www.t-online.de Open in urlscan Pro
62.138.239.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t-online.koeln/
Effective URL:
https://www.t-online.de/region/koeln
Submission: On April 17 via api (April 17th 2021, 4:01:42 pm UTC) from DE

Summary HTTP 132 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 38 domains to perform 132 HTTP transactions. The main IP is 62.138.239.100, located in Germany and belongs to PLUSSERVER-ASN1, DE. The main domain is www.t-online.de.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 15th 2021. Valid for: a year.

This is the only time www.t-online.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.59.165.42 52.59.165.42	16509 (AMAZON-02) (AMAZON-02)
1 11	62.138.239.100 62.138.239.100	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
7	143.204.245.54 143.204.245.54	16509 (AMAZON-02) (AMAZON-02)
1 9	62.138.239.104 62.138.239.104	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
4	2a02:cbf7:1:0... 2a02:cbf7:1:0:62:138:239:118	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
11	62.138.238.103 62.138.238.103	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	2a02:cbf7:1:0... 2a02:cbf7:1:0:62:138:239:55	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
11	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2	46.105.202.39 46.105.202.39	16276 (OVH) (OVH)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1	2a02:26f0:710... 2a02:26f0:7100::687e:2409	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	149.202.80.197 149.202.80.197	16276 (OVH) (OVH)
1	62.138.238.150 62.138.238.150	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	2a02:cbf7::62... 2a02:cbf7::62:138:238:39	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
18	107.178.241.34 107.178.241.34	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:4fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.245.60 143.204.245.60	16509 (AMAZON-02) (AMAZON-02)
1	34.102.174.65 34.102.174.65	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
10	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
4 15	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	18.185.197.81 18.185.197.81	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
4 6	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	34.247.242.33 34.247.242.33	16509 (AMAZON-02) (AMAZON-02)
1 3	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	172.104.121.22 172.104.121.22	63949 (LINODE-AP...) (LINODE-AP Linode)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
5 5	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
8 8	54.36.109.186 54.36.109.186	16276 (OVH) (OVH)
1 1	18.197.249.149 18.197.249.149	16509 (AMAZON-02) (AMAZON-02)
2 2	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.96.39 3.123.96.39	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
3 3	34.240.2.137 34.240.2.137	16509 (AMAZON-02) (AMAZON-02)
2 2	54.171.219.200 54.171.219.200	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
132	32

1 52.59.165.42 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-165-42.eu-central-1.compute.amazonaws.com

t-online.koeln	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 62.138.239.100 (Germany) 1 redirects

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: www.t-online.de

www.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.245.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-54.cph50.r.cloudfront.net

consent.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 62.138.239.104 (Germany) 1 redirects

ASN61157 (PLUSSERVER-ASN1, DE)

stats.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:cbf7:1:0:62:138:239:118 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)

img.toi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 62.138.238.103 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)

bilder.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cbf7:1:0:62:138:239:55 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)

geolocation.stroeerdp.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.39 (France)

ASN16276 (OVH, FR)

u.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::687e:2409 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.interactivemedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.80.197 (France)

ASN16276 (OVH, FR)
PTR: eu4.heatmap.it

eu4.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.138.238.150 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: suche.t-online.de

suche.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cbf7::62:138:238:39 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)

login.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 107.178.241.34 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 34.241.178.107.bc.googleusercontent.com

d.nativendo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.nativendo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:4fb (United States)

ASN13335 (CLOUDFLARENET, US)

c.nativendo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-60.cph50.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.174.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.174.102.34.bc.googleusercontent.com

n.nativendo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Krefeld, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 141.226.228.48 (Netherlands) 4 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.197.81 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-197-81.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.247.242.33 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.30 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.121.22 (Tokyo, Japan) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1731-22.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.54.133 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.239.72 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.36.109.186 (France) 8 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.249.149 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.137.92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.96.39 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.240.2.137 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.219.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	t-online.de 2 redirects www.t-online.de consent.t-online.de stats.t-online.de bilder.t-online.de suche.t-online.de login.t-online.de	666 KB
36	taboola.com 4 redirects c2.taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com	223 KB
26	nativendo.de d.nativendo.de c.nativendo.de n.nativendo.de t.nativendo.de	34 KB
8	id5-sync.com 8 redirects id5-sync.com	13 KB
6	doubleclick.net 4 redirects cm.g.doubleclick.net	1 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	contextweb.com 2 redirects bh.contextweb.com	3 KB
4	openx.net 2 redirects u.openx.net	780 B
4	toi.de img.toi.de	3 KB
3	lijit.com 1 redirects ce.lijit.com	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	gstatic.com fonts.gstatic.com	37 KB
3	heatmap.it u.heatmap.it eu4.heatmap.it	12 KB
2	avct.cloud 2 redirects ads.avct.cloud	931 B
2	tapad.com 2 redirects pixel.tapad.com	932 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	997 B
2	metadsp.co.uk 2 redirects u.ipw.metadsp.co.uk	857 B
2	bttrack.com bttrack.com	760 B
2	appier.net 2 redirects s.c.appier.net	724 B
2	demdex.net dpm.demdex.net Failed	1 KB
2	criteo.com 2 redirects dis.criteo.com	917 B
2	emxdgt.com e1.emxdgt.com	104 B
2	smartadserver.com rtb-csync.smartadserver.com	1 KB
2	pubmatic.com simage2.pubmatic.com	2 KB
2	adnxs.com ib.adnxs.com	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	2 KB
2	perfectmarket.com widget.perfectmarket.com	33 KB
2	ioam.de 1 redirects de.ioam.de	2 KB
1	rfihub.com 1 redirects p.rfihub.com	779 B
1	avocet.io 1 redirects ads.avocet.io	226 B
1	360yield.com 1 redirects ice.360yield.com	485 B
1	tchibo.de tagm.tchibo.de	1 KB
1	privacy-mgmt.com cdn.privacy-mgmt.com	1 KB
1	interactivemedia.net cdn.interactivemedia.net	67 KB
1	stroeerdp.de geolocation.stroeerdp.de	681 B
1	t-online.koeln 1 redirects t-online.koeln	207 B
132	38

	Domain	Requested by
15	t.nativendo.de	c.nativendo.de
11	bilder.t-online.de	www.t-online.de stats.t-online.de
11	www.t-online.de	1 redirects www.t-online.de stats.t-online.de
10	cdn.taboola.com	www.t-online.de cdn.taboola.com
9	sync.taboola.com	4 redirects
9	stats.t-online.de	1 redirects www.t-online.de stats.t-online.de
8	id5-sync.com	8 redirects
8	trc.taboola.com	cdn.taboola.com
7	c.nativendo.de	d.nativendo.de c.nativendo.de
7	consent.t-online.de	www.t-online.de consent.t-online.de
6	cm.g.doubleclick.net	4 redirects
5	x.bidswitch.net	5 redirects
4	sync-t1.taboola.com
4	bh.contextweb.com	2 redirects
4	u.openx.net	2 redirects
4	img.toi.de	www.t-online.de consent.t-online.de
3	ce.lijit.com	1 redirects
3	match.adsrvr.org	3 redirects
3	rtb.mfadsrvr.com	3 redirects
3	fonts.gstatic.com	consent.t-online.de
3	d.nativendo.de	www.t-online.de c.nativendo.de
2	ads.avct.cloud	2 redirects
2	pixel.tapad.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	u.ipw.metadsp.co.uk	2 redirects
2	bttrack.com
2	s.c.appier.net	2 redirects
2	dpm.demdex.net
2	dis.criteo.com	2 redirects
2	e1.emxdgt.com
2	rtb-csync.smartadserver.com
2	simage2.pubmatic.com
2	ib.adnxs.com
2	pixel.rubiconproject.com	2 redirects
2	match.taboola.com
2	trc-events.taboola.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	de.ioam.de	1 redirects www.t-online.de
2	u.heatmap.it	www.t-online.de u.heatmap.it
1	p.rfihub.com	1 redirects
1	ads.avocet.io	1 redirects
1	ice.360yield.com	1 redirects
1	tagm.tchibo.de
1	n.nativendo.de	c.nativendo.de
1	cdn.privacy-mgmt.com	consent.t-online.de
1	login.t-online.de	www.t-online.de
1	suche.t-online.de	www.t-online.de
1	eu4.heatmap.it	www.t-online.de
1	cdn.interactivemedia.net	www.t-online.de
1	c2.taboola.com	www.t-online.de
1	geolocation.stroeerdp.de	stats.t-online.de
1	t-online.koeln	1 redirects
132	53

This site contains links to these domains. Also see Links.

Domain
telefonbuch.t-online.de
lotto.t-online.de
tarife-und-produkte.t-online.de
www.telekom.de
freemail.t-online.de
magentacloud.de
www.bonprix.de
www.amazon.de
partnerprogramm.otto.de
m.exactag.com
tagm.tchibo.de
jobsuche.t-online.de
gebrauchtwagen-suche.t-online.de
immobilien.t-online.de
veranstaltungen.t-online.de
popup.taboola.com
cdn.hoergeraete.hoeren-heute.ch
goo21.com
www.5bestepartnersucheseiten.ch
twstrk.com
www.trkflb.com
count.shopping.t-online.de
www.facebook.com
twitter.com
podcasts.apple.com
www.instagram.com
www.pinterest.de
www.stroeer.com

Subject Issuer	Validity	Valid
www.t-online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-02-15` - `2022-02-22`	a year	crt.sh
amp-consent.desired.de R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
stats.t-online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-02-15` - `2022-02-22`	a year	crt.sh
*.toi.de TeleSec ServerPass Class 2 CA	`2020-06-09` - `2021-06-14`	a year	crt.sh
bilder.t-online.de DigiCert SHA2 Secure Server CA	`2019-05-27` - `2021-05-27`	2 years	crt.sh
*.stroeerdp.de RapidSSL RSA CA 2018	`2020-07-01` - `2022-07-31`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.heatmap.it Sectigo RSA Domain Validation Secure Server CA	`2020-06-13` - `2022-06-26`	2 years	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
cdn.stroeerdigitalgroup.de DigiCert SHA2 Secure Server CA	`2021-04-08` - `2022-04-13`	a year	crt.sh
suche.t-online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-02-16` - `2022-02-23`	a year	crt.sh
login.t-online.de TeleSec ServerPass Class 2 CA	`2021-02-17` - `2022-02-22`	a year	crt.sh
nativendo.de R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
*.privacy-mgmt.com R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tagm.tchibo.de AlphaSSL CA - SHA256 - G2	`2020-10-08` - `2021-11-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.t-online.de/region/koeln
Frame ID: 9FA9EEB36257CAC2B3FE1CD50F3BA145
Requests: 88 HTTP requests in this frame

Frame: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Frame ID: 9C439B4785BABC9490921D87C6F26CFF
Requests: 6 HTTP requests in this frame

Frame: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
Frame ID: 834058A38E462C014E3A9AD6DF07D18E
Requests: 11 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0
Frame ID: 58A2A3B5B4EF8CFF48F9CAC56455B727
Requests: 18 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0
Frame ID: 9567E226A98F5895490EE8FBB62D95F2
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t-online.koeln/ HTTP 302
https://www.t-online.de/koeln HTTP 301
https://www.t-online.de/region/koeln Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

132
Requests

99 %
HTTPS

13 %
IPv6

38
Domains

53
Subdomains

32
IPs

8
Countries

1085 kB
Transfer

3929 kB
Size

10
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://telefonbuch.t-online.de/
Title: Telefonverz.

