeJ2kibPmkPyFOe1p3k7mkNeyo9yoHYaKZANWkEbdO9udb7EW9yNqzCrVT9iYuWGy8jQn6D6xHonIe1V18LKs4yyux8wD-D3gDwIHZJ9tF9y1piLErI6WlNWA4t5wATh95yIvATgBAOQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGwE7bD9hPIE-rlleMD0BMA2BMKiBQF2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1688642889176&ai=CEQ-JSKWmZIqgDJKB9fgP6L2k-Aq4vMWyce6BrIi6EaCHgOyQAhABIKGqyCpglfrwgYwHyAEFqQJM986DoDeyPqgDAcgDmwSqBOoBT9DY-y00PUabGziAWleGx1RIdNIF1u6E8RORY_znyVqQM2YFH1Gx1JUBKmo86_2tY9SJF5IGxwJ9R433hlOi-xZtTjQ8JTIKcHpaRFzbdrVS0hIW_P-6iMcKReGhdk2eTAuilakVK7xwGEc-1TXdVKnIL9-OjeUdqZ9TN5c32yjSDnhAkw4Sb7tUbs6UzeJ2kibPmkPyFOe1p3k7mkNeyo9yoHYaKZANWkEbdO9udb7EW9yNqzCrVT9iYuWGy8jQn6D6xHonIe1V18LKs4yyux8wD-D3gDwIHZJ9tF9y1piLErI6WlNWA4t5wATh95yIvATgBAOQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGwE7bD9hPIE-rlleMD0BMA2BMKiBQF2BQB0BUB-BYBgBcB6BcF

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 35D6 0
225 B 101ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljr2dk9m&c=3549218858330&slotId=1774609429165&qqid=CIrkg_z8-f8CFZJAHQkd6B4Jrw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.sx&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 35D6 0
45 B 101ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljr2dk9z&c=3549218858330&slotId=1774609429165&qqid=CIrkg_z8-f8CFZJAHQkd6B4Jrw&fb=outstream-lima&dmn=bid.g.doubleclick.net&pth=%252Fdbm%252Fvast&rbid=dbm
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 35D6 0
54 B 100ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljr2dka0&c=3549218858330&slotId=1774609429165&qqid=CIrkg_z8-f8CFZJAHQkd6B4Jrw&fb=outstream-lima&lb_sdkv=h.0.0.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 35D6 29 KB
17 KB 205ms
116ms XHR
text/xml 64.233.166.157

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D_7CVPsaibYKroEzYX4wEZWXCLk0mHz5q6PMwUtSbBo0dYjYgSKRPDm-QlJyAO1nVj32GAWydhBCqf2LBB9yOTrhzYXA&cry=1&dbm_d=AKAmf-B0-8-FRSt-DPKh-hW7AXoopRB7UyWeVdOSPWVCjheb5Pl6_JyRSRB_pCsST7gGlZ0EsaoBAQpqswxP5OeEE_-LdvQrUkOSYB7hpTFPWbV7RspV7VNF8wrE42VGIqwbqCcHFDwCDx9h3EVR0roDZM1K6sVdPz2o4uZSbWbEgNq3Fow4R0t4zm_Jq6Y1W2II0G0PHcvkA_ybCkYIxjYAAhi_6lZ_vsG8M-g1Xf2Q82QpccxY3BdQzLhuZ_XCafAL6t9vyqTbHFhuDBPqtGtrrou8IKkkZZr_n0Jv4IKOPC8sWgvM9kzMkiTaZ0uH3YTRr83FBoPvRe_Whm895uCKvQ5KwX373ubnDy7KR5ERfDHiz_n7NjhHdbjipWL1I16z_Vj_XcofVbzavbUkvV7leY2Fs5g5TBJiOyQ93CoEbZJHSwJcwdqHPZR-by4NzRbemn2iE8uNOD1IqToVeMOyeSsIOChjPfKtjlmNTeIkxWaHImcSuZcInbiU86QpyeZihdT3Tl6GOuTV7CayfrRjdBATNxOeHHoGU8lqw4jY3D2dHvNjeS5-HyOLgAmsEq40iY0NovhnVRw1xncW3h9KgJpyor0CeosehljbJSo_S6rmVrZ0nfv23KNXmh2jvyO8j193smn0Of7OxcBVEhtRrIzaISGbOvydTq-uJh_PJD-LRbPR9hpt11wClUkddZVf-ltx6WuvCciFcMzLwWvg4YHUtZZVp91V5upy0w2tB8TjDoWMtD_KoWJrrMp25-P_97LRhnjaDHdqnSSFC4edzoGQUKYpHCoShk5HDlocdYCe7OSmxUUV4nqj5dqtTrA86UL2lS6sUFleeOTvScTocnjXjdbezziCKfmfXe95Evyya9z69IUXbNhJT8iUpW_rOegfPt4fKIFk48fuNeAyRRCj0LLtHtI0hE4eabylw-Lp-iNJdpbm58CROrW8pVJqgH32hB4nzrTmdgA0Rp1R_5G0d2kgcuQwmhqqIUo3AhCMIz4LenDGIm32lAxt2zks0Nwp2OANdWp5JTpOMKug1Ah64lA0h0wnD28crqdgD244AYRoAQt3YGa8jLJf4-if47H6pVOQUqOs8TC3lB-3TNCSXk_371fVoKXsqULB8H1LEONLnUZO_gY6OL3Pz7zZWamj9BKK4roCctNRAu6gcjq_lZqswxjdRanjAZnUaVkRs4HCdUuIY9LBttqRlj5dsCS2PdkfbfxCQSOQTY65PQbpFFIqKZtkVipS_dRwJRiDqvBaCBidwpxatQdAZK7DHItIaf3JRb2ntMGTcoWI3Sz2VC2eTWi1KF5Xo8SUpVlyIb46SS1DBGTDwlaTTHSS23QNiKdoXkYCgh79Co7ykfGY20fZwOqmZhNxtb4aZ2gLfhnb6KedFC0ts82aTLXDbNesOiGTayvEwtluAkrwRMaB2HMIpihcNMvB4lEiufvZdiz_PAdy3y9_-ChAVEzJmH-0oDcvng9dII8du0drLTQosZ9oGuDepyU1QkIAWV0HgGjhxorozfokZDfk-oIuoBmL1e7iM6FY41k_6EnDUfsjOGnNqFb663UJJFOOdKjs3zrGGZw_5FXvZY43_XKLp8jUCBzlGCfkZ6AFQGoi-_phn_bifdDYbn2qeSLIYpzK0WkgxB6i3YC9SRMY7ahyizeSAQor65aHtjYLs5N8sdchJBKfJYx0ja37uddO7NgxeAZu-Cr4x4bjhIYUxMgTnhuML-ysOkUwXhQdCbh3z61NB8bsakdUb7Rk3YiGqSy9K5CfvjKMiLmK0TKUySc2tKEBQ9fgXNQUQ7k4gHgXpNumVYgwR6N3rh0G6aR6EpeI7zZRQSYBN07-OBosqjh0R9iLqT9iO4zvWKRONFO2sot0zSYwA0odkY5v2IiKGbz-aYPBEMYje58lP6vfVNfisDXh34UfGEPH4_VjDgmXaBz8vnKJ03wOUdSm64uN8Jw9FdZO_cI7scEhujmh8y1OFjMCyUcnUAWq1JYok4UDmMDUWj_i0h18fmF93hy0erc57zoYhVg_HDbgBzvIzi4VBb2AAnH4ZNxKg-GCnE_TXliNOt1jHfZ2t7tOvuej13rGTtbxyR8_jQl-ehcdBOcrNoFHOFNay5PubMEK1E3ZjCDvN44lPDv64F72Wdmmd9i882RT7su1bg5ZivX6BxVlRqygSe3H5E6rlJkdkYI_V2httVNja0teCRRBE60hklSms43J_MtXTBeP70i1gzUQ75lDtCILNBj7oVOeTXuabZRT1V15q-yuw15t7qYuTvV2LtqOrXuXORo5EIFJjmJ72_g-X3Sotwp7YeSLJI7qHB9qZuGCuv6zFFOvChLwFDd44Sxl6SePZtpOg4QYsU5Iu-mHv_Tzjh2LBZsOTtwkW18zRek3C7edKYa24rNgpFx7CXj0hJoVyorvF-Gxx4tA9u7ibY7je3ylXTRFNMNHCkYaQruV87g9Ee26bfXFzRxbkkgk9n96_zZK5ap2fKbeps3Q2eCK5cBrgqgDBsbNaFbYoUkgv37guDBmsb5AGiamxLTHskFIBzNIrY1zd-IIs1rVUKrRuff3HWxSM1fhQTmafVtN5WuE1CWBmBxVJfUSONSfyrEyPRh3B718sHCS_1H5kl-mJEiu9odsWy3JIvY3tKZ5BeeKN9OwMqU02ZviH_z2JRc7Mp_2qLT2rZXYo3JNK-EcULmPEar81e9fUmz3-wEZbmYa7bcTx_yozbD2KVqbAbnXtENb60FDBhlzFY_6EtoxpPFg2UuZG-iLaBZ-6xULdluyzeWwboEygmu9x3Ns85-VA6HPn47BB1rrL7IlzbPS74lYqV6e2Qc29xZ7Yh-GczsyfJ93PZTQphTNYG3KUOHycrg7GWXFXmsVW37xOxtcz7KwHGBVfGqvu9qm692LeiaX2G4mOobjfPo6oQHFvhrq2qSPRp6FbcO3HctQyJOTSXUPeXtzOtBBmgC2AebOcM4EpMWwKVdlmYuIsMjp2M1aaD0gR7SeivBCPa00nFdexthchvkqczoWE4WQWP5idppO8MiobTNDv52Jo6PPMWjkJRlg6n2FgyuSlgEhmA25CXx8SEukmQbQL7WKw4dg3DEy8UWhxHOa6roSifrnkXZthHt8QmBIEmoCcmXftd8ciR6S6buf2pG04uN21X5ZSzu7BppzM9P6yuwSckty6ZxDLFIu-MscYES6K9p2BnMEQFpozCSq-fJSEHHeUkRGxW9CA4SlbnAdjDarbmHnIvPv62LGsRyqyo3t1wACmvWU7egiLtwmPYEONCxJIcww_9PuBtW6WFRHug79gPH5Lt4Vr1odQhLao6mG7Ly1HzUeqBDJnPydy_P9UUJhm1LpUTnqWPBfiQOzMx6Y8q3JUVLGljRqDTqeds-R6s0ln8ycNvYBZTAD5a-5W3E0JEDIBoPb2QAR80QzjK6vnPq61qLVwRF3h2EyYIRQ5JWhDoXebgVrKXH2qlr2M2S43xCi_ktBy0a0_3h-_WWpmW4lLMXPDvfxwVXLdhM98T92OVO35G4SCGeHU64kRtbch3SGAltgJJbDD5Dw_4CzcayPV7s&cid=CAQSKQBygQiDkzrrjLHicgJQQlMbx6oXDN9LXqQ_XQrq75NuLa2GxS77b-4EGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.157 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