Search URL Search Domain Scan URL

URL: https://lotto.t-online.de/?partnerId=1DECOO0536&advertisementId=1NAVIGA000000000000000000000000000000000000
Title: Lotto

Search URL Search Domain Scan URL

URL: https://tarife-und-produkte.t-online.de/
Title: Tarife & Produkte

Search URL Search Domain Scan URL

URL: https://www.telekom.de/start
Title: Telekom

Search URL Search Domain Scan URL

URL: https://www.telekom.de/hilfe
Title: Hilfe & Service

Search URL Search Domain Scan URL

URL: https://www.telekom.de/hilfe/hilfe-bei-stoerungen/serviceassistent
Title: Frag Magenta

Search URL Search Domain Scan URL

URL: https://www.telekom.de/kundencenter/startseite
Title: Kundencenter

Search URL Search Domain Scan URL

URL: https://freemail.t-online.de/
Title: Freemail

Search URL Search Domain Scan URL

URL: https://magentacloud.de/
Title: MagentaCloud

Search URL Search Domain Scan URL

URL: https://www.bonprix.de/kategorie/damen-mode/?landmark=Entry&wkz=79&iwl=000&typ=POR&anbieter=TON2&aktion=MOFU_Shopping&version=Top-Partner-Leiste-Portal&promo=modekat&bkkz=230000000&matchkey=Shopping
Title:

Search URL Search Domain Scan URL

URL: https://www.amazon.de/?tag=t-online-tpb-artikel-21
Title:

Search URL Search Domain Scan URL

URL: https://partnerprogramm.otto.de/trck/eclick/e87a1b6444b1dd9f5f172401cfe623ec
Title:

Search URL Search Domain Scan URL

URL: https://m.exactag.com/cl.aspx?extCa=717&extTcm=de.06r.tonlogo|.toppartner..001153&url=https%3A%2F%2Fwww.douglas.de%2F%3Ftrac%3Dde.06r.tonlogo..toppartner..001153%26et_sea%3D1
Title:

Search URL Search Domain Scan URL

URL: https://tagm.tchibo.de/cl.aspx?extProvID=113&extProvApi=128152&extPu=74451&extLi=NF_Kooperation_Stroeer_2021&extSi=ROS%20Logo&extCr=NF_2021_Startseite_X_Toppartner%20Logo&gdpr=1&gdpr_consent=undefined&url=https://www.tchibo.de&utm_medium=display-de-performance&utm_source=Stroeer+CPO&utm_campaign=Tchibo_NF_Kooperation_Stroeer_2021
Title:

Search URL Search Domain Scan URL

URL: https://jobsuche.t-online.de/stadt-koeln/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://gebrauchtwagen-suche.t-online.de/stadt-koeln/
Title: Gebrauchtwagen

Search URL Search Domain Scan URL

URL: https://immobilien.t-online.de/stadt-k%C3%B6ln/
Title: Immobilien

Search URL Search Domain Scan URL

URL: https://veranstaltungen.t-online.de/stadt-k%C3%B6ln/
Title: Veranstaltungen

Search URL Search Domain Scan URL

URL: https://immobilien.t-online.de/search?offer=wm&ci=koeln&uk=5
Title: 90 Immobilien Finden Sie Immobilien in Köln

Search URL Search Domain Scan URL

URL: https://veranstaltungen.t-online.de/stadt-koeln/
Title: 3.595 Veranstaltungen Finden Sie Veranstaltungen in Köln

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/de/?template=colorbox&utm_source=t-online&utm_medium=referral&utm_content=thumbnails-feed-3x1-no-header-category:Regio%20Section%20Front%20Feed%20|%20Card%202:
Title: von Taboola

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraete.hoeren-heute.ch/native-state/?aud_c=tb1903&utm_content=2972684833&utm_publisher_ID=t-online&mkt_tool_id=8b7634&utm_term=8b7634&act=ACT0000030484ACT&utm_source=taboola&utm_medium=display&utm_campaign=ch_de_hoe_display_taboola_hh_swiss_native_state_acq_desktop_cw08_audibene-ch2-sc_ACT0000030484ACT&utm_creative_ID=2972684833&aud_adcopy=2021%3A+Schweizer+Staat+%C3%BCbernimmt+Kosten+beim+H%C3%B6rger%C3%A4te-Kauf&tbclid=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCqkUYo4OHpqdH4o-ujAQ#tblciGiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCqkUYo4OHpqdH4o-ujAQ
Title: Hören heute

Search URL Search Domain Scan URL

URL: https://goo21.com/click.php?key=2tret7e9j1xefraygows&clickid=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCDhz04o9Krczpnojp7pAQ&cost={cost}&site=t-online&campaign=9583623&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0a7c85b6e0276a8772c1b57ed69ab02c.png&title=Urologen+offenbaren%3A+%E2%80%9CSie+k%C3%B6nnen+jetzt+Potenzmittel+online+mit+ein+paar+Klicks+kaufen.%E2%80%9D&campaign_name=Desktop_CH_Kurz10ED_05%2F04%2F2021&campaign_item_id=2987575437&site_id=1066776&tblci=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCDhz04o9Krczpnojp7pAQ#tblciGiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCDhz04o9Krczpnojp7pAQ
Title: Apomeds

Search URL Search Domain Scan URL

URL: https://www.5bestepartnersucheseiten.ch/?utm_source=28&tmplt=1.1&zonename=t-online&adid=2971977610&adname=Diese+Datingseiten+funktionieren+am+besten+in+Zurigo&cmpgid=8728102&de=Desktop&adacc=tabo1&cmpgname=SD_CH_DE_Des_18-02-2021&zoneid=1066776&srcclkid=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCDdzkQouIzGjqLogq3SAQ#tblciGiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCDdzkQouIzGjqLogq3SAQ
Title: Top 5 Dating CH

Search URL Search Domain Scan URL

URL: https://twstrk.com/60045d80dda47d0001d04b48?sub1=t-online&sub2=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa106e554aa117fda8dda53169030b28d.jpg&sub3=Smart+USB-Stick+sichert+gesamten+PC+%281+Klick%29&sub4=2021-04-17+16%3A01%3A25&sub5=Desktop&sub6=9731005&sub7=2988079814&sub8=1066776&ref_id=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCJr1Io9pmR5daoz-amAQ&tblci=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCJr1Io9pmR5daoz-amAQ#tblciGiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCJr1Io9pmR5daoz-amAQ
Title: Infinitikloud

Search URL Search Domain Scan URL

URL: https://www.trkflb.com/38d603f3-da0c-49b3-bd92-a3f7f2a634f3?utm_source=taboola&utm_campaign=9091821&utm_medium=t-online&utm_content=Kniechirurgen+beeindruckt+%C3%BCber+bahnbrechende+Knie-Bandagen&aid=2979303138&head7w={Headline}&img48f={Image}&v8=1066776&tb_click_id=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCF8VAo06jTgaTD2IXVAQ#tblciGiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCF8VAo06jTgaTD2IXVAQ
Title: Circa Knee

Search URL Search Domain Scan URL

URL: https://www.trkflb.com/aa8077c3-dccd-4b65-af2e-e2cabb4c3d13?utm_source=taboola&utm_campaign=9681458&utm_medium=t-online&utm_content=Neues+%22Nanotech-Spray%22+sch%C3%BCtzt+Autos+vor+Staub+und+Kratzern&aid=2987211811&head7w={Headline}&img48f={Image}&v8=1066776&tb_click_id=GiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCE8VAon-Djoduoi5Yq#tblciGiDPLvJ8VM-TMzqRl6qg3lK2eeZDIMRM3S8Kxk5LBPF1vCCE8VAon-Djoduoi5Yq
Title: Shine Armor

Search URL Search Domain Scan URL

URL: https://count.shopping.t-online.de/RE?ID=70265506&CID=40576542&FID=C1&GID=40866678&lg=1&URL=https%3A%2F%2Fwww.t-online.de%2Fshopping&SEC=7UBQjPqcuXwHhnfY5eFa%2Fg%3D%3D

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tonline.de
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/tonline
Title: Twitter

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/podcast/id1374882499
Title: Apple Podcasts

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tonline.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/tonlinedeutschland/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.stroeer.com/presse/
Title: Presse

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t-online.koeln/ HTTP 302
https://www.t-online.de/koeln HTTP 301
https://www.t-online.de/region/koeln Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://stats.t-online.de/include-ivw-agof-szmng-js/id_85433946/tid_js/index_ts585433946.js HTTP 301
https://stats.t-online.de/include-ivw-agof-szmng-js/id_85433946/tid_js/index_ts785433946.js

Request Chain 23

https://de.ioam.de/tx.io?st=toi&sv=ke&co=kommentar&sc=yes&cp=%2Fnachrichten%2Fregionales2%2Fkoeln&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.t-online.de&xy=1600x1200x24&cb=8007&vr=422&id=qn28vx&i3=e417fcb2f38ff1966edd38303037d4aa5398f7%3A1646409684063%3A1618675284063%3A.t-online.de%3A1%3Atoi%3A%2Fnachrichten%2Fregionales2%2Fkoeln%3Anoevent%3A1618675284063&n1=1&dntt=0&lt=1618675284065&ev=&cs=6n5vs8&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=toi&sv=ke&co=kommentar&sc=yes&cp=%2Fnachrichten%2Fregionales2%2Fkoeln&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.t-online.de&xy=1600x1200x24&cb=8007&vr=422&id=qn28vx&i3=e417fcb2f38ff1966edd38303037d4aa5398f7%3A1646409684063%3A1618675284063%3A.t-online.de%3A1%3Atoi%3A%2Fnachrichten%2Fregionales2%2Fkoeln%3Anoevent%3A1618675284063&n1=1&dntt=0&lt=1618675284065&ev=&cs=6n5vs8&mo=1&sr=71

Request Chain 105

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0

Request Chain 106

https://u.openx.net/w/1.0/sd?id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=

Request Chain 107

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0

Request Chain 108

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0XKqC0AbEL2Q&ev=1&orig=trc&pid=562107

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1

Request Chain 112

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&google_tc=

Request Chain 113

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908

Request Chain 114

https://ce.lijit.com/merge?pid=42&3pid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 118

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6

Request Chain 119

https://id5-sync.com/s/464/9.gif?puid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=3c2f2eca-e7af-4f26-8412-c03713699c8a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=61cf15b552959f0280ad9c24f4e2c98d&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=6698c558-8db4-496f-87cc-683c327801e5&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/3/5.gif?puid=2b72d9b1-9f96-11eb-8dd8-7aedb93adb57&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/2/6.gif?puid=efb24fe4-e932-41af-90d9-3744d1eda503&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F1%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/160/1/7.gif?puid=21782201916013794300455576650440932171&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 120

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Bv48bq1WCzOmjq9KWAZ7YA

Request Chain 122

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=2f87c844-66ba-4e28-94f1-6b2a559b8cd9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=2f87c844-66ba-4e28-94f1-6b2a559b8cd9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=1&user_id=ae2bfdde-0557-4cd4-8860-e1ab378aa0fc&ssp=taboola&bsw_param=2f87c844-66ba-4e28-94f1-6b2a559b8cd9 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9

Request Chain 123

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0

Request Chain 124

https://u.openx.net/w/1.0/sd?id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0

Request Chain 126

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=tFEYBBoStCvd&ev=1&orig=trc&pid=562107

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1

Request Chain 130

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7

Request Chain 131

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908

Request Chain 136

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6

Request Chain 137

https://id5-sync.com/s/464/9.gif?puid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=3c2f2eca-e7af-4f26-8412-c03713699c8a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=61cf15b552959f0280ad9c24f4e2c98d&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=712772a6-7462-4b06-954e-7534c3b9cb07&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/3/5.gif?puid=2b72d9b1-9f96-11eb-8dd8-7aedb93adb57&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/2/6.gif?puid=efb24fe4-e932-41af-90d9-3744d1eda503&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F1%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/160/1/7.gif?puid=21782201916013794300455576650440932171&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/340/0/8.gif?puid=21782201916013794300455576650440932171&gdpr=1&gdpr_consent= HTTP 302
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg

Request Chain 138

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=AQfvB3xmCYSMPDx3WAZ7YA

Request Chain 140

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=875739026013861187&expires=30&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9

132 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request koeln Show response
www.t-online.de/region/
Redirect Chain

https://t-online.koeln/
https://www.t-online.de/koeln
https://www.t-online.de/region/koeln

135 KB
32 KB

31ms
31ms

Document
text/html

62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: d1ed0b616b43501dbe725623340e064d6880d5a2b85045a2eea86f6fc609f903

Request headers

Host: www.t-online.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:19 GMT
X-CacheTime: 30
X-SourceInfo: cmsweb07/18 17.2.0.4 :-)
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Encoding: gzip
Content-Length: 32657
Last-Modified: Sat, 17 Apr 2021 16:00:19 GMT
Cache-Control: public, max-age=90
Age: 63
Vary: User-Agent,Accept-Encoding
Accept-Ranges: bytes
Connection: keep-alive

Redirect headers

Date: Sat, 17 Apr 2021 16:01:23 GMT
Server: Varnish
X-Varnish: 538588085
Location: https://www.t-online.de/region/koeln
Content-Length: 0
Connection: keep-alive

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
consent.t-online.de/ 151 KB
44 KB 185ms
69ms Script
application/javascript 143.204.245.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.t-online.de/wrapperMessagingWithoutDetection.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-54.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b29256842f1c582cf89c93a91e439079b4813d484181540602aaf146d19b605

Request headers

Referer: https://www.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 15:27:39 GMT
server: AmazonS3
age: 3107
etag: W/"4035c3349448ccb677a86aa3eb6396e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Sat, 17 Apr 2021 15:09:37 GMT
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: EfHw6cKmrjT7W9A-vN1NLvPB-l-Qmrq9ElylKpRbJgyyj1rnCWLcnQ==

GET
H/1.1 200
OK index_ts6864298144.css
stats.t-online.de/rl13-726-css/id_63141836/tid_css/ 453 KB
96 KB 118ms
27ms Stylesheet
text/css 62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/rl13-726-css/id_63141836/tid_css/index_ts6864298144.css
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 56e8663f6ed9ffb10dd03a2d2c4e98543959907940f06fee7055610947d1ea7d

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 15:46:05 GMT
Age: 23
X-CacheTime: 17
Etag: "1618501565000"
Vary: User-Agent,Accept-Encoding
Content-Language: de-DE
Cache-Control: public, max-age=31536000
X-SourceInfo: cmsweb05/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css;charset=utf-8
Content-Length: 97471

GET
H/1.1 200
OK index_ts1740001992.js Show response
stats.t-online.de/jquery-js/id_40001992/tid_js/ 93 KB
34 KB 120ms
28ms Script
text/javascript 62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/jquery-js/id_40001992/tid_js/index_ts1740001992.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: f07c05c627751529d956e30f15ac85d832648762a4ee7cad22d23745fdba68a1

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 15:59:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Sep 2014 08:28:58 GMT
Age: 101
X-CacheTime: 17
Etag: "1411720138000"
Vary: User-Agent,Accept-Encoding
Content-Language: de
Cache-Control: public, max-age=31536000
X-SourceInfo: cmsweb05/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript;charset=utf-8
Content-Length: 33915

GET
H/1.1 200
OK index_ts785433946.js Show response
stats.t-online.de/rl13-funcs-js/id_64568272/tid_js/ 68 KB
24 KB 129ms
30ms Script
text/javascript 62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/rl13-funcs-js/id_64568272/tid_js/index_ts785433946.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: a4668422ba84c271bb7e3af7f7db8e92868e878d0e51e92637e8d1a014e9ca4b

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 12:23:40 GMT
Age: 54
X-CacheTime: 17
Etag: "1614083020000"
Vary: User-Agent,Accept-Encoding
Content-Language: de
Cache-Control: public, max-age=31536000
X-SourceInfo: cmsweb03/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript;charset=utf-8
Content-Length: 23871

GET
H/1.1 200
OK rl13-js-410-temp.js Show response
www.t-online.de/region/id_83985808/tid_js/ 369 KB
115 KB 83ms
31ms Script
text/javascript 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.t-online.de/region/id_83985808/tid_js/rl13-js-410-temp.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: 75fb7ddecb5f4335bcfc4d7059b69634fad7933dc0a4da9ffc5cd19af5f0b77f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.t-online.de/region/koeln
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2
Connection: keep-alive
Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 09:24:10 GMT
Age: 27
X-CacheTime: 17
Etag: "1618305850000"
Vary: User-Agent,Accept-Encoding
Content-Language: de-DE
Cache-Control: public, max-age=90
X-SourceInfo: cmsweb03/23 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript;charset=utf-8
Content-Length: 117570

GET
H/1.1

200
OK

index_ts785433946.js Show response
stats.t-online.de/include-ivw-agof-szmng-js/id_85433946/tid_js/
Redirect Chain

https://stats.t-online.de/include-ivw-agof-szmng-js/id_85433946/tid_js/index_ts585433946.js
https://stats.t-online.de/include-ivw-agof-szmng-js/id_85433946/tid_js/index_ts785433946.js

31 KB
10 KB

33ms
33ms

Script
text/javascript

62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/include-ivw-agof-szmng-js/id_85433946/tid_js/index_ts785433946.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 80cfaeafda9d2efd91765301661a27476b0a7b03237bdfa0c1b69230043cd8cc

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 12:23:40 GMT
Age: 66
X-CacheTime: 17
Etag: "1614083020000"
Vary: User-Agent,Accept-Encoding
Content-Language: de
Cache-Control: public, max-age=31536000
X-SourceInfo: cmsweb05/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript;charset=utf-8
Content-Length: 9536

Redirect headers

Date: Sat, 17 Apr 2021 16:00:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Apr 2021 16:00:47 GMT
Age: 36
Vary: User-Agent,Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Location: https://stats.t-online.de/include-ivw-agof-szmng-js/id_85433946/tid_js/index_ts785433946.js
Cache-Control: public, max-age=31536000
X-SourceInfo: cmsweb05/04 17.2.0.4 :-|
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK adex.js Show response
stats.t-online.de/js/ads/ 12 B
403 B 151ms
35ms Script
text/javascript 62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/js/ads/adex.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 265b28ff306409db26aff6f8fefc3eb1418f279b272d339595b67742d03c5b48

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Apr 2020 10:07:05 GMT
Age: 35
Etag: "87714966-2"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
X-Staging: /staging/js/ads/adex.js
Content-Length: 32

GET
H/1.1 200
OK regiocore-js.js Show response
www.t-online.de/region/id_85838350/tid_js/ 71 KB
11 KB 82ms
28ms Script
text/javascript 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: 782039def1384a29c39a12bf80f27139b06bfd51cf46b92ccd5aae03b98d3ba5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.t-online.de/region/koeln
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2
Connection: keep-alive
Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 09:39:59 GMT
Age: 46
X-CacheTime: 17
Etag: "1618479599000"
Vary: User-Agent,Accept-Encoding
Content-Language: de-DE
Cache-Control: public, max-age=90
X-SourceInfo: cmsweb03/23 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript;charset=utf-8
Content-Length: 10686

GET
H/1.1 200
OK regio-css.css
www.t-online.de/region/id_85884254/tid_css/ 10 KB
3 KB 50ms
31ms Stylesheet
text/css 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.t-online.de/region/id_85884254/tid_css/regio-css.css
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: 21e4e6ec78774ead648ca34ede985692a5476dd4d999ddd960553b1773a2d0ba

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.t-online.de/region/koeln
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2
Connection: keep-alive
Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 1 Feb 2021 13:10:40 GMT
Age: 65
X-CacheTime: 17
Etag: "1612185040000"
Vary: User-Agent,Accept-Encoding
Content-Language: de
Cache-Control: public, max-age=90
X-SourceInfo: cmsweb01/23 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css;charset=utf-8
Content-Length: 3072

GET
H/1.1 200
OK t.gif
img.toi.de/ 42 B
342 B 89ms
15ms Image
image/gif 2a02:cbf7:1:0:62:138:239:118
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.toi.de/t.gif
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:118 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 22a6d424fddf97e1c2f47146ba4d38a9b09636edabd332ca8c02f3db8c99d1b4

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:14 GMT
Last-Modified: Thu, 28 Jan 2021 16:02:36 GMT
Server: Apache/2.4.18 (Ubuntu)
Age: 9
ETag: "2a-5b9f804233f00"
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK wenig-los-vor-dem-hauptgebaeude-der-universitaet-koeln-archivbild-waehrend-der-coronakrise-sind-zahlreiche-studenten-wieder-zu-ihren-eltern-gezogen-.jpg
bilder.t-online.de/b/89/86/30/94/id_89863094/610_80/tid_da/ 40 KB
40 KB 115ms
29ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/86/30/94/id_89863094/610_80/tid_da/wenig-los-vor-dem-hauptgebaeude-der-universitaet-koeln-archivbild-waehrend-der-coronakrise-sind-zahlreiche-studenten-wieder-zu-ihren-eltern-gezogen-.jpg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: d937d1ea2f9a045d0cb591827fb7b6dd2b338756111369e368d40a5996ec07ef

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:04:16 GMT
Last-Modified: Sat, 17 Apr 2021 09:57:35 GMT
Age: 7025
Etag: "89863094-2"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=2591999
X-SourceInfo: cmsweb00/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 40635

GET
H/1.1 200
OK platz-fuer-fussgaenger-und-radfahrer-dazwischen-ein-spielplatz-und-sogar-ein-tennisfeld-so-oder-aehnlich-soll-es-einmal-auf-der-rodenkirchener-bruecke-aussehen-wenn-es-nach-der-cdu-im-bezirk-geht-.png
bilder.t-online.de/b/89/86/26/50/id_89862650/300_80/tid_da/ 17 KB
18 KB 117ms
29ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/86/26/50/id_89862650/300_80/tid_da/platz-fuer-fussgaenger-und-radfahrer-dazwischen-ein-spielplatz-und-sogar-ein-tennisfeld-so-oder-aehnlich-soll-es-einmal-auf-der-rodenkirchener-bruecke-aussehen-wenn-es-nach-der-cdu-im-bezirk-geht-.png
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: ad464ae772cac6b2bb54646c803681cb85c240269eeab88bc87821f71f3b3fae

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:04:16 GMT
Last-Modified: Sat, 17 Apr 2021 08:44:02 GMT
Age: 7027
Etag: "89862650-3"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb04/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 17629

GET
H/1.1 200
OK emmanuel-dennis-auf-dem-weg-zum-training-im-stadion-der-stuermer-darf-sich-hoffnungen-auf-einen-platz-in-der-startelf-machen-.jpg
bilder.t-online.de/b/89/86/22/56/id_89862256/103_95/tid_da/ 4 KB
4 KB 116ms
28ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/86/22/56/id_89862256/103_95/tid_da/emmanuel-dennis-auf-dem-weg-zum-training-im-stadion-der-stuermer-darf-sich-hoffnungen-auf-einen-platz-in-der-startelf-machen-.jpg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 2f6ec819770294adc3b2c5fa79f6f407a880567e00ce16dfcfb861b334ccaf56

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:04:07 GMT
Last-Modified: Sat, 17 Apr 2021 07:27:46 GMT
Age: 7036
Etag: "89862256-3"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb02/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 4006

GET
H/1.1 200
OK ein-pfleger-auf-der-covid-intensivstation-der-uniklinik-dresden-archivbild-das-pflegepersonal-auf-deutschlands-intensivstationen-ist-am-limit-und-fordert-bessere-arbeitsbedingungen-.jpg
bilder.t-online.de/b/89/85/81/52/id_89858152/610_80/tid_da/ 40 KB
40 KB 118ms
29ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/85/81/52/id_89858152/610_80/tid_da/ein-pfleger-auf-der-covid-intensivstation-der-uniklinik-dresden-archivbild-das-pflegepersonal-auf-deutschlands-intensivstationen-ist-am-limit-und-fordert-bessere-arbeitsbedingungen-.jpg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 39d1b7da59079ffdf625a579f4125a9f946544a0dc4afbfc8c9c2c4650ea3c63

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:21:25 GMT
Last-Modified: Fri, 16 Apr 2021 11:27:29 GMT
Age: 5998
Etag: "89858152-2"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb04/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 40591

GET
H/1.1 200
OK co2neutral.png
bilder.t-online.de/b/89/14/23/34/id_89142334/tid_da/ 4 KB
5 KB 120ms
29ms Image
image/png 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/14/23/34/id_89142334/tid_da/co2neutral.png
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: e9400ab060f5ceb9bcb8ce72732502205a8eea6bb45d29ad5d451632efd8a009

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 15:36:47 GMT
Last-Modified: Mon, 21 Dec 2020 12:51:15 GMT
Age: 1476
Etag: "89142334-3"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb04/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png;charset=ISO-8859-1
Content-Length: 4522

OPTIONS
H2 200 native-message
consent.t-online.de/wrapper/tcfv2/v1/gdpr/ Frame 0
0 204ms
97ms Preflight
text/html 143.204.245.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.t-online.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A375%2C%22requestUUID%22%3A%22ae585471-936a-4f7e-a607-dddc7398fb9b%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.t-online.de%22%2C%22targetingParams%22%3A%22%7B%5C%22testgroup%5C%22%3A%5C%222021-01-14-cmp-test-e5-2%5C%22%2C%5C%22device%5C%22%3A%5C%22desktop%5C%22%2C%5C%22pageid%5C%22%3A%5C%2282241508%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 143.204.245.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-54.cph50.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.t-online.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Sat, 17 Apr 2021 16:01:24 GMT
x-powered-by: Express
access-control-allow-origin: https://www.t-online.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
allow: POST,GET,HEAD
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 e5f9cea29f02f6a9a9b4da9c89f48d01.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: w4opUvRTCFGUY0CyPojmLjBdXWOJKV8apGPunl1f78ypYTQzG1MhRw==

GET
H2 200 native-message Show response
consent.t-online.de/wrapper/tcfv2/v1/gdpr/ 108 KB
14 KB 123ms
123ms XHR
application/json 143.204.245.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.t-online.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A375%2C%22requestUUID%22%3A%22ae585471-936a-4f7e-a607-dddc7398fb9b%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.t-online.de%22%2C%22targetingParams%22%3A%22%7B%5C%22testgroup%5C%22%3A%5C%222021-01-14-cmp-test-e5-2%5C%22%2C%5C%22device%5C%22%3A%5C%22desktop%5C%22%2C%5C%22pageid%5C%22%3A%5C%2282241508%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: consent.t-online.de
URL: https://consent.t-online.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-54.cph50.r.cloudfront.net
Software: / Express
Resource Hash: 190f36f9cf773bf30531c4a0611cda9091e33c08bfddde816102a01914909fb5

Request headers

Referer: https://www.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
content-encoding: gzip
x-amz-cf-pop: CPH50-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.t-online.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: Y7XfjeW3rIwIu9DMNAYJ8ufOlXDTbT6aL7oZzqK1G5zhmXc1UnvCZw==
via: 1.1 e5f9cea29f02f6a9a9b4da9c89f48d01.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
geolocation.stroeerdp.de/iplocation/ 402 B
681 B 75ms
18ms Script
application/json 2a02:cbf7:1:0:62:138:239:55
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation.stroeerdp.de/iplocation/?accesstoken=2d22516cf9152c9ad17492a5ae88102c&callback=jQuery18309659310208553293_1618675284039&_=1618675284044
Requested by: Host: stats.t-online.de
URL: https://stats.t-online.de/jquery-js/id_40001992/tid_js/index_ts1740001992.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:55 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6ba36ecde73a84d99131f7a452b11f810b3c058fb5dc5be6faa5b5913f25454f

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:24 GMT
Last-Modified: Sat, 17 Apr 2021 16:01:24 GMT
Server: Apache/2.4.18 (Ubuntu)
Age: 0
Content-Type: application/json;charset=utf-8
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 402

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/t-online/ 66 KB
17 KB 59ms
18ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/t-online/newsroom.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/id_83985808/tid_js/rl13-js-410-temp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff2158fa4acb1d955cdb06ed085c0c80e3e1e524b2e839e7645d99a8cc8ce84f

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "0a524ccd88ec9443b81b1b968110927d"
age: 2
x-cache: HIT
content-length: 17024
x-amz-id-2: 32ECIewCFum7kz6wLFexZdhdHzSOyRQ3u+Ye/YtOMAqBaZQGxNNgEIvdHX5/9JnxtnfIldpEyZQ=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 29 Mar 2021 19:29:06 GMT
server: AmazonS3
x-timer: S1618675284.110676,VS0,VE0
date: Sat, 17 Apr 2021 16:01:24 GMT
vary: Accept-Encoding
x-amz-request-id: BA9R3E6MKF70K8F2
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2