db2850224bd8a1f98a4863bd51955f31efbf832c02972ab47872771aa0b18f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16660
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 100F 172 KB
60 KB 173ms
57ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 14:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 14:24:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/ Frame 100F 11 KB
4 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4fe3tj3YimYybfAbW8q1cIxHbOS7bE163-9JWXPU8owT1TFtC0TyY5paihhwsGBMIWCVjuORGgsyIGczU_vsWSIyJ0246q7BTxDqYAcEwso4GZ-8&cry=1&dbm_d=AKAmf-B53etFoYrJKiNzcNPSwYOTZKzNtO_uT1XUOwt0yMcbyq1-tubTOAc8LD2WxzL-_8nxDFiKgAFjQQ7QVnziPeQFJGWoSpnTIcmEeyiuTiO7-EMxzl4MXV6M68-VpxDUOdYNPTSyngJ2VTL3usFp-BZiYNcVe0Ehz6ywPK-5KBmiKN9HPddZYunKBXgJMTof6NgjVzv0zfMmMSoXwixmJv1BM0D_5zwRHetymb8uS1Ir_AUlSeNxkODazVbY1DzGQwXbyax_MBPRcdkyl721hv7F-g8NWt01amnyI_u6smg4AD_qDVKd8QtuDkCMsf7dd6XNo4zlHusKcjEaxkOjTYe_zlQU5lBuEPzUKY-CaQdyxGwVQxtlMay7yvyU9aYAqYdDFCxd0Jsq62-d6adAKUnyB6-_VOW3L_RCp9WMF_bym1P3Z0kcW04UVuVsXFzWTrykXugjAXCxtlFagdjxeOIcVrFjqgKu6BBY9Jtjqt7XOHcxnKny3gl51ITZa-y5VfY4tFfRq43UrHLxa2j42-FPylOOQuUWhmBv7jDtIrMPXk75vdpu3zBaH17GBTKAw0ioFBSm5OUkjO1OgTOsChLs8EEyoW4TrK5B3cT5om80xw_pK4aiP0N79ysw0JRI26tpx0pertqK2_DI8iVaPDcIkk8c9tCftZiQwwFwLfsTAmc_Zy7V5lgDcO3xcCTiMx1FQSWvAAI9rbXbrec4EzfLYvSTN_seKKYNFvCaVVuJaPoc5wo4GufruKiiJl2e7Yo1ygkS56HKAnUonz4u23Ki3tRtwKvAxTlsyc27hQzUkQepe5XdU8YYGwH64Fk9sct42g_fPSIu8c2E1StROJ3jU5xAFWnE5CotUanrYhzu2kSo8eV70KJZe-ATEORoBKz_4haMvwUEXV9Uqr8oxYfNmrZOZEpk3oXdTRc3HIbgHnWDo7gK3LHQPE_7j7_7TbQqu5K4r4BWyRUqLAs3rllcT9RduYnCHUATjvlcH6Ph6UhuE0cHA70eVO80o79MWG46PtpO2A--JHLDmLEDYplI1BVPbGOOCWBWTf7EaCEuJTzdp4m2CHCGZVeToWHMLozewuFOwgF-Lc2W9kRoKbOPViFkgXQ1l1StzjdAQqnwBGmS1kY4cTUE6qXeOCK7d6WP3fAU2ZvctT50Tv6Sfc1ySEtpGxQRdF4_1RpjWsLLMdkswCbFJGw_tV6HcS_jz25SWpTpM-sL2jo1oAjpG6MHrQ9bbNzdjkNuzVLPa9wj3XyxEqXOXjIaZoMY7Tny00PEiidYPIToTOXgIWQRZdEIv_YpMomibU_-eX6Tgc6JY41Fp_uRfDOkoLDlayO6o4tJB1XSMlzPvJNW3YOIblvtrzxhCU035BWlvxUkpPO1P8KWXe4Oq7mzTAKzH6n1D6jq1azGbU4a_ENgyW5eZ6y2CWamB9aToNrNillya3pmF09GsRgHNEepsfrTditVS4RJWBzt31yVM6yX3K8JGF1_v-yyYSz6SixNhCu6dqAw2D4cS4-tNFLdo6Dn29UQph4CWzmIaAuIhieUZHajPHinCpAiHp_6vuh3X0chALGFmzbTydhRBqsQOYgubpBrHSit8nQ915pj5K8Fy7Rq1QyQYrEhJ9H7fw8d0v_eqIn9qDq4YKitW9KG-rkwl7nk67kwaC3rHUYifLyWFUc3KTDJ5M_c_n9PVckLzzoZCMqYSz_rBxMHvkmyvJpSIjj2Tcd_JbZ9FL361Ncu0kYujp5IC5R0haLQ4k1oUPscp6-hHhvzwCRqGwuGKF8h3mWSLLPkAOSugBTdg9HJJyY2o0-FFEktL7qO8X0Ih5XdmM48YGby2rJ5jFopNnMbO8t4o0UeIhk5wGsz9xGOn5TTz7j6JwGlxxeeWIOKujgx2mfMA6ZvryPapsnecIQQuFMwCIVHIO0zk2UgUxpZzHijfwkGfEQgnVoLpq-D9FFGU-6BOubQBxd4JVV-oAvtu8uXpqsUHoUQ-jWg952vV8Sek8WPOELfvhtXv6aLhDMSxqSUtYpRvbibkFmH1DoXu97xXm6MDcy_QProjsXckPNJEBKa0llefSWTOyn2VPPyxuqWxN8eoYL73xJaJMIybI-cPi9KW9rntsx_-BObYUkwE2B1OUtf9n5sOuFa-S9mCQCmIvEsZuVoLuXhTgxdroyXYRf0HMlqh8YsyFqtmu2LFAY2l1ERbqUCH1RLrclPEdIKvTKY6PWYQ3eF9HJ8LQF0xZ0J_sitoytwRi8A9208jaEok6JGmx9io9bJrzhAmpY9Y7yJ4x7vOzXy5UvxwVmwcX9WefhkJ_KSPulw8pf_PHiIv-7J9jU1hbk4He3AfJSr4bse_89O9_s3BZ7b-K39s_3WKVX7rILqRXOaavuv39QfeMgO_V8IFhmLi1Zbnpijvn_CTD_cw4VgApEtXCbcvSFKBILfSQslxXM0KpHEkM9BDpw7xQ0dd1F5R8aAT7vF3t2fGmKq1v19XbcxUTRxqBVq1uMlvL1liAV9f9WB0_QsvXTz6zVhbl5Xyx1A5WTET7yqdO9gtLpamqbUmOuQgu3yiTuR-efMw3-Mwk8_qdfX3UPkUYbWBOAR4MUb52l42L3ADBa0LIHq7wy3LmhOC4yamVhXB484_YPCJ-puqo2w_gPApkN3crpkOXhjaU4vI4M1htrbi7iH9QlDMrZgvUwKVbkpBueODr-R_bsv3qJ9x2_Xk1XJpt4lL2veIeID0Jd9xJ2tNQJtWAZ1tOusgk_92pQeXw6oE4sbJjPcLU_sohilK2PggRFh7uYxBteZo-F0kHk_UkNAbnZYS1R-sNlgGwJS7__5pa8mzdB2A0FTTTcMwVsJNiE4KoEfyAE8vp75oi7E22ie_5LXE3RbRklwaeNLvSHb2YHhFgpCt_SMTndjybokvje1DkcEfyWKOtS6_Gaafmz9SWj6-VzL7qznXNS8IAeiaFaSdipUqq5uJfw76CYlDTsOxEsVC9EeH-RQtnQF7NqUHGubWGrTdJ2g9xMsjwb8DnkatS7lpYw_TSUJOA7D7IuqHtzp57cPshS5v3dsgszvjMS0rZs2yz2Sd5NAjOC8HfD9-636JKusNfN_IpX85f9wQB6QzXDcQhjMg7PwrYChvNMX8AL-DLClNCCya-LOjQep0pERBPk6Hk8Zh5AKQdlwZhPy4ZFpdoSbKRJp9jgPdxluPNij6VTJd42vDBsH2poTNR1ktcl84cRG2ZqKwc0Yyr3r5VZWVGeCGOM8QO_NKYNM6M_UZt3XDv_0it1RjArMRiNhZE3pXAA8b25NJ-wafevHIE3BT9Xj9IYf9de00AU0eKcSPCNhxWwVa8ExneLsO-iXKy_832Kd-v9snrfvwnX5G0_XIYrGsjBNg5llZ4ANI6pl_Q0p3tbIsBvMxWRcMK9zczIR8OuQdbfNjzjRBFwysCYTtdodzBU&cid=CAQSKQBygQiD8BdBlQgckIXyRvDhT5BZPunfqXUoENVgAPy9aaKXeuHy2u0RGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11220896851996414000&adk=754613069&idt=257&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:14:43 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 100F 30 KB
11 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:21:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 100F 41 KB
13 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 35D6 0
0 95ms
95ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBxraSKWmZIqgDJKB9fgP6L2k-Aq4vMWyce6BrIi6EaCHgOyQAhABIKGqyCpglfrwgYwHyAEFqQJM986DoDeyPqgDAaoE5wFP0Nj7LTQ9RpsbOIBaV4bHVEh00gXW7oTxE5Fj_OfJWpAzZgUfUbHUlQEqajzr_a1j1IkXkgbHAn1HjfeGU6L7Fm1ONDwlMgpwelpEXNt2tVLSEhb8_7qIxwpF4aF2TZ5MC6KVqRUrvHAYRz7VNd1Uqcgv346N5R2pn1M3lzfbKNIOeECTDhJvu1RuzpTN4naSJs-aQ_IU57WneTuaQ17Kj3KgdhopkFVb2-7nfSjnS1329z4GbAi6FPyN22xG8To6r9zO2S0I9cAaV_NZIx6XMSiPXgCrosW2vlGsqN5jszhKcUy1xwPABOH3nIi8BOAEA4gF54vv2kuSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ07ESGPe-8u8B0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbATtsP2E8gT6uWV4wPQEwDYEwqIFAXYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzY1NzY5MDc5MDI1NTEwNRjBgBPoFwU&sigh=WFkGwZURvOA&uach_m=[UACH]&cid=CAQSKQBygQiDkzrrjLHicgJQQlMbx6oXDN9LXqQ_XQrq75NuLa2GxS77b-4EGAE&vt=10
Requested by: Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 42D1 1 KB
643 B 59ms
54ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EB87 1 KB
643 B 55ms
54ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 100F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c6e73e9346565acd3b4ff7a2fdc2cb7431805df730dc97d959e099ab73ae587

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d5d0ac3e8e2f02caae9077304cdada5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0285275fc3c76bcafa84cd4b6b2d9a855be279d892e1aa06f94bea4ae3b9583e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d5d0ac3e8e2f02caae9077304cdada5.jpg
age: 2673916
edge-cache-tag: 501887284145181606509394526970282742652,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501887284145181606509394526970282742652,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 260
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: http://fightnights.com/match/5247
content-length: 101788
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100115-IAD, cache-iad-kjyo7100022-IAD, cache-sna10735-LGB, cache-iad-kiad7000151-IAD, cache-fra-eddf8230081-FRA
last-modified: Thu, 11 May 2023 16:15:14 GMT
server: nginx
x-timer: S1688642889.314251,VS0,VE0
etag: "c689fb9a91c11600456add4ea4da3890"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 54, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f9780008909d905ba620957d6941c40.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2c88caf170bdda7a6852c6e44ae86ec12733c75a47fd7e0d8cc34c272177876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f9780008909d905ba620957d6941c40.png
age: 2070035
edge-cache-tag: 331208042925282676003572768795640513761,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 331208042925282676003572768795640513761,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 242
expiration: expiry-date="Tue, 13 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.dailyrecord.co.uk/sport/football/what-brendan-rodgers-tell-celtic-30269469
content-length: 10296
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000074-IAD, cache-iad-kiad7000123-IAD, cache-lax10673-LGB, cache-iad-kjyo7100122-IAD, cache-fra-eddf8230081-FRA
last-modified: Sat, 13 May 2023 17:26:31 GMT
server: nginx
x-timer: S1688642889.314217,VS0,VE0
etag: "e10df26883c2d57e33b5c7d83984c29a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 847, 6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc15c5bdc1b226b607c7dfd15e4ddab.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 602078f74b8a98dfad5c0457920f978ee477cdc8837dcef5a82616c4930e19be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc15c5bdc1b226b607c7dfd15e4ddab.jpg
age: 834912
edge-cache-tag: 477731326413695223734754229992102529877,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 477731326413695223734754229992102529877,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 175
expiration: expiry-date="Sat, 01 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://happy-woman.com/
content-length: 7292
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000117-IAD, cache-iad-kcgs7200047-IAD, cache-lga21972-LGA, cache-iad-kjyo7100152-IAD, cache-fra-eddf8230081-FRA
last-modified: Wed, 31 May 2023 06:52:57 GMT
server: nginx
x-timer: S1688642889.314558,VS0,VE0
etag: "eae0d33a1f19f8bf05ff6125038aa7d1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 66, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec27f7bb31f1c4d2ffd1a2a7e2cf18161e79d984985a9ae1aa32262c6b1b917b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_430%2Cw_860%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
age: 612856
edge-cache-tag: 630794942868811789712213737048539066062,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 630794942868811789712213737048539066062,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 307
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://posta.co.il/
content-length: 50238
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200165-IAD, cache-iad-kjyo7100052-IAD, cache-sna10746-LGB, cache-iad-kiad7000113-IAD, cache-fra-eddf8230081-FRA
last-modified: Tue, 13 Jun 2023 04:37:37 GMT
server: nginx
x-timer: S1688642889.314552,VS0,VE0
etag: "71408ab62bbbc35cd611114abcbb25ad"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 2

GET
H2 200 68a067b57d206a7e3712cda1cc7c39f0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 16 KB
16 KB 37ms
37ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68a067b57d206a7e3712cda1cc7c39f0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c99e343bd2b1e4c3830e6420ccc7a004d261b40419bf159d9e61631407b3cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68a067b57d206a7e3712cda1cc7c39f0.jpg
age: 2749642
edge-cache-tag: 539136729262515993336422658210190975734,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539136729262515993336422658210190975734,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 243
expiration: expiry-date="Fri, 09 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.huffpost.com/entry/italian-teacher-summer-assignment_n_7570680
content-length: 16148
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kcgs7200131-IAD, cache-sna10745-LGB, cache-iad-kiad7000097-IAD, cache-fra-eddf8230081-FRA
last-modified: Tue, 09 May 2023 08:07:51 GMT
server: nginx
x-timer: S1688642889.314559,VS0,VE0
etag: "f322bb424eb510fc39387e51246885ec"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 18, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69a967a4d5bbc0a04055c14601660f3e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 25cc24cd00981e91af68a7947a862074d65f52c070864add7b726b1106a5f45f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69a967a4d5bbc0a04055c14601660f3e.png
age: 3702404
edge-cache-tag: 609787574242879397975342852598842292351,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609787574242879397975342852598842292351,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 57
expiration: expiry-date="Thu, 01 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://bookriot.com/
content-length: 13246
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100119-IAD, cache-iad-kiad7000174-IAD, cache-chi-klot8100059-CHI, cache-iad-kjyo7100166-IAD, cache-fra-eddf8230081-FRA
last-modified: Mon, 01 May 2023 23:41:02 GMT
server: nginx
x-timer: S1688642889.315078,VS0,VE0
etag: "6e439574cfb404c2a2d1f3f5b2faf0ab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 44, 2