GET
H/1.1 200
OK ladegrafik.gif
img.toi.de/ 415 B
718 B 24ms
15ms Image
image/gif 2a02:cbf7:1:0:62:138:239:118
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.toi.de/ladegrafik.gif
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:118 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fbdbd8fcfaec73d6a43abcdec87bb3a3a70e3deccdcd582393995fb695b90562

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:16 GMT
Last-Modified: Thu, 28 Jan 2021 16:02:21 GMT
Server: Apache/2.4.18 (Ubuntu)
Age: 67
ETag: "19f-5b9f8033e5d40"
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 415

GET
H2 200 log.js Show response
u.heatmap.it/ 27 KB
11 KB 81ms
25ms Script
application/x-javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/log.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:15:50 GMT
content-encoding: br
last-modified: Mon, 22 Jun 2020 07:05:45 GMT
x-cdn-pop-ip: 51.254.41.192/26
etag: W/"5ef05849-6b2c"
x-cacheable: Matched cache
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=3600
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 10533
x-request-id: 608602162
expires: Fri, 16 Apr 2021 22:15:52 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/t-online/ 768 KB
57 KB 57ms
18ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/t-online/loader.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f0e106dc763bacfc94e034b6920b798fde759ecf5770a1b6f7341f396219d94

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uK9efNOsNlekKgpyxWyBkPz.1FpvdGKz
content-encoding: gzip
etag: "6e06b7a1875e2d0623309bafa6dfd596"
age: 47
x-cache: HIT
content-length: 57631
x-amz-id-2: hOBRdkChdBdNJxwmP+pAmR4pb1QBjdXVOEaMmHuO2aVYwuHgV9yF6I3YG6e6/fQQPb67kRFNqEA=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 14 Apr 2021 09:07:51 GMT
server: AmazonS3
x-timer: S1618675284.118453,VS0,VE0
date: Sat, 17 Apr 2021 16:01:24 GMT
vary: Accept-Encoding
x-amz-request-id: G3TWDP9MDW4C4HDE
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 92
x-cache-hits: 29

GET
H/1.1 200
OK index_ts1464720358.css
stats.t-online.de/rl13-print-view-css/id_64720358/tid_css/ 579 B
774 B 31ms
31ms Stylesheet
text/css 62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/rl13-print-view-css/id_64720358/tid_css/index_ts1464720358.css
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: d186d1478e9d8cca31763cf806823292f1fa6ee92399d60e8c746708e5ed1df8

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 6 Feb 2020 09:48:48 GMT
Age: 47
X-CacheTime: 17
Etag: "1580982528000"
Vary: User-Agent,Accept-Encoding
Content-Language: de
Cache-Control: public, max-age=31536000
X-SourceInfo: cmsweb01/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css;charset=utf-8
Content-Length: 358

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=toi&sv=ke&co=kommentar&sc=yes&cp=%2Fnachrichten%2Fregionales2%2Fkoeln&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.t-online.de&xy=1600x1200x24&cb=8007&vr=422&id=qn28...
https://de.ioam.de/tx.io?st=toi&sv=ke&co=kommentar&sc=yes&cp=%2Fnachrichten%2Fregionales2%2Fkoeln&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.t-online.de&xy=1600x1200x24&cb=8007&vr=422&id=qn28...

0
717 B

23ms
23ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=toi&sv=ke&co=kommentar&sc=yes&cp=%2Fnachrichten%2Fregionales2%2Fkoeln&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.t-online.de&xy=1600x1200x24&cb=8007&vr=422&id=qn28vx&i3=e417fcb2f38ff1966edd38303037d4aa5398f7%3A1646409684063%3A1618675284063%3A.t-online.de%3A1%3Atoi%3A%2Fnachrichten%2Fregionales2%2Fkoeln%3Anoevent%3A1618675284063&n1=1&dntt=0&lt=1618675284065&ev=&cs=6n5vs8&mo=1&sr=71
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 002a
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:24 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 002a
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Sat, 17 Apr 2021 16:01:24 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 002a
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Sat, 17 Apr 2021 16:01:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=toi&sv=ke&co=kommentar&sc=yes&cp=%2Fnachrichten%2Fregionales2%2Fkoeln&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.t-online.de&xy=1600x1200x24&cb=8007&vr=422&id=qn28vx&i3=e417fcb2f38ff1966edd38303037d4aa5398f7%3A1646409684063%3A1618675284063%3A.t-online.de%3A1%3Atoi%3A%2Fnachrichten%2Fregionales2%2Fkoeln%3Anoevent%3A1618675284063&n1=1&dntt=0&lt=1618675284065&ev=&cs=6n5vs8&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Fri, 17 Apr 2020 16:01:24 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/t-online/ 4 KB
2 KB 78ms
33ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/t-online/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/t-online/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ce2ba9cbc1d014cc5ed62345a4850ee247ef99691b7d1e7bf12e5944c82a314

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EHD7WAfq6SYkG_Koy3Xft7l94HgOSuBt
content-encoding: gzip
etag: "b5eb45380e36fa29e1ebb7fbfdf4a63f"
age: 146
x-cache: HIT, HIT
content-length: 1486
x-amz-id-2: IVoKfQtRKF8Is/hSAfN+4mFuiRZfP7G8ZJn95TM6LN89yLbfVTIZr8dnszTY72TqDhES+Gx5Mf0=
x-served-by: cache-sna10727-LGB, cache-fra19173-FRA
last-modified: Tue, 13 Apr 2021 05:28:09 GMT
server: AmazonS3
x-timer: S1618675284.269150,VS0,VE0
date: Sat, 17 Apr 2021 16:01:24 GMT
vary: Accept-Encoding,,
x-amz-request-id: XTCDPDSX0TVV68GA
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 3

GET
H2 200 impl.20210414-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 480 KB
110 KB 18ms
18ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/t-online/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vs9zfjmj52qQCvZeDRMgkTHl2EUEsIHE
content-encoding: br
etag: "e2aa74824e227f919caf68a3ad379b8a"
age: 25510
x-cache: HIT
content-length: 112566
x-amz-id-2: 8sX7ROG8Ywr4W/GQb+5O7U2IaUiPl2BzaJapdsLBu9dHudwfjbB9E0zysf16Cc4pz3TEYGLX824=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 14 Apr 2021 08:54:43 GMT
server: AmazonS3-br
x-timer: S1618675284.210030,VS0,VE0
date: Sat, 17 Apr 2021 16:01:24 GMT
vary: Accept-Encoding
x-amz-request-id: 5N55FMRHEZ39CMVJ
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 151140

GET
H/1.1 200
OK index.png
bilder.t-online.de/b/83/07/76/64/id_83077664/tid_da/ 8 KB
8 KB 28ms
28ms Image
image/png 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/83/07/76/64/id_83077664/tid_da/index.png
Requested by: Host: stats.t-online.de
URL: https://stats.t-online.de/rl13-726-css/id_63141836/tid_css/index_ts6864298144.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: f4159afb293a0ab0ed043b405ee67c78a7ea9650bd0b95bc2072a097609da3a8

Request headers

Referer: https://stats.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:09:28 GMT
Last-Modified: Fri, 19 Jan 2018 11:25:21 GMT
Age: 6715
Etag: "83077664-1"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb02/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png;charset=ISO-8859-1
Content-Length: 8030

GET
H/1.1 200
OK index Show response
www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/ Frame 9C43 15 KB
5 KB 32ms
31ms Document
text/html 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: d5b86aa096c5935b51054a162df06d80b268f344704ede09ef7448bacb922269

Request headers

Host: www.t-online.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.t-online.de/region/koeln
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2; ioam2018=e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.t-online.de/region/koeln

Response headers

Date: Sat, 17 Apr 2021 16:01:20 GMT
X-CacheTime: 30
X-SourceInfo: cmsweb03/04 17.2.0.4 :-)
Content-Type: text/html;charset=UTF-8
Content-Language: de
Content-Encoding: gzip
Content-Length: 5031
Last-Modified: Sat, 17 Apr 2021 16:01:20 GMT
Cache-Control: public, max-age=90
Age: 3
Vary: User-Agent,Accept-Encoding
Accept-Ranges: bytes
Connection: keep-alive

GET
H2 200 www.t-online.de.js Show response
u.heatmap.it/conf/ 1 KB
693 B 26ms
25ms Script
text/javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/conf/www.t-online.de.js
Requested by: Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: da585867001768a615da7909ee1c6202366e724426fb74dc36fc3abc77d6d02f

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:03 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.192/26
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 420
x-request-id: 616334670
expires: Sat, 17 Apr 2021 16:06:04 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62a47b076bf7e688b2e0de373a4a2f4568341676914bcfb90258a250ea3b6767

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK index
www.t-online.de/-/id_87403950/tid_da/ 1006 B
916 B 29ms
27ms Image
image/svg+xml 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.t-online.de/-/id_87403950/tid_da/index
Requested by: Host: stats.t-online.de
URL: https://stats.t-online.de/rl13-726-css/id_63141836/tid_css/index_ts6864298144.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: 67974fdcbf9c17e8df6462f7c9ab066d6f9407f716ec3e8f83fe56893200519a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://stats.t-online.de/
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2; ioam2018=e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v
Connection: keep-alive
Referer: https://stats.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:42:51 GMT
Age: 57
X-CacheTime: 17
Etag: "87403950-1"
Vary: User-Agent,Accept-Encoding
Content-Language: de
Cache-Control: public, max-age=90
X-SourceInfo: cmsweb07/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml;charset=ISO-8859-1
Content-Length: 498

GET
H/1.1 200
OK index
www.t-online.de/-/id_89348316/tid_da/ 4 KB
2 KB 31ms
31ms Image
image/svg+xml 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.t-online.de/-/id_89348316/tid_da/index
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/id_85884254/tid_css/regio-css.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: 766182b961ef296f926a67785dfa2db501639c787652ca8985a027ff0d75830c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.t-online.de/region/id_85884254/tid_css/regio-css.css
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2; ioam2018=e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v
Connection: keep-alive
Referer: https://www.t-online.de/region/id_85884254/tid_css/regio-css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Jan 2021 11:01:56 GMT
Age: 11
X-CacheTime: 17
Etag: "89348316-3"
Vary: User-Agent,Accept-Encoding
Content-Language: de-DE
Cache-Control: public, max-age=90
X-SourceInfo: cmsweb03/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml;charset=ISO-8859-1
Content-Length: 1670

GET
DATA 200
OK truncated
/ 521 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d9642d3cba24eed4a8899800f91933bb42305867329cb4549193874b717c90a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK index
stats.t-online.de/-/id_87279016/tid_font/ 8 KB
9 KB 116ms
27ms Font
application/octet-stream 62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/-/id_87279016/tid_font/index
Requested by: Host: stats.t-online.de
URL: https://stats.t-online.de/rl13-726-css/id_63141836/tid_css/index_ts6864298144.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: ac20ceba876caa6afd07438a7736e83edcb67ca94af22eeb33aaf58353d2a866

Request headers

Origin: https://www.t-online.de
Referer: https://stats.t-online.de/rl13-726-css/id_63141836/tid_css/index_ts6864298144.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:14 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Apr 2021 16:00:14 GMT
Age: 69
X-CacheTime: 17
Vary: User-Agent,Accept-Encoding
Content-Language: de
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Access-Control-Allow-Credentials: true
X-SourceInfo: cmsweb05/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/octet-stream;charset=UTF-8
Content-Length: 8499

GET
H2 200 globalAdTag.min.js Show response
cdn.interactivemedia.net/live/t-o-nachrichten/live/ 298 KB
67 KB 30ms
7ms Script
application/javascript 2a02:26f0:7100::687e:2409
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.interactivemedia.net/live/t-o-nachrichten/live/globalAdTag.min.js
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:2409 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: KONICHIWA/1.0 /
Resource Hash: 7ab4137562378e401faa076acf85a05b6b53c4a795f5bb1329d94250340faba4

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 15:54:04 GMT
server: KONICHIWA/1.0
x-amz-request-id: SZBEQ13XSC7B4S2T
etag: "9e1fa32d7885daab50e6a038df3ec074"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=634
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 68515
x-amz-id-2: UpWqqKlNSOd6rFCkH4WrBlirY0xF2lSDxJlX28UYNMFr0QfIZW4BpKiURHUoxVyFzGMbjPznmFk=

GET
H/1.1 200
OK index
stats.t-online.de/-/id_87279012/tid_font/ 33 KB
33 KB 105ms
27ms Font
application/octet-stream 62.138.239.104
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.t-online.de/-/id_87279012/tid_font/index
Requested by: Host: stats.t-online.de
URL: https://stats.t-online.de/rl13-726-css/id_63141836/tid_css/index_ts6864298144.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.104 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 4b21bed9ca1e769e2ed934d0986c1f94b1280099873732657bff7f7198a0553e

Request headers

Origin: https://www.t-online.de
Referer: https://stats.t-online.de/rl13-726-css/id_63141836/tid_css/index_ts6864298144.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Apr 2021 16:00:51 GMT
Age: 32
X-CacheTime: 17
Vary: User-Agent,Accept-Encoding
Content-Language: de
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Access-Control-Allow-Credentials: true
X-SourceInfo: cmsweb03/04 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/octet-stream;charset=UTF-8
Content-Length: 33580

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa3b5d9d216b02e39d2d39cc33a21a85e112a0fa9ddd5cd094b9b4d3dd4dcf1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 727 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7c3bc851347ec06409a900f99ea9dc1e8012b0655da83e2930078ff5d6be820

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 875 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a812d0b1cd90fda15fa8dc06492e775055d9dbaaf0cc5e8e39f9fc4e53e39d69

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4afc3cef79d58c59cb855a08bf1464b5f698cdeb542ccca3bcf0b70ca4048cfb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 852 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6beb8dc86b78d41fbc8556cb4734e17f22b7d59b2e3f7fcba35a54736023fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 688 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf21c901072e4c6f68eda08091ad46e6d4e183f57ebabcf5e75732c4303357a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 204
No Content pv
eu4.heatmap.it/log/ 0
212 B 132ms
28ms Image
image/gif 149.202.80.197
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu4.heatmap.it/log/pv?pid=26670&u=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&tpl=.&pt=K%C3%B6ln%3A%20News%20%26%20Aktuelles%20aus%20der%20Region&t=391952
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.202.80.197 , France, ASN16276 (OVH, FR),
Reverse DNS: eu4.heatmap.it
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:24 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sat, 17 Apr 2021 16:01:23 GMT

GET
H2 200 api Show response
suche.t-online.de/regional-api/ 882 B
434 B 117ms
32ms XHR
application/json 62.138.238.150
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://suche.t-online.de/regional-api/api?ci=koeln
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.138.238.150 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: suche.t-online.de
Software: nginx /
Resource Hash: f76e6bb25721d40b504e770322537c7608e514a953a42ef0f73e161ad5f42667

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Apr 2021 16:01:24 GMT
content-encoding: gzip
server: nginx
content-length: 316
content-type: application/json; charset=utf-8

GET
H2 200 pmk-202010011.15.js Show response
widget.perfectmarket.com/t-online/ 112 KB
31 KB 18ms
18ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/t-online/pmk-202010011.15.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/t-online/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c19498325011cb7209e91f0621887302620d1bf70d96c8e11544c68d1f08c7a

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FUqQcvUKfCxnHBmPoQmuzsUys5MGfb0w
content-encoding: gzip
etag: "04b0e448c1f9866020d2dcfcf3a052dc"
age: 383554
x-cache: HIT, HIT
content-length: 31132
x-amz-id-2: kWGf+itqidR3xNxgDyGxbyyEO18OTJ+c27ANal4mPzERbQfjuWFfpdKsVyjAzoogFyhYewjeMDQ=
x-served-by: cache-lax10644-LGB, cache-fra19173-FRA
last-modified: Tue, 13 Apr 2021 05:28:09 GMT
server: AmazonS3
x-timer: S1618675284.444267,VS0,VE0
date: Sat, 17 Apr 2021 16:01:24 GMT
vary: Accept-Encoding,,
x-amz-request-id: QQG9V0ZTNZ8XYKAK
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 88162

GET
H/1.1 200
OK t.gif
www.t-online.de/rl09/static/imgs/ Frame 9C43 42 B
335 B 31ms
31ms Image
image/gif 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.t-online.de/rl09/static/imgs/t.gif
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 22a6d424fddf97e1c2f47146ba4d38a9b09636edabd332ca8c02f3db8c99d1b4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2; ioam2018=e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v
Connection: keep-alive
Referer: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:20 GMT
Last-Modified: Thu, 28 Jan 2021 16:02:26 GMT
Server: Apache/2.4.18 (Ubuntu)
Age: 4
ETag: "2a-5b9f8038aa880"
Content-Type: image/gif
Cache-Control: public, max-age=5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK getUserData.json Show response
login.t-online.de/ Frame 9C43 22 B
405 B 56ms
12ms XHR
application/json 2a02:cbf7::62:138:238:39
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.t-online.de/getUserData.json?ts=5478953167995975
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7::62:138:238:39 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: nginx/1.13.12 / Express
Resource Hash: 7a9b6ba838f689634ad4b502219f11cda5f48105fa2f12f79ce05facccffd15b

Request headers

Referer: https://www.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:24 GMT
Server: nginx/1.13.12
Age: 0
X-Powered-By: Express
ETag: W/"16-a/5TdI932obC0DU7ARYz5pkcKJg"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.t-online.de
Cache-Control: private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22

GET
H/1.1 200
OK index.png
bilder.t-online.de/b/88/12/45/22/id_88124522/tid_da/ Frame 9C43 15 KB
16 KB 28ms
28ms Image
image/png 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/88/12/45/22/id_88124522/tid_da/index.png
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: d3165fd696ed5ce438f3f23e257f6fb623cabb022a51fa79fbec8260866b82d7

Request headers

Referer: https://www.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 15:01:20 GMT
Last-Modified: Thu, 25 Jun 2020 15:29:46 GMT
Age: 3603
Etag: "88124522-3"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb06/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png;charset=ISO-8859-1
Content-Length: 15743

GET
H/1.1 200
OK ladeblume.gif
img.toi.de/ Frame 9C43 2 KB
2 KB 15ms
15ms Image
image/gif 2a02:cbf7:1:0:62:138:239:118
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.toi.de/ladeblume.gif
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:118 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

Referer: https://www.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:18 GMT
Last-Modified: Thu, 28 Jan 2021 16:03:09 GMT
Server: Apache/2.4.18 (Ubuntu)
Age: 65
ETag: "739-5b9f8061ac940"
Content-Type: image/gif
Cache-Control: public, max-age=90
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1849

GET
H2 200 init Show response
d.nativendo.de/cds/delivery/ 1 KB
881 B 54ms
25ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.nativendo.de/cds/delivery/init?url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&gdpr=1&gdpr_consent=undefined
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: 44617abe85252a16c3a91e05065606c1d94faacd49b43355994d017f82c512e7

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:24 GMT
content-encoding: gzip
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 631
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK polizeiwagen-mit-blaulicht-symbolbild-in-bergheim-ist-in-der-nacht-zum-samstag-ein-22-jaehriger-angegriffen-und-verletzt-worden-.jpg
bilder.t-online.de/b/89/86/43/76/id_89864376/300_80/tid_da/ 9 KB
9 KB 30ms
28ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/86/43/76/id_89864376/300_80/tid_da/polizeiwagen-mit-blaulicht-symbolbild-in-bergheim-ist-in-der-nacht-zum-samstag-ein-22-jaehriger-angegriffen-und-verletzt-worden-.jpg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 6cce75c2fb4a7f2c4e14753e0393ff4b424975ea9d7b5d49ed0338ff9b262d1c

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:04:17 GMT
Last-Modified: Sat, 17 Apr 2021 13:42:44 GMT
Age: 7025
Etag: "89864376-2"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=2591999
X-SourceInfo: cmsweb04/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 8964

GET
H/1.1 200
OK ein-bildschirm-weist-auf-die-ausgangssperre-hin-ab-21-uhr-darf-die-wohnung-nur-noch-mit-triftigem-grund-verlassen-werden-.jpg
bilder.t-online.de/b/89/86/19/70/id_89861970/300_80/tid_da/ 14 KB
14 KB 32ms
31ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/86/19/70/id_89861970/300_80/tid_da/ein-bildschirm-weist-auf-die-ausgangssperre-hin-ab-21-uhr-darf-die-wohnung-nur-noch-mit-triftigem-grund-verlassen-werden-.jpg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 7388cfc6901adaa87f3ff7ffd285cb216f4d533280db19075fdedf0a987aba22

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:46:36 GMT
Last-Modified: Sat, 17 Apr 2021 06:42:32 GMT
Age: 4487
Etag: "89861970-3"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb06/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 14198

GET
H/1.1 200
OK der-spd-politiker-karl-lauterbach-archivbild-sein-privatwagen-wurde-am-freitag-mit-farbe-uebergossen-.jpg
bilder.t-online.de/b/89/86/15/76/id_89861576/300_80/tid_da/ 8 KB
9 KB 31ms
30ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/86/15/76/id_89861576/300_80/tid_da/der-spd-politiker-karl-lauterbach-archivbild-sein-privatwagen-wurde-am-freitag-mit-farbe-uebergossen-.jpg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 4c8ee1dd0910daca7facebb0b2a5e020cef2a3a013b041b16ce5039e21dc1c13

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 14:14:52 GMT
Last-Modified: Sat, 17 Apr 2021 00:02:45 GMT
Age: 6391
Etag: "89861576-2"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb04/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 8641

GET
H/1.1 200
OK nachtaufnahme-des-koelner-doms-in-der-stadt-gilt-nun-eine-naechtliche-ausgangssperre-.jpg
bilder.t-online.de/b/89/85/88/34/id_89858834/300_80/tid_da/ 11 KB
11 KB 32ms
31ms Image
image/jpeg 62.138.238.103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/89/85/88/34/id_89858834/300_80/tid_da/nachtaufnahme-des-koelner-doms-in-der-stadt-gilt-nun-eine-naechtliche-ausgangssperre-.jpg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.238.103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 76a6b703f62a354439957004d66bc56aeea23b4b66ff67a2fec5977e27e5f23e

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:00:08 GMT
Last-Modified: Fri, 16 Apr 2021 13:37:45 GMT
Age: 75
Etag: "89858834-5"
Vary: User-Agent
Content-Language: en-US
Cache-Control: public, max-age=86400
X-SourceInfo: cmsweb04/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 11269

GET
H/1.1 200
OK instruments Show response
www.t-online.de/api/finance/api-gateway/ 5 KB
5 KB 32ms
31ms XHR
application/json 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.t-online.de/api/finance/api-gateway/instruments?id=DE0008469008&idType=ISIN
Requested by: Host: stats.t-online.de
URL: https://stats.t-online.de/jquery-js/id_40001992/tid_js/index_ts1740001992.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: /
Resource Hash: a2ff36d09d8876d761bfbd44973a9b872aeb0db3fd7d7dca49edbb954f1b56d4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2; ioam2018=e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v; _sp_v1_uid=1:986:e37d7984-b68d-4446-bc75-7589ec4ea85e; _sp_v1_data=2:326817:1618675284:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbKKxsrIAzEMamN1YpRSQcy80pwcILsErKC6lgwJpVgAEA5-UnQAAAA%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=98307a48-509e-4de3-a37a-04501f2663b5
Connection: keep-alive
Referer: https://www.t-online.de/region/koeln
Accept: */*
Referer: https://www.t-online.de/region/koeln
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:16 GMT
Last-Modified: Sat, 17 Apr 2021 16:01:16 GMT
Age: 6
x-amzn-RequestId: 584c0d83-46e8-45b6-8145-ea30b8b5de20
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=90
X-Amzn-Trace-Id: Root=1-607b064c-7c62628049a22fa5067b3d23;Sampled=0
Access-Control-Allow-Headers: Content-Type, X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Date, X-Api-Version, X-File-Name
Connection: keep-alive
Access-Control-Allow-Credentials: true
x-amz-apigw-id: d73sAEHJFiAFeWQ=
Content-Length: 4648
Accept-Ranges: bytes

GET
H2 200 index.html Show response
consent.t-online.de/ Frame 8340 4 KB
2 KB 57ms
56ms Document
text/html 143.204.245.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
Requested by: Host: consent.t-online.de
URL: https://consent.t-online.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-54.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60effd373d81355362c0687756ba19e849ed437ebdff6ee60876f42fa5a8fbb

Request headers

:method: GET
:authority: consent.t-online.de
:scheme: https
:path: /index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.t-online.de/region/koeln
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: testVariationconsent=2021-01-14-cmp-test-e5-2; ioam2018=e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v; consentUUID=98307a48-509e-4de3-a37a-04501f2663b5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.t-online.de/region/koeln

Response headers

content-type: text/html
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 17 Apr 2021 15:14:07 GMT
etag: W/"4f1eae5345c39a34cb9bac5635394aaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 0jUk353u6VWYzVJ2LTRmgIK3j1bg0fofbUOQiSVFMfVf-pE3a5jz-Q==
age: 3589

GET
H/1.1 200
OK t.gif
www.t-online.de/rl09/static/imgs/ Frame 9C43 42 B
335 B 28ms
28ms Image
image/gif 62.138.239.100
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.t-online.de/rl09/static/imgs/t.gif
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.239.100 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: www.t-online.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 22a6d424fddf97e1c2f47146ba4d38a9b09636edabd332ca8c02f3db8c99d1b4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.t-online.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
Cookie: testVariationconsent=2021-01-14-cmp-test-e5-2; ioam2018=e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v; _sp_v1_uid=1:986:e37d7984-b68d-4446-bc75-7589ec4ea85e; _sp_v1_data=2:326817:1618675284:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbKKxsrIAzEMamN1YpRSQcy80pwcILsErKC6lgwJpVgAEA5-UnQAAAA%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=98307a48-509e-4de3-a37a-04501f2663b5
Connection: keep-alive
Referer: https://www.t-online.de/-/id_62530634/tid_tsr_iframe_loginbox/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:20 GMT
Last-Modified: Thu, 28 Jan 2021 16:02:26 GMT
Server: Apache/2.4.18 (Ubuntu)
Age: 3
ETag: "2a-5b9f8038aa880"
Content-Type: image/gif
Cache-Control: public, max-age=5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H2 200 loader.js Show response
c.nativendo.de/cdn/asset/js/ 64 KB
20 KB 29ms
14ms Script
application/javascript 2606:4700:20::681a:4fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Requested by: Host: d.nativendo.de
URL: https://d.nativendo.de/cds/delivery/init?url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&gdpr=1&gdpr_consent=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 435d237e9e171b30be3a47bedc94afc7b9f832a4e39f17b4581d3c0a0889b960