GET
DATA 200
OK truncated
/ Frame 35D6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e33e68a9c2eaeeb626dee1b0094e3bcccf70923e2bf740b96da32515f44e65db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A647 172 KB
60 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 14:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 14:24:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/ Frame A647 11 KB
4 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj1TY39Y4W0I0aAhfowB_kvenvP9Ibryu5KQWIzAlHbWNyl3FGcAdxzqubrD4YR9sUuUA4eDe3Ax0HhOnGzNF7UtgmAb7LtTlPcD210SaYgGz1fOg&cry=1&dbm_d=AKAmf-BlNKJynr_b_mdnnPtM1qopaVAxsKKTAEoQkr6j4eWfY167brT6EpMBi8QFk73s1Z3l_7v0WzHnwPuyaxoKPEFSyrr775roPVkwrxFiHoRhE_2SqfXCpqF5lKFjXw0n8EkW5FxlFdDYN7gHfjimWc7F0cyn0Nkp1W1Pi8qIyiEno3DjrNpjOGW0n53AbHwiE9nWOhnV_Kkb2c_96Mt73Zz1RzquxIUYvK4YDqwuZ3EqYYCSp0lXpl9Vcj3fibjBjta3pp5xTu1NQBUac7DF4x36Nizryue_ngqavEu-OlVEBSsyA4VGK0KFpnATKVSeypQOVlDioTUrObrTIpPNXIxRmo_3zgQIcrxL1xXtFBcGwpI94QgbsMZZC6jscbgpIRLKhzX-Hb9eDA0BCiaH-1amsu5SmSVGqKryX63H-HoelJFBZc4RiNnu1iEtxznFQhrUWy-MRmTlTGT8q-_CLKQ1fow_OVButh5GEOVEUl4lPfoFBWq0yfW7uI7M4CDBYA4BceKRfDnh2LRn98fOWasx0oL51bqLqKcRMfPJYxC1i7st35IuAq2gIv_PNDY9RL-0UcMy5CbBJtuCwV9yKttZSJEscdebEv4ruO09YoJTFH1u85XVJxPIFeP3RaRcJlKPa2q34xKEi-EXDOWPvE1E9sJkYtUSWBDQgLW60lXCHkZsxFmZVpXelANxSQuEymA9XXc-NCGwQHtv0qYOkTin2WPFeIPx_MquyJgsf8su4GT4FHgNjI1kUkBXjMv9cyEoGjpuNJtVolJ4WtujjJHj6eKg_0n3R4g2sVhvGEsU1IhPjduruXFjSRbwhm-g4TLSH5GeDxH0jHeKpK945UKg_YDSXcLCB1AEqwyZWdA4OV8_2_r0ulFuQI5rxTe6EOMUfK686TUURmhrxPQlSkX40Qe35X2biowokfoM_ZcQMEKmrNsIrWGmwrInt3pagPDj2frdZKXWyl2HwvZlZNIuo0iIJ3wyxJcgH85vqZneaJTa4mYR2YaOIefE7_WxTvdtsTdcjcW8Q84WgDIWdyCfmalzsrrlIFXTiQh8X9PbJN_8l29LKA735E6zqcALVxh6ZMgzScObZfUZPhNU7i6FyoItyKFyYb6TAsXSO_M9KaIGxf44lXDwPj24qRXrW2njQdn1sM_-wCcqs-Bt2DUZN_LlavhK0qM8fG2htDdnbQJVoEGORG0PGIvfzn7QNianxB-tYnbbkxWod-truOogTPfmyw4uMOeCBklxnHvV66NVrJJpfB4eGsoknenLwCVmB63xh6Ei-A31fWqAv52aJ4SWKqAWlS5tCbtlhrBY1s2ysg-lGP5wTYva5CDabSginV4r_nD0Fa3DHZAlWgTWbI47yu6AcnOhMJxn1gTuDM7zJWKsnSUOrqUeGV7uwLdX0j4VF_eKPuBYMOH6gG5bAl5FT1DnsTdZWVEfLGfhtP-aQSa2Pj0_qFbNQPEF0xSyRxL7TzxbjKE6p5vVUzkMqlpo18qp_QQIYvAO4BeGoZ1WF6rR7E16zgNJ7FUB2IC4dl_iDoGnzNgIWMF2CQghjSbDqibY3BFNoWUkGX04whEAp3hZiRE6nTzlwTH3B6mJO_aLQ48MJSnJDODzwwK9flu71QLgjafXJ6l8OTgryvXP0grHATp-tHgVDe53rPxUs8yGPCxsv7eMKUDQZcYdmxNFj5MXV4iJIw8YnlVw3XRJDZti35B6l07vVu64BQa7vA46K3hOPCCIFOd1s33G0cQlVLYDTu8-vHJ7dNCq6Xjzp0QUrXtjbya53l6uxPWaHD0jqLyAJva5IDl89ppz9vyzlhi9HCIFRc1TFXwWaPxVZpszfmchl2Hr1E1ky1IdHifGFiJMZM_Yo5BIf89IkfP_NdzvAqfl-gPm51oP9ZpnlkacFdpAOzPj9qcdapRyNbY6j-1dGkgtVZ-8joYAdPuCavYPTDSIb8_UcM7OehmF7x84yppVAjBXtgUqMEkAu5eFyBInkKJTEFq99nQbmTJ3LHkCYylA7vLQ9yClfH3Wx2bIi0ZK0qWZGqXHA15UAePDdMAsk-5sW9gF-hL7MboLPqjyqK41Q_inMKkxi29pGJyWfnxRUoGyATrViPvXgGKBw7HCvRWLVVB_q5XGOWqrb93OmuDXQ3iSNnbhfYrWdHUtkPzYoPhMoL_9m5pBs1uIqYnTmKc-Q8gGIg9szastvS-1cB_nY98zEOyNAT0up7_ETNe-lIM_DwYo69Yqc2mk-eTiJ72EEMvTMAtZJo87Umy72UwLzWlma28nOI0ZzT7zIKO0mHxC6TMlJ1icIC7FYYzSh8IGmGZtsV7MYkIBd0Y0ThzYMEx2QpKa2KlXHSFiD5DeUCTPXyj4LSl9IZ8z9rPgrH0Wj6ktw1tB-A68tIXkDfB_9926qAZEk1Ry_LIi9jmFEOd59F26er3eWNK7M0ezPh5AlgmFZh1T4RH_b-oRpxfAtJ3s0xChvuBbnqacPTdMdlqS25Q563xZRIqxIHZvQCHWLTWm4NJBzHNlz4y4IhcJRBjyIuHqfwdhpDP8RnGaS6BnVrl5JbnJYAhcha0nERSGIwPw-KVr6-5iYTR74KP6umhA0GKsuVVWADAoYdjDlFUUce-uLSKUvI8Z-gvwrLcitYO01qzQCmop9Z8qcVp0QGsHi3e2ExtIWNAArG1mpvFy8dhJtKbuF-ej-taN1IZHYtzjzseI2OcEsVbPwyVJv8bce-6vU-2cIeolk3iaoacwzXCY_A8mVfgKGzyRM56Ec9Zaf2CyxY7YYmUd2Wg14zRwOo3aAhQRO2KQbwxAncdoM-lT65tp-R2duZiEOT38Oj9sMw46POL0rScitQLJlKpxh1jRugROPoVhibP3GSq4IQwTk2U_74Ad7D1ftl0v5V59cI7YOKtgTVPu-oaQf981wrLFbA2vz_wBpDPiz9wClXQXjCH6w7e_bS1vOlybL5G_7hy514_v3CV5CVXMQoBTlJp8uXIue6R1kopZt4QH3XXkVg5V6OrpgpkVJ6JQw17EUfZGSSm2-oL3jqP1vbyc84eht3J5JIahIKybYka6XFlkBcGxAngKaio4P7S6oe1G6Q9LK1dth3iqwa1-9t64xryqAfKiiDJ6B9u238nHfXB4T49vlaEwUs1Wrzb8YkJaTe3ocdHS4RxxqW2TI07fXU9UOxbfz8q7FzBk38_GmNcW3Apnk2R9_brQ04G3Hf9gEISE9MDHZvEkMDXei4kpCWrJukn_tG9UMBEW-PjazKqI-QAk_kVUxXSWW4uzFnvpjURXQxvwnpXATJw7MLLNL0SSf8o16lfSr8cZVHzCjaUwrJn4WtnoiyLF_FYesfyBZ_9ZjQjZlyJqorpPdsGzCp1eNYRIZoWSJa2T00uAXREQe9RKGsqof01C4yqBCthM5Fl18dsMfQHnuhjFLjHK5M0c0kUL6kAx1NYk-rGt4gnBGqdGc0wMF3A7jHEoisYodFsuPnT6A6dPuIUaBuJ2fqJ8tmXhk4QNWkQvPFIjuyp_vdZHsi12_MRETHBO9ZWug5Jj3WbM345opY1rv6XAKm5GosBd12-Td0ALub1tsLiKPnKEywu4csCx6SZCBY04zIexWOC8qZ5dIN6fpRjOvRjpP9zpAzTL_7Uj2knjUJF9fxuSnudEZrNAaIp02jjKwrpfcYbpPJL7oVCA28Ot6DGV5JSLAp95Sa8tVkmQDGl2K-HvK4aVto146YBxFlZQ1jKUx2YckmQ0L8y3_G-f-_UnyrytPoE&cid=CAQSKQBygQiDA96PbTlnkwvsUvnb3Y9wvKAdeE3q9UEjeeklO0JLpDo5exm8GAE&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11781860860078273000&adk=1599433117&idt=207&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:14:43 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame A647 30 KB
11 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:21:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A647 41 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2215 1 KB
643 B 56ms
56ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A647 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c3870010e5711c8f269ff55ed1de66efdab44c77e3b04ff0778f5fd3e30894c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42D1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVGARWvGW5z-QmNGLniKoE&google_push=AaAOQGGMjr6We-euzsCzmKQEEQ98-Y9dGCJoa_k2gpMD1BxTlbjOxfDEtb...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVGARWvGW5z-QmNGLniKoE&google_push=AaAOQGGMjr6We-euzsCzmKQEEQ98-Y9dGCJoa_k2gpMD1BxTlbjOxfDEtbLXxnNEavEGmKsbWfgDrudBd839g8MS5bt-Dw47YNHjAGch2DRHvmWb5ZgByAcaRvS9IBAJgj4J3XGfur4AJTCJ

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688642890.560137,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVGARWvGW5z-QmNGLniKoE&google_push=AaAOQGGMjr6We-euzsCzmKQEEQ98-Y9dGCJoa_k2gpMD1BxTlbjOxfDEtbLXxnNEavEGmKsbWfgDrudBd839g8MS5bt-Dw47YNHjAGch2DRHvmWb5ZgByAcaRvS9IBAJgj4J3XGfur4AJTCJ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 42D1 70 B
265 B 146ms
45ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDPt85hGZhU_HNnwpLn0brc&google_cver=1&google_push=AaAOQGFAqLRVcgjvv-QT-rEPzXLPoJSIdM3dHcKUlx--U_Ikb1eX9yOVJ2hULz29Ng9rnl-S7TGlE4anDczbtNgRIyC6EPcMuzka9aqfW3TuZMkDZJWG5N1rwBJfTKhzXWhDa_VQV40_oFE
Requested by: Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42D1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENiO1pVf3uaAot2uj7jf4RI&google_cver=1&google_push=AaAOQGHhZV4K6xSb3zF5zmPs0J0pOENQV2fGFrKf0-mMNhwPvO0dBetREnz-TjPtJheGZkxAVXS...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0ctRC1HQ0Qy&google_push=AaAOQGHhZV4K6xSb3zF5zmPs0J0pOENQV2fGFrKf0-mMNhwPvO0dBetREnz-TjPtJheGZkxAVXSmSQPMV7cPn_xHwxiRYoEbUy-RPnTg_...

170 B
188 B

68ms
66ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0ctRC1HQ0Qy&google_push=AaAOQGHhZV4K6xSb3zF5zmPs0J0pOENQV2fGFrKf0-mMNhwPvO0dBetREnz-TjPtJheGZkxAVXSmSQPMV7cPn_xHwxiRYoEbUy-RPnTg_dgR1sqeRMJE27A881xkdlylTfq05ei315eGmRjp

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0ctRC1HQ0Qy&google_push=AaAOQGHhZV4K6xSb3zF5zmPs0J0pOENQV2fGFrKf0-mMNhwPvO0dBetREnz-TjPtJheGZkxAVXSmSQPMV7cPn_xHwxiRYoEbUy-RPnTg_dgR1sqeRMJE27A881xkdlylTfq05ei315eGmRjp
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42D1
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF_eoixBkJpt-Jfdg9W36rY&google_cver=1&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEczibaPOQUeMLTaeDF3_Xhu9HS2OIlsf7dgwkxr9Hwm3...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEczibaPOQUeMLTaeDF3_Xhu9HS2OIlsf7dgwkxr9Hwm3e...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4OTk0ODgyMjI4Mzk1NTkxMDMzMA%3D%3D&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEc...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4OTk0ODgyMjI4Mzk1NTkxMDMzMA%3D%3D&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEczibaPOQUeMLTaeDF3_Xhu9HS2OIlsf7dgwkxr9Hwm3eOZgvkNoQ0KqncEa3vP5AXlxnEOX8deRJXdHonocSITTYe

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4OTk0ODgyMjI4Mzk1NTkxMDMzMA%3D%3D&google_push=AaAOQGFLSAiajpKyxvs6iX_utMfik2P7urEpfk4bxQDkhW7FdXwAsxEczibaPOQUeMLTaeDF3_Xhu9HS2OIlsf7dgwkxr9Hwm3eOZgvkNoQ0KqncEa3vP5AXlxnEOX8deRJXdHonocSITTYe
date: Thu, 06 Jul 2023 11:28:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 42D1 42 B
233 B 488ms
105ms Image
image/gif 174.137.133.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEGhcq74UqLWZ3cbrM6Z2uhc&google_cver=1&google_push=AaAOQGFv_oy7iq6TdYgugZ5IjvVEBjAM6SSFAioqGOFZJudayKxDQCueLdc53zJDu8r8O0DFU2ZLhSONU3GCHm0ckUXaOK0UxGU4f_bmN3U-dL2WGJaJ2YVUdNs93eWa914faMv2BDI9bghy
Requested by: Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 42D1 0
360 B 125ms
30ms Image
text/plain 3.66.186.233

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDmrZxO3HuZZDUT1B749LA4&google_cver=1&google_push=AaAOQGF0tmTFYAKYaiinWGzUXSwUelAx5bXXiXwazlrMuLqYNZ6abXOaawP0dXfq4sOpYJMoeFt_C_HJNmex1VpyXvkbCHbboCyGEbeTqdg5VzTWdKDlCvkOUsmdy5t8TS2O_PveTPy_RyoUXg
Requested by: Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.186.233 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 42D1
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEJ_68EXxWudLvOWyZnVu0-s&google_cver=1&google_push=AaAOQGEur66GhtplzVNn5fPMv4_ujSwOAds0KiUm0SNRRsC365FuodBpZdvlNjGXmO1gDsTlXl2qnP7vRrJHS56TT-wRIaG3fXT_QeZO...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEur66GhtplzVNn5fPMv4_ujSwOAds0KiUm0SNRRsC3...