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 116294
cf-polished: origSize=65316
content-encoding: br
cf-request-id: 098229d265000005f97f976000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kPMyRWcl%2BNy1tfcUaHjxuwByg2keUSHDVvQeJn7SWqivgELk3quIoBXDHsToQel8Yu41DfOPgbnopE7x6LN6BM%2FPtXEg9vPSox7wMfPJx5z5yD5JrpGHazDzig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 6416df30ac5705f9-FRA
expires: Sat, 16 Apr 2022 07:43:10 GMT

GET
H2 200 Notice.37f30.css
consent.t-online.de/ Frame 8340 29 KB
5 KB 56ms
56ms Stylesheet
text/css 143.204.245.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.t-online.de/Notice.37f30.css
Requested by: Host: consent.t-online.de
URL: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-54.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa

Request headers

Referer: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 15:14:08 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
age: 3088
etag: W/"227670f327655cdc0f6317b8d0f58d27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: T7xjd3MAfU8Aj7NuIAaHSsPaxSJXgnfW_avKzs7hhH5FNUhm6Fam4A==

GET
H2 200 polyfills.65071.js Show response
consent.t-online.de/ Frame 8340 5 KB
2 KB 57ms
56ms Script
application/javascript 143.204.245.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.t-online.de/polyfills.65071.js
Requested by: Host: consent.t-online.de
URL: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-54.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 15:14:08 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
age: 3090
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 33APMdX-ytRllyrvBOj2nKYa8jsNyYI6sKG2q_8DxmpA8DztH4uRMA==

GET
H2 200 Notice.edef1.js Show response
consent.t-online.de/ Frame 8340 171 KB
42 KB 57ms
57ms Script
application/javascript 143.204.245.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.t-online.de/Notice.edef1.js
Requested by: Host: consent.t-online.de
URL: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-54.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8318b36ea964a68959576876dd85fa417cb7784a31ae78acaa3c58720d62dc34

Request headers

Referer: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 15:14:08 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
age: 3088
etag: W/"2a94f5880eb7b9fe653fe8a73017e764"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: jmt5SAncchoT5NSLHHYHhVfddisQJ7oUGhn-9GWUA17IQEQuMpy_qw==

GET
H2 200 nativendo.css
c.nativendo.de/cdn/asset/css/ 6 KB
2 KB 12ms
12ms Stylesheet
text/css 2606:4700:20::681a:4fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.nativendo.de/cdn/asset/css/nativendo.css?v=1263
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daabf20d1cb5bebc3e10b9d5e0285f136a49607ca9547f80c7dbd270747ba79d

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 116294
cf-polished: origSize=7383
content-encoding: br
cf-request-id: 098229d27a000005f9d3350000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r0FzpcogZch5GH8qaH7qxB2kIjATg9mRba2sxttztQASTv3r3W4NUwvjTRel0U31vGroNfWV3v2FPVKrSuwWDG%2BGkE2mcrqISKM5Ux4pMFJUFLX6rirCaKpjRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 6416df30cc9505f9-FRA
expires: Sat, 16 Apr 2022 07:43:10 GMT

GET
H/1.1 200
OK t.gif
img.toi.de/ Frame 8340 42 B
343 B 16ms
15ms Image
image/gif 2a02:cbf7:1:0:62:138:239:118
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.toi.de/t.gif
Requested by: Host: consent.t-online.de
URL: https://consent.t-online.de/Notice.edef1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:118 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 22a6d424fddf97e1c2f47146ba4d38a9b09636edabd332ca8c02f3db8c99d1b4

Request headers

Referer: https://consent.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:14 GMT
Last-Modified: Thu, 28 Jan 2021 16:02:36 GMT
Server: Apache/2.4.18 (Ubuntu)
Age: 10
ETag: "2a-5b9f804233f00"
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 8340 2 KB
1 KB 274ms
169ms Fetch
application/json 143.204.245.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=1951&consentLanguage=de
Requested by: Host: consent.t-online.de
URL: https://consent.t-online.de/Notice.edef1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-60.cph50.r.cloudfront.net
Software: /
Resource Hash: b95a832f5cf25d58db39c37b3b6045d769e4b76bad18a71bd660b2aa8bce4a3b

Request headers

Referer: https://consent.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
content-encoding: gzip
x-amz-cf-pop: CPH50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://consent.t-online.de
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 4yVYAxcRaelVk7H6LreZyBXf0qg25P_7V63pT-MJXB8iU_Jzm8mzqw==
via: 1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)

POST
H2 200 check-url Show response
n.nativendo.de/ 1 B
176 B 54ms
21ms XHR
text/plain 34.102.174.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://n.nativendo.de/check-url
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.174.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.174.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.t-online.de
access-control-allow-credentials: true
x-node-hostname: nlp-6nnw
alt-svc: clear
content-length: 1

POST
H2 200 / Show response
d.nativendo.de/cds/delivery/get/ 16 KB
2 KB 35ms
35ms XHR
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.nativendo.de/cds/delivery/get/
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: ccfc2ef3e8df3c9aa893c6ede7d98f79a18c7ea2be9e2bcd70f9332c3b9ec82a

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
content-encoding: gzip
access-control-allow-origin: https://www.t-online.de
alt-svc: clear
content-length: 1978
pragma: no-cache
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8340 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfabbfcfe95d6f210712178b09a2a3115501f2f4f2fb55f9d371c703b6b8eb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8340 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: consent.t-online.de
URL: https://consent.t-online.de/index.html?message_id=476541&consentUUID=98307a48-509e-4de3-a37a-04501f2663b5&requestUUID=ae585471-936a-4f7e-a607-dddc7398fb9b&preload_message=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://consent.t-online.de
Referer: https://consent.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 539866
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8340 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://consent.t-online.de
Referer: https://consent.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 539866
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8340 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://consent.t-online.de
Referer: https://consent.t-online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 539866
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

POST
H2 200 / Show response
d.nativendo.de/cds/delivery/renders/2rif4.afchs.hjsow.0-2rim8.63nr4.8txj4.0-2ritc.9kw74.fuuio.0-2rj7k.9mrcw.fyz28.0-2rj0g.afzsw.hmsqo.0/ 5 KB
1 KB 26ms
25ms XHR
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.nativendo.de/cds/delivery/renders/2rif4.afchs.hjsow.0-2rim8.63nr4.8txj4.0-2ritc.9kw74.fuuio.0-2rj7k.9mrcw.fyz28.0-2rj0g.afzsw.hmsqo.0/
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: 99327be7785544a9c9223b762bc5106e7cfb886fea15bd4e6a2a4d0d2152d2c4

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
content-encoding: gzip
access-control-allow-origin: https://www.t-online.de
alt-svc: clear
content-length: 1236
pragma: no-cache
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 406791d9-029c-4b1d-82ca-e606d515be7c.png
c.nativendo.de/cdn/asset/media/crt/102501/84/ 1000 B
1 KB 14ms
12ms Image
image/webp 2606:4700:20::681a:4fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.nativendo.de/cdn/asset/media/crt/102501/84/406791d9-029c-4b1d-82ca-e606d515be7c.png?v=1617017681&quality=96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 805a57aba5a9a8eab0860e67e2a4cbfb7006d1007c1934ca3b6ec6c7ce8b94ab

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 241225
cf-polished: origFmt=jpeg, origSize=1412
content-disposition: inline; filename="406791d9-029c-4b1d-82ca-e606d515be7c.webp"
content-length: 1000
cf-request-id: 098229d338000005f97b01f000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VFSwA7tUMxmhsmohkuEQC2ov%2BgTJFZLXLddG32Cnxx6idSd6zSj0CvN1%2Fd32fm%2FyAR1XBmWmfnvYnAHB2DSpswwwxwTqmupl2hl0Rp6qGWRMA1Obi6AvDpN8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6416df31ff4f05f9-FRA
expires: Wed, 13 Apr 2022 16:03:46 GMT

GET
H/1.1 200
OK ai.aspx
tagm.tchibo.de/ 43 B
1 KB 104ms
31ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tagm.tchibo.de/ai.aspx?extProvID=113&extProvApi=128152&extPu=74451&extLi=NF_Kooperation_Stroeer_2021&extSi=ROS%20Logo&extCr=NF_2021_Startseite_X_Toppartner%20Logo&gdpr=1&gdpr_consent=undefined

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Krefeld, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 17 Apr 2021 04:01:24 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 17 Apr 2021 16:01:24 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.t-online.de
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 821
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 0d690cfc-9462-4365-ba06-449ffe9d8371.gif
c.nativendo.de/cdn/asset/media/crt/52944/84/ 1 KB
1 KB 17ms
15ms Image
image/webp 2606:4700:20::681a:4fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.nativendo.de/cdn/asset/media/crt/52944/84/0d690cfc-9462-4365-ba06-449ffe9d8371.gif?v=1573026780&quality=96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a252133d8b4ab0e7db12e5cfc53ca94f20451de8c45a4b1de5151cfaadbd1b93

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 67209
cf-polished: origFmt=jpeg, origSize=1572
content-disposition: inline; filename="0d690cfc-9462-4365-ba06-449ffe9d8371.webp"
content-length: 1102
cf-request-id: 098229d338000005f9b99f3000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=91Vhx3SrGNeuPseiuBOK9%2BaWmbOb3xCQn4%2BMczc5bRWyqjPWx3IyGJVLq9wP%2BfC3J8WrtiTPYZq7SkteSll3yRRu04f8q8Oam%2FXAanl6den9wLH1dpaAWUuydg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6416df31ff5105f9-FRA
expires: Sat, 16 Apr 2022 16:57:51 GMT

GET
H2 200 39797dc6-ea81-48bc-b4c6-f7f95b09b512.gif
c.nativendo.de/cdn/asset/media/crt/93389/84/ 1 KB
1 KB 14ms
13ms Image
image/webp 2606:4700:20::681a:4fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.nativendo.de/cdn/asset/media/crt/93389/84/39797dc6-ea81-48bc-b4c6-f7f95b09b512.gif?v=1608630263&quality=96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29e89fe8e1faa4026c679d95d9836c44e7a2017096c8689e6257ebcd5ea04a7f

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 480859
cf-polished: origFmt=jpeg, origSize=1717
content-disposition: inline; filename="39797dc6-ea81-48bc-b4c6-f7f95b09b512.webp"
content-length: 1078
cf-request-id: 098229d339000005f9680e5000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=79K4x4gszJnktktac6f%2BWus4pG7sAAjP7h6lN8jy34Ebe6b%2Fm%2FxauXkhqQgUkbjxrNA9g5Wgp%2BzCwDZjHMwAvyAbF8%2FQtEyVQYJgzWOsZNm41aXopfx4x5TFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6416df31ff5305f9-FRA
expires: Sun, 10 Apr 2022 11:12:30 GMT

GET
H2 200 2ada0dbf-8a13-485e-856f-f0aa395823c8.jpg
c.nativendo.de/cdn/asset/media/crt/94070/160/ 638 B
1 KB 14ms
13ms Image
image/webp 2606:4700:20::681a:4fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.nativendo.de/cdn/asset/media/crt/94070/160/2ada0dbf-8a13-485e-856f-f0aa395823c8.jpg?v=1609233493&quality=96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3738fbe553ad60b652afefe3330ec460992a8dcd1e76677af471286bff8bf860

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 242191
cf-polished: origFmt=jpeg, origSize=1212
content-disposition: inline; filename="2ada0dbf-8a13-485e-856f-f0aa395823c8.webp"
content-length: 638
cf-request-id: 098229d339000005f9a8091000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yk9%2BoCki4rq38zBPRNwY%2FcyMWWY4dVqHW3aPWrFVH2orjGz6wxX7WhRCAsIegu8RgWxPndFueOeTx1AlfG78txs%2FFW%2BxHXCK0QFA0ZlZ43L0Qs7FViACba7%2FAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6416df31ff5605f9-FRA
expires: Wed, 13 Apr 2022 12:16:18 GMT

GET
H2 200 c773b797-a68b-4105-81b8-079d52ae403e.jpg
c.nativendo.de/cdn/asset/media/crt/102868/84/ 1 KB
2 KB 15ms
14ms Image
image/webp 2606:4700:20::681a:4fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.nativendo.de/cdn/asset/media/crt/102868/84/c773b797-a68b-4105-81b8-079d52ae403e.jpg?v=1617107905&quality=96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0ce42cbabbb30af1e38ae3818034301ca81eb43021005f7621fb1f426591d2

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 555812
cf-polished: origFmt=jpeg, origSize=1565
content-disposition: inline; filename="c773b797-a68b-4105-81b8-079d52ae403e.webp"
content-length: 1070
cf-request-id: 098229d339000005f9afb68000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4BPuqWR5nYKfaFgTeEL5FpHz2X5U6UtbLpvOkile0eanfQ9D8fILUmxuWetSg7GoLV9GFZpx7SYt%2BMIX4aKp3xBhUInFiJjse6E90WWN1TfXVOQlvhvHle9JZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6416df31ff5a05f9-FRA
expires: Fri, 08 Apr 2022 23:01:50 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 31ms
30ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rif4&cid=afchs&cti=hjsow&imp=5&cbl=1.3.4.5.6.9&t=ad%2Fview&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 31ms
30ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rim8&cid=63nr4&cti=8txj4&imp=4&cbl=1.3.4.5.6.9&t=ad%2Fview&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
47 B 29ms
28ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2ritc&cid=9kw74&cti=fuuio&imp=3&cbl=1.3.4.5.6.9&t=ad%2Fview&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 32ms
32ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rj7k&cid=9mrcw&cti=fyz28&imp=2&cbl=1.3.4.5.6.9&t=ad%2Fview&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 30ms
29ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rj0g&cid=afzsw&cti=hmsqo&imp=1&cbl=1.3.4.5.6.9&t=ad%2Fview&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:24 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:24 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8340 224 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ce9d3ab6794802bb432b43975132f4a0b34b4cf8015f76fe1e63c378a55e053