43 B
1 KB

50ms
49ms

Image
image/gif

162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEur66GhtplzVNn5fPMv4_ujSwOAds0KiUm0SNRRsC365FuodBpZdvlNjGXmO1gDsTlXl2qnP7vRrJHS56TT-wRIaG3fXT_QeZOxZZ21vcIe0QNkWgYszzSdbmzcJrs3bWnyFMK-leSMg

Protocol

HTTP/1.1

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Thu, 06 Jul 2023 11:28:09 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEur66GhtplzVNn5fPMv4_ujSwOAds0KiUm0SNRRsC365FuodBpZdvlNjGXmO1gDsTlXl2qnP7vRrJHS56TT-wRIaG3fXT_QeZOxZZ21vcIe0QNkWgYszzSdbmzcJrs3bWnyFMK-leSMg
x-download-options: noopen
vary: Accept
content-length: 317
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 42D1 0
12 B 63ms
62ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1GkfJeZcpXgsfAMFDwIL16mTc9ULhnl98DjOz_G29T6VT_YszcrncMWvyXhSiuAU2B4_yZPhJ

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB87
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPrZtMSv35qwRpYLcn2oTes&google_cver=1&google_push=AaAOQGGknOiaYGPQBgtz2TdAsp6tv_dGrJyeKo-G_7D08hcEV7m00_G0rkqyvazUru9c_mZR1q9xh7i6sHDV68wJQH6Hj8m8Wms
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4C9AA0BE4B94523A1A22AE7B791F212&google_push=AaAOQGGknOiaYGPQBgtz2TdAsp6tv_dGrJyeKo-G_7D08hcEV7m00_G0rkqyvazUru9c_mZR1q9xh7i6sHDV68w...

170 B
188 B

67ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4C9AA0BE4B94523A1A22AE7B791F212&google_push=AaAOQGGknOiaYGPQBgtz2TdAsp6tv_dGrJyeKo-G_7D08hcEV7m00_G0rkqyvazUru9c_mZR1q9xh7i6sHDV68wJQH6Hj8m8Wms

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4C9AA0BE4B94523A1A22AE7B791F212&google_push=AaAOQGGknOiaYGPQBgtz2TdAsp6tv_dGrJyeKo-G_7D08hcEV7m00_G0rkqyvazUru9c_mZR1q9xh7i6sHDV68wJQH6Hj8m8Wms
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 05 Jul 2023 11:28:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB87
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGsMvkHriIjqMUkRolqa8-k&google_cver=1&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcANn...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGsMvkHriIjqMUkRolqa8-k&google_cver=1&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcA...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcANnmgeXV

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcANnmgeXV

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGY6po21JwjWiMApmc3l8ajPCszL44_Mt-viF9B3Oxre28KforcgXUuNCJYdGAzAnS5E5MiSrI02WWClDkfzpHcANnmgeXV
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame EB87
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-IEI2jUtBRcMlSchzqAzymrH1p4qK1We3Vj0bkQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

32ms
31ms

Image
image/gif

178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 101660
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB87
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFxZm8mHSKf_DvNzo908B-U&google_cver=1&google_push=AaAOQGEadPKLwB7Xh9FuqyJ9PybUmTYrHG__BhdHLg4DKNFFK2YBg33taZo0HVS3JSrlSDSRD83...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0YtTi1JNlVM&google_push=AaAOQGEadPKLwB7Xh9FuqyJ9PybUmTYrHG__BhdHLg4DKNFFK2YBg33taZo0HVS3JSrlSDSRD83rq06N_peF6x-uRU8g-ZJtXkc

170 B
188 B

67ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0YtTi1JNlVM&google_push=AaAOQGEadPKLwB7Xh9FuqyJ9PybUmTYrHG__BhdHLg4DKNFFK2YBg33taZo0HVS3JSrlSDSRD83rq06N_peF6x-uRU8g-ZJtXkc

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSMkRLS0YtTi1JNlVM&google_push=AaAOQGEadPKLwB7Xh9FuqyJ9PybUmTYrHG__BhdHLg4DKNFFK2YBg33taZo0HVS3JSrlSDSRD83rq06N_peF6x-uRU8g-ZJtXkc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB87
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECGmmx8JmU2trBnxbvx5Nvs&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGmmx8JmU2trBnxbvx5Nvs&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGH5_5KlpkBCmFSpmJFqEDhBdbiFLFPsU...

170 B
188 B

69ms
67ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGmmx8JmU2trBnxbvx5Nvs&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGH5_5KlpkBCmFSpmJFqEDhBdbiFLFPsUK6BM4s7Ur49VqV2VdJFucpItehKhaSRNTz52ALa95NQ10ks-uvdCuEPBRfGs2XO

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECGmmx8JmU2trBnxbvx5Nvs&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGH5_5KlpkBCmFSpmJFqEDhBdbiFLFPsUK6BM4s7Ur49VqV2VdJFucpItehKhaSRNTz52ALa95NQ10ks-uvdCuEPBRfGs2XO
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB87
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGaRwj44PPosOgtFkqOwP28&google_cver=1&google_push=AaAOQGHJ5o5IeS01buR8oMHr_oe3Plh1XW6stscUgCF76E8YDodBQuYuLenmipujKF5gNAJrud3deBVmgJ39...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHJ5o5IeS01buR8oMHr_oe3Plh1XW6stscUgCF76E8YDodBQuYuLenmipujKF5gNAJrud3deBVmgJ392udxQK9yCYD6z4FM

170 B
188 B

68ms
66ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHJ5o5IeS01buR8oMHr_oe3Plh1XW6stscUgCF76E8YDodBQuYuLenmipujKF5gNAJrud3deBVmgJ392udxQK9yCYD6z4FM

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHJ5o5IeS01buR8oMHr_oe3Plh1XW6stscUgCF76E8YDodBQuYuLenmipujKF5gNAJrud3deBVmgJ392udxQK9yCYD6z4FM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame EB87
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGaRwj44PPosOgtFkqOwP28&google_cver=1&google_push=AaAOQGEsqYYELBlXiP4iOxqBd_hy-Po8pKI5ZhCDwBwVVplqVGdvZ5w5qmzGD-59a1971syWw0VDbJCn_Ns...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEsqYYELBlXiP4iOxqBd_hy-Po8pKI5ZhCDwBwVVplqVGdvZ5w5qmzGD-59a1971syWw0VDbJCn_NsBuf1vzZ0Au_3zEBZqAA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

30ms
27ms

Image
text/plain

51.89.9.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.251 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EB87 0
12 B 64ms
63ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuKH-yiBuOHxsdYXUufz0ZnJGNT_4N4041POEf6gl3y2F2I_ilZSP6wqbFkJ1jJ7itzc4yNg

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame 35D6 0
54 B 34ms
33ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ljr2dka2&c=3549218858330&slotId=1774609429165&qqid=CIrkg_z8-f8CFZJAHQkd6B4Jrw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 35D6 41 KB
15 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jun 2024 17:15:18 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-5hnednsz.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 35D6
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-5hnednsz.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

190ms
38ms

Fetch
video/mp4

2a00:1450:400e:11::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hnednsz.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2DFF3846BDF5403C2A9CE12CE2FDD09C8905EA9A.6FA262CEAB4683D8B7DC1AB2740129F649301929/key/cms1/cms_redirect/yes/mh/C5/mip/2a03:1b20:b:f011::4e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1688642079/mv/u/mvi/5/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:11::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 11:28:09 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
Last-Modified: Wed, 05 Jul 2023 13:14:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 06 Jul 2023 11:28:09 GMT

Redirect headers

date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
location: https://r5---sn-5hnednsz.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2DFF3846BDF5403C2A9CE12CE2FDD09C8905EA9A.6FA262CEAB4683D8B7DC1AB2740129F649301929/key/cms1/cms_redirect/yes/mh/C5/mip/2a03:1b20:b:f011::4e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1688642079/mv/u/mvi/5/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7EEE 22 KB
8 KB 59ms
59ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 163828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 13:57:41 GMT
expires: Wed, 03 Jul 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FA4A 0
10 B 55ms
55ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yxefvw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 7B51 577 B
481 B 38ms
37ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1688642889518&uv=3296&tms=1688642889518&abt=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4bc0a233-8115-4256-83ff-c4c1e5cb99ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/138735.383.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ab09ebb4db91678901c83b987878b82f9826af59b3f96a554343cb911feadd70

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 06 Jul 2023 11:28:09 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230081-FRA
x-timer: S1688642890.534019,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame C385 439 B
524 B 62ms
33ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/138735.383.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e2473bc8b6761325ed52f2ef861de8b20520ad93d4877d2d14a25eaf4075a0d0

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 06 Jul 2023 11:28:09 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 5BC9 2 KB
784 B 247ms
246ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1688642889523&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1532&pt=-653683437&tz=0&viewable=true&ddast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=2&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1386735&dpubid=251245&abtst=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fonedio.com&en=1&subu=3
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d311bb0b9f68ecb7f93c90d1d589d90c35377ddc636eb3676c37471cfd63ff5

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 06 Jul 2023 11:28:09 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1477
x-cache: MISS
x-served-by: cache-fra-eddf8230081-FRA
pragma: no-cache
server: nginx
x-timer: S1688642890.538638,VS0,VE218
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://onedio.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame 5BC9 0
43 B 47ms
40ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&cmcv=&pix=31589837&cb=1688642889518&uv=3296&tms=1688642889518&abt=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1688642886232.1!ts:1688642889518&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
content-length: 0
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4CEA 22 KB
8 KB 58ms
58ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 163828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 13:57:41 GMT
expires: Wed, 03 Jul 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8414893630757870910/ Frame C166 1 KB
767 B 65ms
64ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33bb3637c12a17fbc18a9b93ceea2171d0506135347de1fe4a541be60f519453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:09 GMT
expires: Fri, 05 Jul 2024 11:28:09 GMT
last-modified: Thu, 27 Apr 2023 13:53:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 100F 0
0 391ms
112ms Fetch
image/gif 172.217.16.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJ_h5Lo3rM0AVpNZG_3ljP7aJuYMDnip1lE8lIlfBqaLJ_yZCzVczAzg2rCtZPflaf7O921-cdJ6E2zC47RKVxojaaBEGGLBYxLCZp-tpatgxAuzaIvVuYZLfW3uPz0LfqKRTHKXBxAdP4QNNZWRNh3EwpufhzS4jwOAFM9Amro4lf6_hct5BDwSj9sf1J4uwCmNwlfH27ztiP4s1b5kW_R6FFwc-lH8g8CdlIyZ15Sr8SLwkKeFCskZcXLvAQTbaywF_FTRpLGXT96VfEkOl7Yfhk8kUJcZCpKBTecTJA-pN9bScJYRMJ5EiuKtIVn6URoPpEHS34LGcoZqrpvkG-YdqM9H9EEEMRVsDF9n715JVwISTaRr0QqjVRTQT3t-9KNNbFB_8bOG05ZSl2ksKbLTrduYPOoZJE-MtU2aezByxI8ob82iailtGqqzcKQO3DXVjetoNUXLUAkcWJdd91oU-r-bnXpVkMnTIjyIt8u-XfkaerjHbjCTpq1J7BgDQ6NWaz9chNfkSxosuydeWz5MFMrTioowAhCghngaRml-VrertT1f-jfQhp5lclmrZC02QAZBDf6ObwXRJjjLQoW2f6rzHJXfNyBt_UEpdWEgYoLz1HBs5e_TBgXmx93mv2vTEMZgJs6PiYxNE7QyuXhJCvRKMPWNwEeaFveCbZH5D7W3tVXsSaAkx6KnIp85sXZAsFe6Qdx6bYoaB3_ln0OW5DtOvwx5Q-cGHso9oN_AktOLDxb7oF15yvBvf59-0lJQzFuHYd6wI6a4Ydi3W73QeSgGe1syN113t4M9zZ2K0n0V_EWGlLgneP009H9PnFIqlysx5WdeMBwEeOVBhhp6y9FkL5Wd4PK7bskCxORSdbjKr8xILJ5QQ1hW1dbqv_3P1IseBmyMRLGimkl2KpOekH_mG0MgeAxPbHBX8zhsfhBISNV1WdD7DBIivxRZrz-eEnIXbRfd00NL94sECmWySfVbR5eP8DPP38ugIkhCdCiqaALoAf8njBr1mIK9DGB7R_NiNcvJHiFezMMd5qY3FiGAyKhgO1aRHgcrn8ZzIToCpdsveJtMyMwS4ypZRaNoATutSDYPgv3k4ZvFh_RgOOp6DRRj_24cQDc54kDpSXlEfERRtHW-iSHHSD0IM-2xqrtlcCiG9j1WsoAav17ODgg1ZbluELqsjDvCZ4pWCdlJU_98c4GNljClhyDKKZeFMgKBE8huSR6ruMccP7BIQ8cKodRjGM2VdnKZ0vL3EG6Bk9xLI&sai=AMfl-YRtnutOq39jdT4w_NTbLrf1vUWslc7NHk4lnpMGvkERD2FTjNCeb5EmEaeURKO5Na2zLK22O6avBDgpsSSFPhLoiFBMQTfrGfoDAP-ngwugFSTbT2ma-WdedODUuXU7xenHgTpG4krgS8fLwaLhUaHcGUJeDOX8qwEEO5KZjqas5pQEuXsxJA5JqM_46cYYwgXYZIRwTO7v&sig=Cg0ArKJSzHLyJrNYb9qgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=353&cbvp=1&cstd=342&cisv=r20230628.71508&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:28:09 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 100F 43 B
1 KB 328ms
34ms Image
image/gif 213.202.235.10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=30080696&extCr=181030986&extPm=369968709&gdpr_consent=&gdpr=

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 -, , ASN (),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 06 Jul 2023 11:28:09 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 06 Jul 2023 11:28:09 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 4EA9 47 KB
12 KB 63ms
63ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 11:28:09 GMT
expires: Fri, 05 Jul 2024 11:28:09 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A647 0
0 372ms
113ms Fetch
image/gif 172.217.16.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFh-WRTG9TYYKRdXwkJnGpwlMxFXNcxEtc3m3Rny-efSEfQH9mSzyGzLNDuxU8LnZYf_PDu5YENiSgPrCIes2ZpedvkhAKHaAJ9QwDPG62F0Igs0RGEBgEMpF5eBugHKQHy1m7IAI1_oCtQxd3tD8HLN_RKO3DJNuSjSKwoC58f0Lb4xq47ta43oYdx-X4biHgl52NudDFuNbUiwIM2ePPMu0nPBYwOo2g8__Dzg9nHbUuY02feg6GgyIdJLoqRodq8zTYWmaUt0H--e9qmOE7QDze57K4F73Ys1nGlkNLJD-zZ9kOrwQt6wzwnLmPbvjL_6y9OxDRLIDIGcjOni-YgHpdCI4AijChChV2Ptuqmhppr7aTgUrBTOra6qu5db82yI2yE9K89XdY9alXFmsEKsvdP_o9qkGp-3UEENEXOb4OybPNYjtBzaES1jXK5usGD6lXWy9yky0hfuVhjtdzkSp1KZLK5dloOQ9HbpMOH9nWykftMf-qSPO9Qw-e_RwBnBQ1Olqd58N2NSKXuLoQuvlmqNixr-NiKv7YLOeMqYctAhzcoOXNz7xrFwtsNpfghK_sqeAwgEmCAfrAiY5nAsYHEO7p6r25N0IhHCREmVRdC1qN_DOiDVa_onfdtdx0_uMYZKTN83C30MNJAph3onpEDJST8huN755ihP6xadREAsYudg9t9VYd9_5BoAxLAxxwXNkIKi7HsTVqsJ_iDqVFxmd7ptPA4ZVIu14f1XC0AvASY9GtIyzrKQmnvtKpXml1H35419T0fB1S37RldNOj9dBSMu-HQi7ERz1nRpRso-54Jeyo2xN9onjSkLh-tBf0cZN1-m8WfTMAHPs08gV_ncrxOrMXZsenIJv1Q3P7nCDV-Alr-c8bwIIsvbQIzi0POlMt53dDD5HNRcCxZ_bHdsMGBussLdoLyjDFIKzpqaOG0KRPdgRggOgdlCfiEadQNhMJQzsA3XYpPuEMrWqVTs2jr_jkwC9slGrKrt816018gcK1a3m7P_wgLex_sxONi24qYwMm1EQ4LIejKMreSu7ru_2e0QfQPCHEF8MMAi4TwY3Spnk5z4R0GjyT4ORSJDHukyPyglt4qTHZ4X3zDO3pK7ww3AtMK44Key9FuhQhQiMD8warIjT4EKYa-emTn3jlspv3cRQhEzEj3uVspw4yYVRNh8BDJgZEoANnWO-2vQVW1CJxZWSoZ39CKAfyEpl7TEV1ME5hionKAS9q601V7rjTeLSLEt4PzVecsmpFcjVET2VyXQk16H_XxMIjTIKIwsa3y_c&sai=AMfl-YQHH1vrXFlW9aJCOycVwnFAc0IdaXyYzHOSrZdXPwyzANvKkhB6DcznMHM0ipRfKmnJXMzXeIwzYMF2TPuholqY4Jh9pQqZonoOCwtbjwC3zHrvAJBEVg0flnDGUw5XH6sHia1s4lPDdcwKtuSMXgIh_Ud0xXcK3UqgapfQBQdbYZSAUKz_qa3hCrroIq_HUOIoUa-40fJ-F-0XKQ2gQ9Sn85xhL1JfxKWUFA&sig=Cg0ArKJSzHEDJ9H7tl_4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&cbvp=1&cstd=214&cisv=r20230628.87413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 06 Jul 2023 11:28:09 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2215 35 B
463 B 257ms
29ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP5ffh-IPVO8yK0k3LYXnfg&google_cver=1&google_push=AaAOQGF38iqTIAsVBi-nseVhanyfg49AiU5qvOmEcnfFmStjefyyii02pfAErNugAFHI-nVyPFqzEw-iAnyDG6a3cJ4C1OBffA

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2215
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKNMDT4OEq8_zh_hlzXIJvU&google_cver=1&google_push=AaAOQGGolvaMPUPSEc6lZgckOA1xp1hxCJGUkLPqxPKEOKtI-07qkqkDCz6rGwFhgYgBnAjYpkAEX...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGGolvaMPUPSEc6lZgckOA1xp1hxCJGUkLPqxPKEOKtI-07qkqkDCz6rGwFhgYgBnAjYpkAEXZPBthVsHba2t2lxE-OvrHQ

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGGolvaMPUPSEc6lZgckOA1xp1hxCJGUkLPqxPKEOKtI-07qkqkDCz6rGwFhgYgBnAjYpkAEXZPBthVsHba2t2lxE-OvrHQ

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Jul 2023 11:28:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 59EEA4E891EC4A0893FEE5B3B0FEFEF1 Ref B: FRAEDGE1117 Ref C: 2023-07-06T11:28:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGGolvaMPUPSEc6lZgckOA1xp1hxCJGUkLPqxPKEOKtI-07qkqkDCz6rGwFhgYgBnAjYpkAEXZPBthVsHba2t2lxE-OvrHQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/z8+bP7RSu9wneMfF7Q==

GET

sync
a.sportradarserving.com/ul_cb/ Frame 2215
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDDAABpHepVt19JsdLaonbM&google_cver=1&google_push=AaAOQGGte3jFebh0fEW5s8r5DQv4wDbfotC1ZBY953XdS0FVRt7MIb2JgN2ffRAu1uKfREg8VxzsBuLPjyRkGBfQrKdU...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDDAABpHepVt19JsdLaonbM&google_cver=1&google_push=AaAOQGGte3jFebh0fEW5s8r5DQv4wDbfotC1ZBY953XdS0FVRt7MIb2JgN2ffRAu1uKfREg8VxzsBuLPjyRkGB...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2215
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENh_LNxpgmi7UNjaIUUXyEo&google_cver=1&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiifL3ewg
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENh_LNxpgmi7UNjaIUUXyEo&google_cver=1&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiif...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiifL3ewg

170 B
188 B

65ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiifL3ewg

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFlqszQabfn9-wR_cvDmTzIQNac8kMcF3KwOErIhSgBHIS81k8YkyuzDMDfWhRmy-Y1SiyJVVc-sBjCsEtLGEiifL3ewg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2215
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOgJsYe7hw75vsnQYGeaM9M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOgJsYe7hw75vsnQYGeaM9M&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGGxGwJIUAIADUrA8Oeps0jm71NKC3HyI...

170 B
188 B

66ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOgJsYe7hw75vsnQYGeaM9M&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGGxGwJIUAIADUrA8Oeps0jm71NKC3HyI6g6mpEwkgAJ1rjm0u4eEGcw9Dsf6t_kf5tAzjBS-W3vC_ivdEl8xKnDDVHMvBg

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 11:28:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOgJsYe7hw75vsnQYGeaM9M&google_hm=ZKalSKlQ6LirERDMhe1ykQAABIQAAAIB&google_nid=index&google_push=AaAOQGGxGwJIUAIADUrA8Oeps0jm71NKC3HyI6g6mpEwkgAJ1rjm0u4eEGcw9Dsf6t_kf5tAzjBS-W3vC_ivdEl8xKnDDVHMvBg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2215
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEHdLG_a9_IGnor2ONls6Edg&google_cver=1&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6HI56gT-...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHdLG_a9_IGnor2ONls6Edg&google_cver=1&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6H...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QEZPbO-pSFOzaMkxaeSj3A&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6...

170 B
188 B

66ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QEZPbO-pSFOzaMkxaeSj3A&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6HI56gT-P3hw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QEZPbO-pSFOzaMkxaeSj3A&google_push=AaAOQGFzyI25u4i6tmRqK0LKcyK_1VII3gadUwd5atIe7iO4wZTgwyijFjijUOBg1X9hK7YR5Mw7XAdHlmgmIL6HI56gT-P3hw
access-control-allow-origin: *
date: Thu, 06 Jul 2023 11:28:09 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2215
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-54a7f0e6-4490-4433-998b-b3ce2dd598d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGE13kfUxhBG-sJqphdpC...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo&google_hm=A1Sn8OZEkEQzmYuzzi3VmNk

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo&google_hm=A1Sn8OZEkEQzmYuzzi3VmNk

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGE13kfUxhBG-sJqphdpCy-FBUG7lm9xdyHm8wbhfV1Bm0pBctwMLZj_EPKgDAUojmIuM-Rnbi0GeyfJgrzOiOsoTa5wxDo&google_hm=A1Sn8OZEkEQzmYuzzi3VmNk
date: Thu, 06 Jul 2023 11:28:10 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX54a7f0e644904433998bb3ce2dd598d9003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2215 0
12 B 64ms
62ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuOOPu5WMDW4CvTS_Z0myg1pylReFZtqyCb0TxMhksjG-ZwWRmK-adC4FYocNttaQ2BG2-

Requested by

Host: 1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
URL: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7B51 70 B
264 B 48ms
44ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1688642889518&uv=3296&tms=1688642889518&abt=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4bc0a233-8115-4256-83ff-c4c1e5cb99ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 7B51 43 B
425 B 283ms
59ms Image
image/gif 2a05:d018:d29:3605:d2e9:b819:ceaf:6f11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1688642889518&uv=3296&tms=1688642889518&abt=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4bc0a233-8115-4256-83ff-c4c1e5cb99ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:d2e9:b819:ceaf:6f11 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C385 70 B
264 B 49ms
45ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 11:28:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C385 43 B
426 B 280ms
57ms Image
image/gif 2a05:d018:d29:3605:d2e9:b819:ceaf:6f11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:d2e9:b819:ceaf:6f11 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame C385 0
125 B 226ms
31ms Image
text/plain 3.75.62.37

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2D9C 281 B
554 B 242ms
32ms Document
text/html 95.101.149.233

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1688642889518&uv=3296&tms=1688642889518&abt=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vD&ru=https://pcloak.blob.core.windows.net/&ft=2&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4bc0a233-8115-4256-83ff-c4c1e5cb99ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Jul 2023 11:28:09 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 985F 23 KB
8 KB 65ms
55ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 57745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 19:25:44 GMT
expires: Thu, 04 Jul 2024 19:25:44 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C166 113 KB
38 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 11:28:09 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C166 118 KB
40 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 13:52:36 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4EA9 118 KB
40 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 13:52:36 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4EA9 63 KB
25 KB 147ms
146ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 11:28:09 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EEE 38 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 09:16:54 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 4CEA 38 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 09:16:54 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_9_6/infra/ Frame 5BC9 887 KB
148 KB 97ms
36ms Script
application/javascript 151.101.65.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_6/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/138735.383.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 -, , ASN (),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9f77665bfa9b00a8c9bfb3e32e43b8a34dac9c2d90e452b76bb38d809871c334

Request headers

Referer: https://onedio.com/
Origin: https://onedio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1688548110
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KYKVYXXDA6ZSRB1C
age: 94638
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688548110
x-amz-meta-mode: 33188
content-length: 150555
x-amz-id-2: l7h/4N+fhzNQ6iOrDrgPHhjmRLg9l05QT/W0jr3UYrx81ydhhGitS0Vfq1rt82ddTd3n5GhPk3w=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Wed, 05 Jul 2023 09:08:31 GMT
server: AmazonS3-br
x-timer: S1688642890.857193,VS0,VE0
etag: "d3ef5cd48998c7822cd2d3882cb8fef7"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 14598

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_9_6/assets/css/ Frame 5BC9 60 KB
8 KB 28ms
28ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_6/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/138735.383.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: abc000df2ffea85dee2dba713684eb45e3a9abbef01a3e14fcfc00009652ffba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1688548131
date: Thu, 06 Jul 2023 11:28:09 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 1K1E2EB8GPA1NJ98
age: 94641
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688548131
x-amz-meta-mode: 33188
content-length: 7936
x-amz-id-2: mZhjGkb0XKV7mFGTfG+Kfa7QueykCQHbk83O4WXNGQkjgC/flwhEmoP/Wn6u6Bf3SfqP04w1o2c=
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 05 Jul 2023 09:08:52 GMT
server: AmazonS3-br
x-timer: S1688642890.788091,VS0,VE0
etag: "4aae5eeb65b54657d88d759090f15617"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 32311