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 json Show response
trc.taboola.com/t-online/trc/3/ 21 KB
8 KB 315ms
277ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/t-online/trc/3/json?tim=18%3A01%3A25.025&lti=deflated&data=%7B%22id%22%3A651%2C%22ii%22%3A%22%2Fregion%2Fkoeln%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1618391258114%2C%22vi%22%3A1618675285023%2C%22cv%22%3A%2220210414-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5540%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Regio%20Section%20Front%20Feed%22%2C%22orig_uip%22%3A%22Regio%20Section%20Front%20Feed%22%2C%22cd%22%3A4879%2C%22mw%22%3A920%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f56c4ecc4424976cdbcde5b06f1685577f4396292599ccefe68df18f4e6f926

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 259
date: Sat, 17 Apr 2021 16:01:25 GMT
content-encoding: gzip
server: nginx
x-timer: S1618675285.075587,VS0,VE259
x-served-by: cache-fra19162-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.t-online.de
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 28ms
28ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?aid=2rj0g&cbl=1.3.4.5.6.9&t=data%2Finventory&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
68 B 27ms
26ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?aid=2rj7k&cbl=1.3.4.5.6.9&t=data%2Finventory&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 28ms
27ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?aid=2ritc&cbl=1.3.4.5.6.9&t=data%2Finventory&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 30ms
29ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?aid=2rim8&cbl=1.3.4.5.6.9&t=data%2Finventory&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 30ms
29ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?aid=2rif4&cbl=1.3.4.5.6.9&t=data%2Finventory&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 29ms
29ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rif4&cid=afchs&cti=hjsow&imp=5&cbl=1.3.4.5.6.9&t=ad%2Fwatch&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 29ms
29ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rim8&cid=63nr4&cti=8txj4&imp=4&cbl=1.3.4.5.6.9&t=ad%2Fwatch&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 26ms
26ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2ritc&cid=9kw74&cti=fuuio&imp=3&cbl=1.3.4.5.6.9&t=ad%2Fwatch&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 28ms
27ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rj7k&cid=9mrcw&cti=fyz28&imp=2&cbl=1.3.4.5.6.9&t=ad%2Fwatch&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bc70265b-8d91-4b74-92e7-254d80d42569 Show response
t.nativendo.de/cds/tracking/event/ 0
45 B 28ms
28ms Script
text/javascript 107.178.241.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nativendo.de/cds/tracking/event/bc70265b-8d91-4b74-92e7-254d80d42569?noc=5ad3o7pc&aid=2rj0g&cid=afzsw&cti=hmsqo&imp=1&cbl=1.3.4.5.6.9&t=ad%2Fwatch&ar=0&url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&ts=1618675285
Requested by: Host: c.nativendo.de
URL: https://c.nativendo.de/cdn/asset/js/loader.js?v=1263
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.241.178.107.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
via: 1.1 google
last-modified: Sat, 17 Apr 2021 16:01:25 GMT
server: Apache
content-type: text/javascript; charset=utf-8
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 14 KB
5 KB 18ms
17ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: k0fLHolrULeyflnSHDHGwfQ5cxCVyM94
content-encoding: gzip
etag: "03de8465cf9a5b82f8bf06944d4a54bc"
age: 4923
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4635
x-amz-id-2: n0fs0aPjHQZ717aN6pHqjdafdagMI/X2oD473Xn8JdFmnM8xoLNWv04vNqSOrRPlh5LHWAghvv8=
x-served-by: cache-hhn11563-HHN
last-modified: Tue, 13 Apr 2021 14:38:50 GMT
server: AmazonS3
x-timer: S1618675285.365209,VS0,VE0
date: Sat, 17 Apr 2021 16:01:25 GMT
vary: Accept-Encoding
x-amz-request-id: ZZF2F7YZGKDR2BAV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 69
x-cache-hits: 68580

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1 KB 18ms
18ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 4355
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by: cache-hhn11563-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1618675285.365512,VS0,VE0
date: Sat, 17 Apr 2021 16:01:25 GMT
vary: Accept-Encoding
x-amz-request-id: CR4E2RJ6SANDVYVF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 69
x-cache-hits: 61944

GET
H2 200 tfa-eid.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 19ms
17ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/t-online/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mcil7LLvHShbJAYM25abSAt5ko2HvoSo
content-encoding: gzip
etag: "f0c15c57ffc1f0a46194c879c6386fe4"
age: 5
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4857
x-amz-id-2: v5Ibq2600YiONR7MaKjsx0SsWN3JTRD52AsNpHUhfuIOpkdHdG9indW48CnS9JFF6L2y6pTjImg=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 14 Apr 2021 09:09:32 GMT
server: AmazonS3
x-timer: S1618675285.368899,VS0,VE0
date: Sat, 17 Apr 2021 16:01:25 GMT
vary: Accept-Encoding
x-amz-request-id: 72FQCTBEEM77ZQS1
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 69
x-cache-hits: 33

GET
H2 200 sha256.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 18ms
18ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/t-online/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FCaRxwcW3MLlXzgVX9HQNSiyqGkGeGF_
content-encoding: gzip
etag: "449a15420f4bd41326d0ce1cb3e3252f"
age: 33
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2596
x-amz-id-2: /fVS9G43oGlBjDh7W8lNMwAz/oem2yxojB0zPihiFGUPaXLwNGA4p9d0kdzsaRjM3PZxpd+CR4U=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 14 Apr 2021 09:09:42 GMT
server: AmazonS3
x-timer: S1618675285.369129,VS0,VE0
date: Sat, 17 Apr 2021 16:01:25 GMT
vary: Accept-Encoding
x-amz-request-id: FRPMTZM1YCZQKJHZ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 69
x-cache-hits: 318

GET
H2 200 feed-card-placeholder.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 19ms
19ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/t-online/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9084c8d15d1443f22f31d7724ae80d662d69d384d206213458cc784ebd3bf9a

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lVKcweJm8pgn4Jw61u8krkR2RLWq8EWt
content-encoding: gzip
etag: "495e7acaa76bf6e7a083dd06892c2adc"
age: 54
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1269
x-amz-id-2: ABfv2lZyTicdasoHFB2FyQPExO/canFEjW3HDOThUcVzHKfsh+8ohg3rjLviupbhDf8Kd7FIJEY=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 14 Apr 2021 09:10:00 GMT
server: AmazonS3
x-timer: S1618675285.374787,VS0,VE0
date: Sat, 17 Apr 2021 16:01:25 GMT
vary: Accept-Encoding
x-amz-request-id: S4GPR057XV66X0DN
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 69
x-cache-hits: 366

GET
H2 200 userx.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 21ms
21ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/t-online/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AB5kaFHgjUzYaSgXhghd6SMiz6ooDCVp
content-encoding: gzip
etag: "4dee943d9af8f930facd1ec702b5266b"
age: 97
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7856
x-amz-id-2: urU9COxwtiuiB4uz1lO56EVkmVboMnMmnNM0RY1SB51LRkaZcs2S1tm+RTZouhYEPct48bnbYbE=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 14 Apr 2021 09:09:28 GMT
server: AmazonS3
x-timer: S1618675285.389126,VS0,VE0
date: Sat, 17 Apr 2021 16:01:25 GMT
vary: Accept-Encoding
x-amz-request-id: 4KDN0BQFYB3QY2Q0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 69
x-cache-hits: 157

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 18ms
18ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 44
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: NEmU1ZLGBivh17attqjutVeDItpvUZXBnAqIjCXHVmq+ljcnqasABW9FxsaZow932JBDe4UzNuo=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1618675285.389598,VS0,VE0
date: Sat, 17 Apr 2021 16:01:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 11HNEHRPNXTPWD7Z
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 69
x-cache-hits: 130

GET
H2 204 social
trc-events.taboola.com/t-online/log/3/ 0
409 B 88ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/t-online/log/3/social?route=IL:IL:V&lti=deflated&ri=b27ceb870f1fad36bf5204b5be80a27c&sd=v2_7c6f555fab5c320fe0df88a218c79f07_ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5_1618675285_1618675285_CNawjgYQmI5BGJ_4woSOLyABKAEwKziy0A1A0IgQSN7Y2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&pi=/region/koeln&wi=-7201317690823365210&pt=category&vi=1618675285023&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22K%C3%B6ln%3A%20News%20%26%20Aktuelles%20aus%20der%20Region%22%2C%22sec%22%3A%22Regional%2CRegional-Koeln%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A01%3A25.405&id=3761&llvl=1&cv=20210414-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
server: nginx
x-fastly-to-nlb-rtt: 15634
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.195:10213

GET
H2 204 social
trc-events.taboola.com/t-online/log/3/ 0
408 B 29ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/t-online/log/3/social?route=IL:IL:V&lti=deflated&ri=b27ceb870f1fad36bf5204b5be80a27c&sd=v2_7c6f555fab5c320fe0df88a218c79f07_ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5_1618675285_1618675285_CNawjgYQmI5BGJ_4woSOLyABKAEwKziy0A1A0IgQSN7Y2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&pi=/region/koeln&wi=-7201317690823365210&pt=category&vi=1618675285023&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22K%C3%B6ln%3A%20News%20%26%20Aktuelles%20aus%20der%20Region%22%2C%22sec%22%3A%22Regional%2CRegional-Koeln%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A01%3A25.672&id=6984&llvl=1&cv=20210414-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:25 GMT
server: nginx
x-fastly-to-nlb-rtt: 15621
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.195:10213

POST
H2 204 bulk Show response
trc.taboola.com/t-online/log/3/ 0
236 B 86ms
86ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/t-online/log/3/bulk?route=IL%3AIL%3AV&lti=deflated&bulkSize=3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 68
pragma: no-cache
date: Sat, 17 Apr 2021 16:01:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675286.423607,VS0,VE68
x-served-by: cache-fra19162-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.t-online.de
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
712 B 18ms
18ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.t-online.de
URL: https://www.t-online.de/region/koeln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.t-online.de/region/koeln
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 1577
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1618675286.434559,VS0,VE0
date: Sat, 17 Apr 2021 16:01:26 GMT
x-amz-request-id: BZA2MM8GAVQZA74K
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 69
x-cache-hits: 2310

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 58A2
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-...

0
76 B

35ms
33ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675288.514272,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19162-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0
tbl-x-upstream: 10.40.0.195:10213
date: Sat, 17 Apr 2021 16:01:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 15617

GET
H2

200

sd
u.openx.net/w/1.0/ Frame 58A2
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=

43 B
180 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 58A2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0

0
175 B

86ms
85ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675287.468546,VS0,VE68
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19162-FRA

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 58A2
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0XKqC0AbEL2Q&ev=1&orig=trc&pid=562107

0
218 B

29ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0XKqC0AbEL2Q&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Sat, 17 Apr 2021 16:01:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 19721

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0XKqC0AbEL2Q&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-slvsr
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 58A2 43 B
691 B 116ms
47ms Image
image/gif 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 16:01:27 GMT
X-Proxy-Origin: 37.120.213.84; 37.120.213.84; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.153:80
AN-X-Request-Uuid: be7cb690-b292-483c-aa8b-22c29e27ed05
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 58A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1

0
179 B

86ms
86ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675288.519947,VS0,VE68
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19162-FRA

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 58A2 42 B
805 B 139ms
32ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:27 GMT
X-lat: lhrpug013:0:388
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 58A2
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&google_tc=

170 B
188 B

55ms
27ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 58A2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908

0
55 B

86ms
86ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675288.560357,VS0,VE68
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19162-FRA

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 58A2
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

25ms
25ms

Image
text/plain

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 16:01:27 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 16:01:27 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 58A2 49 B
729 B 231ms
108ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-qmb4p
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 58A2 43 B
715 B 87ms
29ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
cache-control: no-cache,no-store
x-smrt-reason: 5
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 58A2 0
59 B 128ms
32ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:26 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 58A2
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6

0
227 B

29ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Sat, 17 Apr 2021 16:01:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 17268

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6
cache-control: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
server-processing-duration-in-ticks: 1628
content-type: text/html; charset=utf-8
content-length: 222
expires: Sat, 17 Apr 2021 00:00:00 GMT

GET

ibs:dpid=494279&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/ Frame 58A2
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=3c2f2eca-e7af-4f26-8412-c03713699c8a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=61cf15b552959f0280ad9c24f4e2c98d&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=6698c558-8db4-496f-87cc-683c327801e5&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/3/5.gif?puid=2b72d9b1-9f96-11eb-8dd8-7aedb93adb57&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/2/6.gif?puid=efb24fe4-e932-41af-90d9-3744d1eda503&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F1%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
https://id5-sync.com/c/464/160/1/7.gif?puid=21782201916013794300455576650440932171&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 58A2
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Bv48bq1WCzOmjq9KWAZ7YA

0
218 B

28ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Bv48bq1WCzOmjq9KWAZ7YA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Sat, 17 Apr 2021 16:01:28 GMT
server: nginx
x-fastly-to-nlb-rtt: 23813

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Bv48bq1WCzOmjq9KWAZ7YA
date: Sat, 17 Apr 2021 16:01:28 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 58A2 35 B
380 B 1166ms
116ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Sat, 17 Apr 2021 16:00:30 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 58A2
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=2f87c844-66ba-4e28-94f1-6b2a559b8cd9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=2f87c844-66ba-4e28-94f1-6b2a559b8cd9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=1&user_id=ae2bfdde-0557-4cd4-8860-e1ab378aa0fc&ssp=taboola&bsw_param=2f87c844-66ba-4e28-94f1-6b2a559b8cd9
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9

0
228 B

28ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Sat, 17 Apr 2021 16:01:28 GMT
server: nginx
x-fastly-to-nlb-rtt: 23367

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9
date: Sat, 17 Apr 2021 16:01:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9567
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-...