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A647 0
0 93ms
93ms Fetch
image/gif 172.217.16.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFh-WRTG9TYYKRdXwkJnGpwlMxFXNcxEtc3m3Rny-efSEfQH9mSzyGzLNDuxU8LnZYf_PDu5YENiSgPrCIes2ZpedvkhAKHaAJ9QwDPG62F0Igs0RGEBgEMpF5eBugHKQHy1m7IAI1_oCtQxd3tD8HLN_RKO3DJNuSjSKwoC58f0Lb4xq47ta43oYdx-X4biHgl52NudDFuNbUiwIM2ePPMu0nPBYwOo2g8__Dzg9nHbUuY02feg6GgyIdJLoqRodq8zTYWmaUt0H--e9qmOE7QDze57K4F73Ys1nGlkNLJD-zZ9kOrwQt6wzwnLmPbvjL_6y9OxDRLIDIGcjOni-YgHpdCI4AijChChV2Ptuqmhppr7aTgUrBTOra6qu5db82yI2yE9K89XdY9alXFmsEKsvdP_o9qkGp-3UEENEXOb4OybPNYjtBzaES1jXK5usGD6lXWy9yky0hfuVhjtdzkSp1KZLK5dloOQ9HbpMOH9nWykftMf-qSPO9Qw-e_RwBnBQ1Olqd58N2NSKXuLoQuvlmqNixr-NiKv7YLOeMqYctAhzcoOXNz7xrFwtsNpfghK_sqeAwgEmCAfrAiY5nAsYHEO7p6r25N0IhHCREmVRdC1qN_DOiDVa_onfdtdx0_uMYZKTN83C30MNJAph3onpEDJST8huN755ihP6xadREAsYudg9t9VYd9_5BoAxLAxxwXNkIKi7HsTVqsJ_iDqVFxmd7ptPA4ZVIu14f1XC0AvASY9GtIyzrKQmnvtKpXml1H35419T0fB1S37RldNOj9dBSMu-HQi7ERz1nRpRso-54Jeyo2xN9onjSkLh-tBf0cZN1-m8WfTMAHPs08gV_ncrxOrMXZsenIJv1Q3P7nCDV-Alr-c8bwIIsvbQIzi0POlMt53dDD5HNRcCxZ_bHdsMGBussLdoLyjDFIKzpqaOG0KRPdgRggOgdlCfiEadQNhMJQzsA3XYpPuEMrWqVTs2jr_jkwC9slGrKrt816018gcK1a3m7P_wgLex_sxONi24qYwMm1EQ4LIejKMreSu7ru_2e0QfQPCHEF8MMAi4TwY3Spnk5z4R0GjyT4ORSJDHukyPyglt4qTHZ4X3zDO3pK7ww3AtMK44Key9FuhQhQiMD8warIjT4EKYa-emTn3jlspv3cRQhEzEj3uVspw4yYVRNh8BDJgZEoANnWO-2vQVW1CJxZWSoZ39CKAfyEpl7TEV1ME5hionKAS9q601V7rjTeLSLEt4PzVecsmpFcjVET2VyXQk16H_XxMIjTIKIwsa3y_c&sai=AMfl-YQHH1vrXFlW9aJCOycVwnFAc0IdaXyYzHOSrZdXPwyzANvKkhB6DcznMHM0ipRfKmnJXMzXeIwzYMF2TPuholqY4Jh9pQqZonoOCwtbjwC3zHrvAJBEVg0flnDGUw5XH6sHia1s4lPDdcwKtuSMXgIh_Ud0xXcK3UqgapfQBQdbYZSAUKz_qa3hCrroIq_HUOIoUa-40fJ-F-0XKQ2gQ9Sn85xhL1JfxKWUFA&sig=Cg0ArKJSzHEDJ9H7tl_4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=559&vt=11&dtpt=331&dett=3&cstd=214&cisv=r20230628.87413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 11:28:09 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2D9C 34 KB
10 KB 37ms
36ms Script
text/html 95.101.149.233

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9f6410ae85726ec4d2345689acf227ea4559ab9a03510fcc04b0c86bc6ee7aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 11:28:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 07:36:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=72452
Connection: keep-alive
Content-Length: 10153
Expires: Fri, 07 Jul 2023 07:35:41 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5BC9 43 B
365 B 37ms
36ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jun 2024 11:28:09 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5BC9 43 B
365 B 38ms
37ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jun 2024 11:28:09 GMT

GET
H3 206 file.mp4
r5---sn-5hnednsz.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720178889/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 35D6 2 MB
2 MB 64ms
31ms Media
video/mp4 2a00:1450:400e:11::a

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:11::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 06 Jul 2023 11:28:10 GMT
date: Thu, 06 Jul 2023 11:28:10 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2208367/2208368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
last-modified: Wed, 05 Jul 2023 13:14:40 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
client-protocol: quic

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 100F 0
0 95ms
94ms Fetch
image/gif 172.217.16.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJ_h5Lo3rM0AVpNZG_3ljP7aJuYMDnip1lE8lIlfBqaLJ_yZCzVczAzg2rCtZPflaf7O921-cdJ6E2zC47RKVxojaaBEGGLBYxLCZp-tpatgxAuzaIvVuYZLfW3uPz0LfqKRTHKXBxAdP4QNNZWRNh3EwpufhzS4jwOAFM9Amro4lf6_hct5BDwSj9sf1J4uwCmNwlfH27ztiP4s1b5kW_R6FFwc-lH8g8CdlIyZ15Sr8SLwkKeFCskZcXLvAQTbaywF_FTRpLGXT96VfEkOl7Yfhk8kUJcZCpKBTecTJA-pN9bScJYRMJ5EiuKtIVn6URoPpEHS34LGcoZqrpvkG-YdqM9H9EEEMRVsDF9n715JVwISTaRr0QqjVRTQT3t-9KNNbFB_8bOG05ZSl2ksKbLTrduYPOoZJE-MtU2aezByxI8ob82iailtGqqzcKQO3DXVjetoNUXLUAkcWJdd91oU-r-bnXpVkMnTIjyIt8u-XfkaerjHbjCTpq1J7BgDQ6NWaz9chNfkSxosuydeWz5MFMrTioowAhCghngaRml-VrertT1f-jfQhp5lclmrZC02QAZBDf6ObwXRJjjLQoW2f6rzHJXfNyBt_UEpdWEgYoLz1HBs5e_TBgXmx93mv2vTEMZgJs6PiYxNE7QyuXhJCvRKMPWNwEeaFveCbZH5D7W3tVXsSaAkx6KnIp85sXZAsFe6Qdx6bYoaB3_ln0OW5DtOvwx5Q-cGHso9oN_AktOLDxb7oF15yvBvf59-0lJQzFuHYd6wI6a4Ydi3W73QeSgGe1syN113t4M9zZ2K0n0V_EWGlLgneP009H9PnFIqlysx5WdeMBwEeOVBhhp6y9FkL5Wd4PK7bskCxORSdbjKr8xILJ5QQ1hW1dbqv_3P1IseBmyMRLGimkl2KpOekH_mG0MgeAxPbHBX8zhsfhBISNV1WdD7DBIivxRZrz-eEnIXbRfd00NL94sECmWySfVbR5eP8DPP38ugIkhCdCiqaALoAf8njBr1mIK9DGB7R_NiNcvJHiFezMMd5qY3FiGAyKhgO1aRHgcrn8ZzIToCpdsveJtMyMwS4ypZRaNoATutSDYPgv3k4ZvFh_RgOOp6DRRj_24cQDc54kDpSXlEfERRtHW-iSHHSD0IM-2xqrtlcCiG9j1WsoAav17ODgg1ZbluELqsjDvCZ4pWCdlJU_98c4GNljClhyDKKZeFMgKBE8huSR6ruMccP7BIQ8cKodRjGM2VdnKZ0vL3EG6Bk9xLI&sai=AMfl-YRtnutOq39jdT4w_NTbLrf1vUWslc7NHk4lnpMGvkERD2FTjNCeb5EmEaeURKO5Na2zLK22O6avBDgpsSSFPhLoiFBMQTfrGfoDAP-ngwugFSTbT2ma-WdedODUuXU7xenHgTpG4krgS8fLwaLhUaHcGUJeDOX8qwEEO5KZjqas5pQEuXsxJA5JqM_46cYYwgXYZIRwTO7v&sig=Cg0ArKJSzHLyJrNYb9qgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=760&vt=11&dtpt=407&dett=3&cstd=342&cisv=r20230628.71508&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 11:28:10 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ Frame 5BC9 16 KB
5 KB 29ms
29ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:10 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1645495
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1688642890.106941,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 28793

GET
H2 200 OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.2/ Frame 5BC9 446 KB
84 KB 29ms
28ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.2/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1688547672
date: Thu, 06 Jul 2023 11:28:10 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: HCBFDN8P18ZRA2KB
age: 95152
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688547686
x-amz-meta-mode: 33188
content-length: 85129
x-amz-id-2: Su6c7tvCgY+8RsNeEB6an+c0hzavk3dajOPv7X5rZ0qY0pcIVDS3W0YG1k2Ds9XruTPppvJWuus=
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 05 Jul 2023 09:01:27 GMT
server: AmazonS3-br
x-timer: S1688642890.132442,VS0,VE0
etag: "db4d1adccf0dba13bf77914eb2854b82"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 31200

GET
H2 200 sync
am-match.taboola.com/ Frame 7C6A 439 B
524 B 38ms
37ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://onedio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 06 Jul 2023 11:28:10 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ Frame 5BC9 0
43 B 37ms
36ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&cmcv=&pix=31579697&cb=1688642890124&uv=3296&tms=1688642890124&su=3&abt=dfrc_vA!ll138735-383_vA!nonrv_vA!ntvc_vA!t45!ufm_vG&ru=https://pcloak.blob.core.windows.net/&ft=2&unm=FEED_MANAGER&su=3&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:10 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2D9C 284 B
536 B 135ms
30ms Image
image/jpg 69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 985F 37 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:16:39 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 22DB 42 B
64 B 92ms
92ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvOOfUKVyZDL7GAZdpuKi6sFwJxfpqdJE3MUTOlcMvj-aLQzpGB6XH_6WfaN_dE2Z6LacX7gy9_lrNpwOmvk6_qZ_lH80oXXQ04beq6SxRrHyW1aI9F9LJevztOTiC_59oFAgiQN7J96v8&sai=AMfl-YTdQ4bywpRm_gqAFFq3YSArgAbKveuzbOYw6xK97kH12Xtgon7uOpwIlwAAGDOkxdni-4BjbazWbWYC&sig=Cg0ArKJSzM0GkcntznG3EAE&cid=CAQSGwBygQiD0VgN3SuWZv7x2pBTPfJ4DFnYGma4YxgB&id=ampim&o=0,228&d=300,227&ss=1600,1200&bs=300,227&mcvt=1038&mtos=0,0,1038,1038,1038&tos=0,0,1038,0,0&tfs=484&tls=1522&g=100&h=100&tt=1522&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 11:28:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4EA9 47 KB
47 KB 67ms
66ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:21:01 GMT
x-content-type-options: nosniff
age: 429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 11:36:01 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4EA9 46 KB
46 KB 55ms
54ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:16:29 GMT
x-content-type-options: nosniff
age: 701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 11:31:29 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 4EA9 7 KB
6 KB 101ms
99ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5802
x-xss-protection: 0

GET
H3 200 60005582_20230704081939926_APP_iPhon14Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4EA9 29 KB
29 KB 71ms
70ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230704081939926_APP_iPhon14Pro_Asset.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dafa5a247facfc545e94a09ea12da423909aefca05557ec1a73e6d296fc540aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:06:52 GMT
x-content-type-options: nosniff
age: 8478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29704
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:19:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 09:06:52 GMT

GET
H3 200 60005582_20230704052205808_300x250_GRAD.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4EA9 17 KB
17 KB 76ms
76ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230704052205808_300x250_GRAD.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee68049857997e40385cc9a493f2e8d598c4682b8eefe7790992aab06be465cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:06:52 GMT
x-content-type-options: nosniff
age: 8478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17240
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 12:22:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 09:06:52 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 4EA9 43 B
609 B 146ms
46ms Image
image/gif 141.101.90.98

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695495_145340772_PO1101A20230705&ref=29118705_4307561_354695495_145340772_PO1101A20230705
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 11:28:10 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 10023075
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 01 Mar 2023 07:22:36 GMT
Server: cloudflare
etag: "2b-5f5d1938cc700"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 52523298
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7e2780b03a0d9bb8-FRA
Expires: Fri, 05 Jul 2024 11:28:10 GMT

GET
H3 200 main.js
s0.2mdn.net/creatives/assets/4703545/ Frame C166 3 KB
1 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=VXyWUklXx5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 11:29:11 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame C166 8 KB
6 KB 107ms
107ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5844
x-xss-protection: 0

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 5BC9 89 KB
0 32ms
30ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://onedio.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 06 Jul 2023 11:28:10 GMT
via: 1.1 39ab62538ffdeaa07dae29bbaa23912e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: BUD50-C1
age: 1337974
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1688642890.209450,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Y5PeO3Y0Tpu9cajvjxAiHpbNytwecYuggckypqPAK8vFX1mH5GYqSA==
x-cache-hits: 130366

POST
H2 204 bulk
trc.taboola.com/onedio/log/3/ Frame 5BC9 0
314 B 37ms
37ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onedio/log/3/bulk?tvi2=54&route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by: Host: onedio.com
URL: https://onedio.com/_nuxt/91769df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://onedio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Thu, 06 Jul 2023 11:28:10 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7682
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230081-FRA
pragma: no-cache
server: nginx
x-timer: S1688642890.208900,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://onedio.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 4EA9 26 KB
26 KB 54ms
54ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=sxsxd1B91V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:23:12 GMT
x-content-type-options: nosniff
age: 298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 11:38:12 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7C6A 70 B
264 B 45ms
45ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bqcCLAZwWiZh-Tf6XBDgtEzC8m_0uSgAAABgYID-AAlNPIaFZbNZCxeL1Vo0Wc3Wws3M5taYNo6Va2NxLlc2IyChicewsGw2a-FisVqLJqvZWriZ2dwa08axcm0szuXKZgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG_Sh6XT4XPd6vd1lcvrtGr_bL3RYXJa_1vIyOd1ah-X0dCucJofpaXdan26dy_J0K8wOi9PstHyedqf1rbW8TE631mE5Pd1Kh8nlebqVZp_T7HRLnGa3y-60vnUuy8vrsruFLstb83K-FYPFYLgbzgEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AUBwMxGU5O-3-AAAAAAACAAAAgATAQHVbCYAKlPcT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQwl6mzm_tjVgiBaFFGAEAAAAIBsHHPzJJJ6hYVPn__--3AnAFACAgUaWe1CGL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEpAAA0gRVrReq-QUEAFjzCwgAwEbdAAC8CYATdAhaMRisTkIMNpPFcrFYzA4AAADAnf___389IOZcDhammXNk8Zg8y-VouFlunKuZbbAajXy75Wh7Ym4qKK0qjJn6hAjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsRgN0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgimPc2XzjUZrkW9mc4tGG89auXBZ1hKXxWIyrgwTi824Fr0-povDMFl4jFskGMC3F8nTIp0oFwvPZDKaOCzGiW-32g1WG4fDMZuNJhvHyLOwTcQSzckincgu-5pzOViYZs6RxWPyLJej4Wa5ca5mtsFqNPLtlqN9y-Nc2Xyj0Vrkm9ncotHGs1YuXJa1xGWxmIwrw8RiM65Fr4_p4jBMFh7jvjEbDmejyXA43Ddmw-FsNBkOh_sOneG7-pyNxpTw4pGpRsbo5WlzGhQug8X7k5gW0-7s4Je2jk6fz6Ms6Ix-v9_v9_v9fr_fb9B6DmaDwvcZ2h7XnmZ57KuWBbHBoIglgot0ore7TE6_RSxRmi7SiV7osLgsf63lZXK6tQ7L6elWOE0O09PutD7dOpfl6VaYHRan2Wn5PO1O61treZmcbq3Dcnq6lQ6Ty_N0K80-p9npljjNbpfdaX3rXJaX12V3C12Wt-blfCsGi8FwN5yIJYLTRToRvYyni_qPHGK5mWsmc8loOJeMhqsEAAAAAAAAAGAJppluAgAAAOBkIKvFZLRap4PYDGe7zWq5ACIaqHT9CE-Z_fNSxe-6gYR4987oOC_W2GMGb3eZnH4rA4hwwme22WcEsVarZQ0AAEAAGwAAQAA33XgTEBbF_f___48DAAAgI4ceAAAA_T4gqGoP3Kj1wn8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 11:28:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 7C6A 43 B
425 B 50ms
49ms Image
image/gif 2a05:d018:d29:3605:d2e9:b819:ceaf:6f11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ec9ef744-d7ff-44c3-9ae2-bebbd8e0bbf8-tuctba02ac8?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:d2e9:b819:ceaf:6f11 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 7C6A 0
38 B 32ms
31ms Image
text/plain 3.75.62.37

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.57 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:28:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4EA9 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 2731 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 5BC9 0
0

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame C166 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 100F 0
0

GET f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 5BC9 0
0

GET 970x250_de-de_traveltricks2.js
s0.2mdn.net/creatives/assets/4703545/ Frame C166 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a.sportradarserving.com
URL: https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy4IPOd6z5TlMXy4MxmGAJuweN9Orixm4-4I9iDoo6wwXZJUX2nlwwJDDiDw8r-Gys1nE_o5H6aRyWZt9zaCfh35YnbzHTZhfxHA8zHU1HY_n0Hak89vURXwftmmwlsnjvZuYvnLfnimOI&sai=AMfl-YSxAheEB3RO2dg3YFqwSUJBeNUJZ7elW8B8J5KEByfe70pHS1GRfDj0itLf3SJEbDYJml2eq-i44-iy5igpteVFot1crFf0U38&sig=Cg0ArKJSzJAXaqWvCDw4EAE&cid=CAQSKQBygQiDTBpCz66HNq_H5sjApnVxIh2vUWQqjhvgqHf-h8RQSCx_NKsfGAE&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1042&mtos=0,0,1042,1042,1042&tos=0,0,1042,0,0&tfs=440&tls=1482&g=100&h=100&tt=1482&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=4107566322556794&bg=!r6ylrPjNAAb90kgr3dI7ADkAdvg8WmBWaXCFOwfO6HYSbxd4Gcn3gjfyqXEVmn0wqejgggk3ybcNFO6YGHg1ftUjuil8DXaXl9MCAAACR1IAAAAHaAEHmQLRxShjZoYwXwpfKyXvVob1M8xasISxtCJM-art4hIcD-eseoii4YD7BJyD0-WHrJdXTRJQ0i4fQjTTRbeBLrSRGYOG6q3sZay347aU6AI67IzCgxzWiXKkjBMzH3K2HA7lFwg0yQ6h4Yeu2bnXnWMt0E_Dn0etj3OmKvOH5bl4M8CraFvYtKbawyyXaHBk3GQ6MAxsmQnrdKNu4Un1-yTaXQanSuHJ6VsNrjN2ootw_wCGct-bHQMdHoUIkvrWCa7FS0eQqCPIi3RBnSZR3Gi65LtyQoZxWdf8ZMY8KSYnA7tnQl84VhUq332M7HrJdwCzjxs1q7RbTdvQcLSchm4pL4QcWMZZD91nwXRpiu-GsYrtnKqepezZj5D07cidSLyS6dVIKhtO9UMTlrKS9A2nstz3nwHx7ExmyHQ2Nl9dzWp5e4th_y6p0vHuhQjzwZIKViZjjbEyCldzmO_mk1Ted_Q-1itSb6gcgXbBTEbqh2df_lXHoqdB2PmnrgRVI0M5glB4psoj0hCVWaqqTo34Kj2miOneKiUXHFq064MWayDFIhNkMJamQAPqyX1fk9Nx_KmKrTTvmDzEzxTOQdDl5WDC9Zvb-eDOG9NBLdZn9b8b_aqSP3eGumdfXsBXeW1ZiUL77KrIShgIWSLnZgwvcM7Us9MGmI8kd1Osl5d7ZgleLDHxQVfIxHbXEpr1juBIXMBaSLtT8AaANuzgSnUhUNSJVaXKRiDD1cl_6HBWgG5oIMmb6uJgXnwV5VzuJQy_tMV26JkknbiIX9gF8czUZEExtiT0P5DI7_TNHLHrUBT4eTc4ZDrvBhDI5hB_8LOPF7Gmv8VmAY-kTYnO4gWLtJAgcDYr9q-Rrg7S1Ggo4NwuoDsXUKYOdYnqJWpbyOh0M5yz4W_dmLBqPOpfYuukKzCq5w_m0MrcC1_-APvA0pa59frVhpO5DbO2IRbiHRMY9Q

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6mhBtYQAlILncQqKTMwBbzJknfXw_rIOQhYWXUQ3SD-hyaGw-CbLm2bJRBwk5Xomhm30ukVWdFiSL8PTJ8njhyKkW5WeNieSario6VSxBQNihhw--Cr8Fk8-AK8VxtHgqF5JYPP9Zlwtl&sai=AMfl-YRNR3zOgmqTFABvG8p-YMlqZRfsigseL9ZaYNuOf9DFuFFn1mMhFrwWmeSN3slkQfF1_k2egwgnqa7LryDNKtCjMQgoCaZGBYM&sig=Cg0ArKJSzHnq3OX_1NsuEAE&cid=CAQSKQBygQiD8BdBlQgckIXyRvDhT5BZPunfqXUoENVgAPy9aaKXeuHy2u0RGAE&id=lidar2&mcvt=1055&p=0,0,250,970&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2332837411&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688642888573&rpt=714&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_traveltricks2.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-20 13:48:41	Name: C Value: 1
.adform.net/	1970-01-20 14:30:26	Name: uid Value: 6335596293651793488
.criteo.com/	1970-01-20 22:25:38	Name: uid Value: 48955d23-78bb-41be-8430-f6347684f172
.tesseradigital.com/	1970-01-20 22:40:02	Name: tpuuid Value: Dwi9lRPi8mJIDBRmEdfLG3VANdng4UIQooebA9NKlYId
.doubleclick.net/	1970-01-20 22:25:38	Name: IDE Value: AHWqTUme3oFQ1Bo_IzgE55vBrxP0pJynYJtakjvHel0eecyHnlymWrlKNholqNbE5_8
.adnxs.com/	1970-01-20 15:13:38	Name: uuid2 Value: 1229957325023573822
.casalemedia.com/	1970-01-20 15:13:38	Name: CMPS Value: 1156
.casalemedia.com/	1970-01-20 15:13:38	Name: CMPRO Value: 1156
.casalemedia.com/	1970-01-20 21:49:38	Name: CMID Value: ZKalSKlQ6LirERDMhe1ykQAA
.doubleclick.net/	1970-01-20 13:04:06	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 15:13:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$OqMNqw!]tbPl1M>e)ZlrFUfJ+tGXxp)<Yy2_Kh8lhX#DV^S%YD7[J@RQNabF._c1rl3If)y3KL9D3I?*^PH<ED
.doubleclick.net/	1970-01-20 13:04:03	Name: test_cookie Value: CheckForPermission

61 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/adcad43b3aa9adf261fd29a97ba586e4ed703cff8c40daeeaf5237d3d3ca1f5d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/7a78e650453961fafb46fa74dffc67e19c4470b8985cf5a12b8cc452b7837c07.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1260) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/c824b637c7e69f8b2b0c611fb2770c1b2221b0cef22c5b827c5cf28d0de9f30e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878(Line 1424) Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/5aee0df5228a8f771995c6e8920eedd248cda089818cf87bac6e3c21bccb5f05.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/18d793e33dd186aacd041784dcfd828c041edacdaf31d25e270d4c5cc1b65668.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/76b718e71b19603c9cb6d2c86fb5e4cc7a3e7dd649527875607909c991f9d091.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/254fbed7f5f60246dceab341efe24006de26a47a46bfe700fba3645ec103fb0c.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/667f6549da31548d2a9cd6ff08fae81aad77583c87618da330ade8b92bc0191e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/c824b637c7e69f8b2b0c611fb2770c1b2221b0cef22c5b827c5cf28d0de9f30e.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/6e17a4e4130681931ab937f6e5b88ac68aa84203c89e74b351ba2e2e0031258b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/7a78e650453961fafb46fa74dffc67e19c4470b8985cf5a12b8cc452b7837c07.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/cb802096ad240df4746ed9d8227f83e7946a198b93b6ee0f380cefe7fc0c9e05.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/adcad43b3aa9adf261fd29a97ba586e4ed703cff8c40daeeaf5237d3d3ca1f5d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/a6a2ca5496b815a9ee8caa322a9e39a835403bab6880ce08f05c67d98bdac9fd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878 Message: Mixed Content: The page at 'https://onedio.com/haber/kredi-karti-aidatinizi-geri-alabilirsiniz-kredi-karti-iadesi-ilgili-bilmeniz-gereken-her-sey-1010878' was loaded over HTTPS, but requested an insecure element 'http://srv-cdn.onedio.com/store/f9ff6d6aa8c0d967d70d7866bcd909fc2e4868b722db81f551daa533a791ed8d.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=25150488472 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=79669538221 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=32511823636 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=184&cb=8508581588 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=7497492346 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=70646871016 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=16178146329 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://bidder.criteo.com/cdb?ptv=138&profileId=185&av=35&wv=7.47.0&cb=48377139367 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f52c2d2b341a720d2ac42d74aa3ae5f.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
ad.doubleclick.net
adservice.google.com
adx.adform.net
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
api-onedio-production.onedio.com
bid.g.doubleclick.net
bidder.criteo.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
event-collector.analytics.onedio.com
fd.tesseradigital.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.taboola.com
imasdk.googleapis.com
img-s1.onedio.com
img-s3.onedio.com
imprammp.taboola.com
lb.eu-1-id5-sync.com
m.exactag.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
onedio.com
onetag-sys.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pixel.rubiconproject.com
platform-lookaside.fbsbx.com
pm-widget.taboola.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
px.ads.linkedin.com
r5---sn-5hnednsz.c.2mdn.net
recommendation-api.analytics.onedio.com
rtb2-useast.e-volution.ai
s0.2mdn.net
s2.adform.net
s8t.teads.tv
securepubads.g.doubleclick.net
services.onedio.com
srv-cdn.onedio.com
ssum-sec.casalemedia.com
static.criteo.net
static.onedio.com
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.targeting.unrulymedia.com
t.teads.tv
token.rubiconproject.com
tpc.googlesyndication.com
tpx.tesseradigital.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.cloakan.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
a.sportradarserving.com
cdn.taboola.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
13.248.245.213
141.101.90.98
141.226.228.48
142.250.185.194
142.250.186.166
151.101.1.44
151.101.2.49
151.101.65.44
162.19.138.118
162.19.138.83
172.217.16.194
174.137.133.49
178.250.1.11
178.250.1.9
18.196.91.239
184.30.21.51
184.30.25.51
185.102.219.172
185.102.219.173
185.184.8.90
185.80.39.216
185.89.210.122
20.127.253.7
20.60.220.36
2001:4860:4802:32::3
213.155.156.180
213.202.235.10
2606:4700:10::6814:e25
2606:4700:10::6814:f25
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400e:11::a
2a02:2638:3::3
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:4700:2a3::26e5
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:d29:3605:d2e9:b819:ceaf:6f11
3.66.186.233
3.75.62.37
34.111.136.72
34.117.159.110
35.157.179.180
35.204.74.118
37.157.3.30
37.157.5.72
37.157.6.233
46.228.174.117
51.89.9.251
52.223.40.198
63.32.189.76
64.233.166.157
69.173.144.138
69.173.144.165
77.245.159.14
95.101.149.233
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
01afa1ad1afa1e170e923ac3fc28e70f033f5e74659ebed6608aaeb7200d8adf
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0285275fc3c76bcafa84cd4b6b2d9a855be279d892e1aa06f94bea4ae3b9583e
0322b00cb6bad591b726254678daf5a09db33b9f34db5fe69dbd4ae2095d2929
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
077a758c165eced3316ba482308d475ebebfecf3040daacf54558be0db9d19af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6e73e9346565acd3b4ff7a2fdc2cb7431805df730dc97d959e099ab73ae587
0d8c85a1ac410f13b7a6aa3ca691d1f716189e04d6ecd734f64ee9e2e2a46d32
0f3e153297f9e4fa0eeee46f00cf8cf60211d60fd8df843d1a642fb545330a50
1034ccaed1f9dbb4c6c0d3895ee792b931e539ecad7d3e0491632dd4df068c65
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
14dc088d308fca22250f7fb985062cdece95cd07299da915e0038459164a9f8a
15726d6a6db473c829365e69e31d4e97604cd5cafe876d8597b3fbc869719b42
1635eba10727a5bdcc0ccf080bcbe42e4e451c1e14048c67fae1a1afb017e2ba
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1b6f6d0bc93212b43eafee41d1d9c2f261e8c42847205ebe371276e6bc6a2b52
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f2328e7491d0aab769e20e7c1151d1614e24c33724f8399fe3fe7f84ae3d98d
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fd68eb38200a435d3464725406880ae786dff9dffa8dea7d8e39ca008a8c718
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
228a36ed635b941f6d4b7c94b25aefe85c8d68875b8d9651d0f04c2e35442985
2456ef3475fff167027aecdbf0400a036b2f383db83707c3234103d0f03d9421
2522ea72cf85a59bf326c15b291a9ffe12f2cdc9e2ac372afb444ed56b6fc19f
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25a5c06c35c1e7830da4bfe3e9e4e5f281e1e1464b4f4ece082e234118fa0b98
25cc24cd00981e91af68a7947a862074d65f52c070864add7b726b1106a5f45f
25cd7c1633b735df848f65451a671504864a2e2d56337af0ab785cdf512fdeae
2b476265f9e71b99380c41f578380a85bbd0b825f0e9e980c3a2174c71217ab9
2d003df9df69b47f263ab9040f056fa8d7af14844454a853cebd9bba4c4b0a34
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2e3d1ff6714a592eaaa8beb5caab6132f8552884bfca83f52211aec0706ec37a
2e41f9946ceda33fce9bba3f4a1702e2a52e2cfa7bb6b600661a7333523f9e96
2f0afd448c2df25721731bba58e9819ae9583833eb2e90f0a538f8a821cf2348
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33bb3637c12a17fbc18a9b93ceea2171d0506135347de1fe4a541be60f519453
36de549fa81b509bf426b8c57b5842e2857f1ac66456c567d552ac5a890dcd85
372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4
37a492700dbfcf1bda4376f5c65ad7b2ea514a3e544070681d1063598fb4a08e
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39dce9bed1229c0ea63b578fa41d43deedadad5a254d1c109a6b9befab766f57
3aa6f4040b6587f7ea3d4f1610000cc2b33a0e99621ebabafae342cdca22dab7
3bcf5308354d3c79138aafdf9ce68893233c06571cefb4495c92ebfc8f0e535f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffee9c0bd9411def1f88e476cfc072629841a536edc0abf2927b35ebcaff4d9
40d139ff967f625b8d7de0995ee0b4c583a84f18ab771876db589e9f8710ff3a
41dd65e5d60b12bfae966238332a9260800d9faa4d6b2dd96c1d04050fbaed02
422f44f37be3ad1dc211805c2f45188eb4a74e2bb9b6e4afe2379c8f0c239008
424959c1701510c4c49f73abd3c3584b948df2aba0e6372e937dd8bd57f4629b
4292deaa07e5aefa8b0404e89a6ef2202c328e18a172cda3a5459bbae7e31965
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
4445041a5221550830f31fa42e138f881676a468e4fedb939c1e0ab0a07eae17
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
467150f57e3950f97d315a86791fa22e24d1a4f2e3b515bb2898a44cc7e0d494
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed54f5ff509297da74f1655ec64b321016c40d2656414ec6f0279d952c35b64
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
52e537502f71005147165cfb8c67081bcbd6580b86fb92c891dcfabdfac1ffac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5562c13812b466a0a7c04fd2fd0473f62ce7b899ab76808135bd2b324bc6b2ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fe4e70c417bb19b37d1824c282a9ec1804103d00436f3236c173a51a2f85b2
56639c53fbc08d334e0001abb9cb4724cb57cb476150d64d7fc1211570d2bed6
569cf4c6f4f4ed37b079c0bc84b13c80548dbd23f35ec36a221fc8c72a634fcf
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
602078f74b8a98dfad5c0457920f978ee477cdc8837dcef5a82616c4930e19be
61016fb59e68abe6d39bd3ddbac2c6171514f66eae2a909238e8a3f828a436ba
613c98e975ac5b6d613be6e5559805524d5f9946f06851acf809ac55866e430f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dab6ed9bacee774fb16e7676dad70ba2897ea2c97216b1bc296388e121cfbd
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5
67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd
6d311bb0b9f68ecb7f93c90d1d589d90c35377ddc636eb3676c37471cfd63ff5
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
713c1febf6652315a352173ca5d8b84c2360a8581de2b966edb09c2cb92c48f8
7296124cd80cf0966a1923f45c6db31207a4175244084e082cec5e65ab655ab6
73776eff86ca177c94173b46bccd0f5e22034be029c332d1f119c181bb64efc6
7849fb00e08e4f940b1f61fe300eba24f63aca86e285c4548d9e93f984320f26
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7f1255a2f606a65de5b7e373bd205bca2f5271778212970f9579a253ed5e0927
7f1db52e8374c5efa6d73c3a2ae9d15b493e6b16ae287963a8412be67186b1bc
7fdabb3c4047b5538cb0396037b74e2df9a6cf2435c6fbd5588f7374864d438f
8048bdeee305e2dcc903b93015d69d3e0c9c2523bd5c46d2ccba31f59885c896
8133d9fb7ff61ea55d7ef4b8831893b41c47c599c91cabb4aa6e59a7976eeaa4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c62dac4616715b67a6f05f581b9d506c54475ba5fa70324d3a5194387e3a6f
85bf7170e4c4975a16ce5099da122f2829f0181ee17ad68f9f5d483384c5b22e
887a3a4f200a899e84097749a9412f749c61744b76f287de50a76cb532308166
8a360dd78c99927f4b72e1277d60df80774c5f9a248bfc37c3444c43b9cbc02c
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8b93bcb9d5295ceda227d94b91f40f607adb22f780c49931d5d6324c0fa3168a
8be8a3425835bfaafbc29f69b9abd874c517cf3394efe197e42e458a7a0d337a
8c99e343bd2b1e4c3830e6420ccc7a004d261b40419bf159d9e61631407b3cfd
8d65629f8028e0b0f3f75d4d1258be610f0a350aa5c47ca3cfeec1ba56913cbe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eb215af10c84978b06159bbcfbcfbac0464ea302415f83edc4133f3a192ee27
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
91977d4aaeaa221c465e96cef54c47a2cdada83e5686e96cbc7e5427816e46e5
92d18b6789b50e67200333a9ae06a35404dc41dbdd634ef7d8cfb0898227382e
93f7bf325600df308529816d46a693eba94bf56c62231d7863561b4e5b485057
944089b44ec5f876426cd30b5cd76e18a09d4178aa06f2acea7b50f9fd61e67f
950604ea8e00e89a075ac97048d1eb53e8a8c49036246c461c8ea5f8f60da854
96c248ed6596a211aebf66eca21eb95634a613c77b3aea467801aea400acb1c2
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c3870010e5711c8f269ff55ed1de66efdab44c77e3b04ff0778f5fd3e30894c
9cd82166cb272b8a918be1e38f7bfed0672846ac839bd22387ce309b5f0ca937
9f6410ae85726ec4d2345689acf227ea4559ab9a03510fcc04b0c86bc6ee7aa9
9f77665bfa9b00a8c9bfb3e32e43b8a34dac9c2d90e452b76bb38d809871c334
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a165991f6211fccecd49c3e9303c642947b95baa6d82be861f78e921ea9f7ffd
a45d8e47ea52ac176ca6e051545f1ec1e559c5f1682fde82530dad93626da85b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cda632f3318710f2d98d632b05ab010790896e0b098175f49fc9617a4edfc5
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a740e0c3da79e70748dc3ed8aa400edc9800953443dcceb828150a272be1ca03
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
ab09ebb4db91678901c83b987878b82f9826af59b3f96a554343cb911feadd70
abc000df2ffea85dee2dba713684eb45e3a9abbef01a3e14fcfc00009652ffba
ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a
adda67abf8e0f8731a86e3aefb53b93847656f20799f63d181ae0c9cd2638adb
aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812
aedd8d0238fa8ef610ac191a4b7b35b38a89aa7c408968239dd401fe436c0e07
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b226caa0ba4d269c9285e9aef4672d688aa8fc6c7cbe5f539461a96e85e596b6
b6b30f926a5a539bb0ddfd4e2a2347bafe72c237adc749dd55d1dc5f1a3c2c8e
b6c21bbb6b819f7dba5c0b474b64535c13d53512c9c1e402a92b94b424dac95e
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
ba731fde3903207bb0973861c6e321069153e94f683d04ccd14300ee66f27ff7
bdcf091e9192472f9a3e1438acea12d60c454a1a65af3b43c25278472b4616a4
c1390c08f2ad9b3d5e5b83456dca76a42beaea002a88625627f3cd16dcfe0e67
c23967b0c54829af72943eab72c944232ef2172d16a1d58194b1e02954533431
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c28e62ec408f34ca18b76298f690009e78700af3010365f6a6e7226e924416e9
c518fd56efade963216339c5eaf82afa6221043302a69f595a4e78c6dbf1457a
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c85ff0d2c0dba739701435b4ecd7ff4c4139528bef936a19f28ac4ac7cd26065
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6445fe2a60e5dbc1e6d30032a038752d6cce4ecf48b49d328378c07e4ad584
cb217d0e8ae247684c0dd02ff520bf734a39ad6ea5ec1124286bf47e0f42ec63
ce8f58403ae42d7f040e0c25f450186b5043f0199db4b2e6be6b4563c2fa09c1
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
dafa5a247facfc545e94a09ea12da423909aefca05557ec1a73e6d296fc540aa
db2850224bd8a1f98a4863bd51955f31efbf832c02972ab47872771aa0b18f05
dba49107edbd020f83668ba1c661b3d240621d37c01a6d3d4a8078300b9a4069
dbe1650f96113087eb6d3f63def3e41fb7b03fff33572cc4584ded9afa6ead77
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7713832e8617ed0535afa5ccf9ff63dc6b8bb4512664185a4b9e5d7f1abcc6
dff8d5b5010e0d1688047c44227da659b5163ed1af0689bd96acc79f7f3b997b
e1b589a52987caa5c01d9917838d185e95c4bc44127972ebb53a8122616d1dd8
e2473bc8b6761325ed52f2ef861de8b20520ad93d4877d2d14a25eaf4075a0d0
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e33e68a9c2eaeeb626dee1b0094e3bcccf70923e2bf740b96da32515f44e65db
e38f934d2280782c4bf4cf58e41596ad9dcffa77bdd47e50a616be88a02215e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5113869fed7cf5fbbb2fb64ba2e5c29fc9043e01e0d3a90b39024e0d0b20c
e5b6cc7b00fe92d3a4af4c9ba7db8488ca5308c97bd20e501fd72795830d32cf
e74b44db7c72f59a2d83ee6f05fc07fd206b4ce562af4307000d9977bac0ffc9
e74d88acee41342a30d5f497906e7bcb06ec2805ee127dfe39233df129051453
ec27f7bb31f1c4d2ffd1a2a7e2cf18161e79d984985a9ae1aa32262c6b1b917b
ed1f184fa3d298aaf01b99d934858b3ecb6243cd4efdea6b0f14a0b3d1ae480f
ee68049857997e40385cc9a493f2e8d598c4682b8eefe7790992aab06be465cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c88caf170bdda7a6852c6e44ae86ec12733c75a47fd7e0d8cc34c272177876
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f685a558d31a02f50b6f3abccdfd890bc94a3f19b44f3a77671afd469561f272
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
fba7b33e2a9172b7c0305c2dc390ee1faa4af90ee5dac1ccebd6a48977135814
fd7b241bc4c86d8e1c6091fc0b97d0782a953c793c527bcba8063f710ca20539
fee5feedcf117324972d35126e99e4d11d098c6437293d2bbd04c7d6153af2d7
ff12a318c9a34dca0830f75f8bece850f8b02c8be85b914f9561ee4f0286e026
ff98ae0f4737ae8354bce5807218b881fae0d9fe3edc295c37c93726eb094c8c

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

342 Requests

88 %HTTPS

44 %IPv6

49 Domains

93 Subdomains

68 IPs

8 Countries

6873 kBTransfer

16271 kBSize

12 Cookies

0 Outgoing links

Redirected requests

342 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

342
Requests

88 %
HTTPS

44 %
IPv6

49
Domains

93
Subdomains

68
IPs

8
Countries

6873 kB
Transfer

16271 kB
Size

12
Cookies

342 HTTP transactions
7 data transactions