0
52 B

26ms
26ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675288.652968,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19162-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=21b8082f-37f4-463d-905d-db62ad6ff349&tbid=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7&query=taboola_hm%3D21b8082f-37f4-463d-905d-db62ad6ff349&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Sat, 17 Apr 2021 16:01:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 17057

GET
H2

200

sd
u.openx.net/w/1.0/ Frame 9567
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=

43 B
106 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 9567
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0

0
55 B

84ms
84ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675288.677889,VS0,VE67
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19162-FRA

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KNLXH193-7-APF0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 9567
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=tFEYBBoStCvd&ev=1&orig=trc&pid=562107

0
218 B

28ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=tFEYBBoStCvd&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Sat, 17 Apr 2021 16:01:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 23779

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=tFEYBBoStCvd&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-mtfsm
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 9567 43 B
690 B 70ms
69ms Image
image/gif 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 16:01:27 GMT
X-Proxy-Origin: 37.120.213.84; 37.120.213.84; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.82:80
AN-X-Request-Uuid: c36e11e9-bfda-4308-b5d5-8970c370b3e3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9567
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1

0
61 B

85ms
85ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675288.702491,VS0,VE67
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19162-FRA

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDrmyG0cM_8Y7_HP6B0r3Gk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 9567 42 B
805 B 33ms
33ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 16:01:27 GMT
X-lat: lhrpug020:0:425
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9567
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7

170 B
188 B

32ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c3b4479e-69ef-4415-9d03-3ff599cfd0ac-tuct7748bd7
tbl-x-upstream: 10.40.0.195:10213
date: Sat, 17 Apr 2021 16:01:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 19633

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9567
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908

0
55 B

88ms
88ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
date: Sat, 17 Apr 2021 16:01:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618675288.727933,VS0,VE67
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19162-FRA

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=42ad125c-afc1-48dd-aff7-28504e9c1908
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 9567 43 B
687 B 27ms
25ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&us_privacy=&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 16:01:27 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 9567 49 B
664 B 103ms
102ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-slvsr
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 9567 43 B
456 B 29ms
28ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
cache-control: no-cache,no-store
x-smrt-reason: 5
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 9567 0
45 B 23ms
23ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 16:01:27 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9567
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6

0
227 B

29ms
29ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Sat, 17 Apr 2021 16:01:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 23779

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5f8bab32-5fe0-4d05-b968-9385d3f32ec6
cache-control: no-cache
date: Sat, 17 Apr 2021 16:01:27 GMT
server-processing-duration-in-ticks: 3221
content-type: text/html; charset=utf-8
content-length: 222
expires: Sat, 17 Apr 2021 00:00:00 GMT

GET
H2

200

/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 9567
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=ecc27bdb-8132-42d5-8e5a-2e85280fcd84-tuct7748bd5&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://id5-sync.com/cq/464/124/6/2.gif?puid=3c2f2eca-e7af-4f26-8412-c03713699c8a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=61cf15b552959f0280ad9c24f4e2c98d&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=712772a6-7462-4b06-954e-7534c3b9cb07&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/3/5.gif?puid=2b72d9b1-9f96-11eb-8dd8-7aedb93adb57&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/2/6.gif?puid=efb24fe4-e932-41af-90d9-3744d1eda503&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F1%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
https://id5-sync.com/c/464/160/1/7.gif?puid=21782201916013794300455576650440932171&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
https://id5-sync.com/c/464/340/0/8.gif?puid=21782201916013794300455576650440932171&gdpr=1&gdpr_consent=
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg

0
228 B

30ms
29ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.201:10213
date: Sat, 17 Apr 2021 16:01:29 GMT
server: nginx
x-fastly-to-nlb-rtt: 22814

Redirect headers

Location: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg
Date: Sat, 17 Apr 2021 16:01:34 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 9567
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=AQfvB3xmCYSMPDx3WAZ7YA

0
219 B

28ms
27ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=AQfvB3xmCYSMPDx3WAZ7YA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Sat, 17 Apr 2021 16:01:28 GMT
server: nginx
x-fastly-to-nlb-rtt: 23813

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=AQfvB3xmCYSMPDx3WAZ7YA
date: Sat, 17 Apr 2021 16:01:28 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 9567 35 B
380 B 976ms
116ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Sat, 17 Apr 2021 16:00:30 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9567
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=119&user_id=875739026013861187&expires=30&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9

0
227 B

29ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Sat, 17 Apr 2021 16:01:28 GMT
server: nginx
x-fastly-to-nlb-rtt: 23367

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f87c844-66ba-4e28-94f1-6b2a559b8cd9
date: Sat, 17 Apr 2021 16:01:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOFFcSgGCXgAtZL2NXEFGiLqEHTdnt7m1UuOp9Qg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

540 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.t-online.de/	1970-01-19 18:21:07	Name: _sp_v1_lt Value: 1:
www.t-online.de/	1970-01-19 18:21:07	Name: _sp_v1_csv Value: null
www.t-online.de/	1970-01-19 18:21:07	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
www.t-online.de/	1970-01-19 18:21:07	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKxsrIAzEMamN1YpRSQcy80pwcILsErKC6lgwJpVgAEA5-UnQAAAA%3D
www.t-online.de/	1970-01-19 18:21:07	Name: _sp_v1_data Value: 2:326817:1618675284:0:1:0:1:0:0:_:-1
.t-online.de/	1970-01-20 02:23:31	Name: consentUUID Value: 98307a48-509e-4de3-a37a-04501f2663b5
.t-online.de/	1970-01-20 01:20:09	Name: ioam2018 Value: e417fcb2f38ff1966edd38303037d4aa5398f7:1646409684063:1618675284063:.t-online.de:2:toi:/nachrichten/regionales2/koeln:noevent:1618675284063:g83n1v
www.t-online.de/	1970-01-19 18:21:07	Name: _sp_v1_uid Value: 1:986:e37d7984-b68d-4446-bc75-7589ec4ea85e
www.t-online.de/	1970-01-19 18:21:07	Name: _sp_v1_opt Value: 1:
.t-online.de/	1970-01-19 18:21:07	Name: testVariationconsent Value: 2021-01-14-cmp-test-e5-2

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.t-online.de/region/koeln(Line 158) Message: %c Consent testvariation 2021-01-14-cmp-test-e5-2 background: #000; color: #fff;
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1667) Message: _config.services[service] [object Object]
console-api	log	URL: https://www.t-online.de/region/id_85838350/tid_js/regiocore-js.js(Line 1271) Message: _ads [object Object]
console-api	log	URL: https://www.t-online.de/region/koeln(Line 791) Message: %c Consent Eventlistener: 4 background: #ff3333; tcloaded undefined
console-api	log	URL: https://www.t-online.de/region/koeln(Line 874) Message: %cConsent-Nativendo: https://d.nativendo.de/cds/delivery/init?url=https%3A%2F%2Fwww.t-online.de%2Fregion%2Fkoeln&gdpr=1&gdpr_consent=undefined background: #181; color: #fff
console-api	log	URL: https://www.t-online.de/region/koeln(Line 276) Message: Consent onSPPMObjectReady
console-api	log	URL: https://www.t-online.de/region/koeln(Line 272) Message: Consent onMessageReceiveData [object Object]
console-api	log	URL: https://www.t-online.de/region/koeln(Line 273) Message: Consent {"prtnUUID":"ed68f1e4-42d2-4029-a466-a23fbf38bf28","messageId":476541,"msgDescription":"2020-12-21-cmp-test-e5-2","bucket":986,"uuid":"e37d7984-b68d-4446-bc75-7589ec4ea85e","categoryId":1,"subCategoryId":5}
console-api	log	URL: https://consent.t-online.de/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.
console-api	log	URL: https://www.t-online.de/region/koeln(Line 181) Message: Consent onMessageReady layerShown: false
console-api	log	URL: https://consent.t-online.de/wrapperMessagingWithoutDetection.js(Line 1) Message: Callback execution error: ReferenceError: dataLayer is not defined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avct.cloud
ads.avocet.io
ads.creative-serving.com
bh.contextweb.com
bilder.t-online.de
bttrack.com
c.nativendo.de
c2.taboola.com
cdn.interactivemedia.net
cdn.privacy-mgmt.com
cdn.taboola.com
ce.lijit.com
cm.g.doubleclick.net
consent.t-online.de
d.nativendo.de
de.ioam.de
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eu4.heatmap.it
fonts.gstatic.com
geolocation.stroeerdp.de
ib.adnxs.com
ice.360yield.com
id5-sync.com
img.toi.de
login.t-online.de
match.adsrvr.org
match.taboola.com
n.nativendo.de
p.rfihub.com
pixel.rubiconproject.com
pixel.tapad.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
simage2.pubmatic.com
stats.t-online.de
suche.t-online.de
sync-t1.taboola.com
sync.crwdcntrl.net
sync.taboola.com
t-online.koeln
t.nativendo.de
tagm.tchibo.de
trc-events.taboola.com
trc.taboola.com
u.heatmap.it
u.ipw.metadsp.co.uk
u.openx.net
widget.perfectmarket.com
www.t-online.de
x.bidswitch.net
dpm.demdex.net
107.178.241.34
141.226.228.48
143.204.245.54
143.204.245.60
149.202.80.197
151.101.13.181
151.101.13.44
172.104.121.22
172.217.23.98
178.250.2.151
18.185.197.81
18.195.155.181
18.195.54.133
18.197.249.149
185.33.220.243
185.64.190.80
185.86.137.131
192.132.33.46
193.0.160.129
198.148.27.140
199.232.137.44
216.52.2.30
2606:4700:20::681a:4fb
2a00:1450:4001:811::2003
2a02:26f0:7100::687e:2409
2a02:cbf7:1:0:62:138:239:118
2a02:cbf7:1:0:62:138:239:55
2a02:cbf7::62:138:238:39
3.123.96.39
34.102.174.65
34.240.2.137
34.247.242.33
35.210.239.72
35.227.248.159
35.244.159.8
46.105.202.39
52.48.137.92
52.59.165.42
54.171.219.200
54.36.109.186
62.138.238.103
62.138.238.150
62.138.239.100
62.138.239.104
69.173.144.138
85.14.248.91
91.215.103.65
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
190f36f9cf773bf30531c4a0611cda9091e33c08bfddde816102a01914909fb5
1f56c4ecc4424976cdbcde5b06f1685577f4396292599ccefe68df18f4e6f926
21e4e6ec78774ead648ca34ede985692a5476dd4d999ddd960553b1773a2d0ba
22a6d424fddf97e1c2f47146ba4d38a9b09636edabd332ca8c02f3db8c99d1b4
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
265b28ff306409db26aff6f8fefc3eb1418f279b272d339595b67742d03c5b48
29e89fe8e1faa4026c679d95d9836c44e7a2017096c8689e6257ebcd5ea04a7f
2f6ec819770294adc3b2c5fa79f6f407a880567e00ce16dfcfb861b334ccaf56
3738fbe553ad60b652afefe3330ec460992a8dcd1e76677af471286bff8bf860
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d1b7da59079ffdf625a579f4125a9f946544a0dc4afbfc8c9c2c4650ea3c63
3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08
435d237e9e171b30be3a47bedc94afc7b9f832a4e39f17b4581d3c0a0889b960
44617abe85252a16c3a91e05065606c1d94faacd49b43355994d017f82c512e7
4afc3cef79d58c59cb855a08bf1464b5f698cdeb542ccca3bcf0b70ca4048cfb
4b0ce42cbabbb30af1e38ae3818034301ca81eb43021005f7621fb1f426591d2
4b21bed9ca1e769e2ed934d0986c1f94b1280099873732657bff7f7198a0553e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8ee1dd0910daca7facebb0b2a5e020cef2a3a013b041b16ce5039e21dc1c13
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
56e8663f6ed9ffb10dd03a2d2c4e98543959907940f06fee7055610947d1ea7d
5c19498325011cb7209e91f0621887302620d1bf70d96c8e11544c68d1f08c7a
5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b
5ce2ba9cbc1d014cc5ed62345a4850ee247ef99691b7d1e7bf12e5944c82a314
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d9642d3cba24eed4a8899800f91933bb42305867329cb4549193874b717c90a
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
62a47b076bf7e688b2e0de373a4a2f4568341676914bcfb90258a250ea3b6767
67974fdcbf9c17e8df6462f7c9ab066d6f9407f716ec3e8f83fe56893200519a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba36ecde73a84d99131f7a452b11f810b3c058fb5dc5be6faa5b5913f25454f
6cce75c2fb4a7f2c4e14753e0393ff4b424975ea9d7b5d49ed0338ff9b262d1c
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
7388cfc6901adaa87f3ff7ffd285cb216f4d533280db19075fdedf0a987aba22
75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df
75fb7ddecb5f4335bcfc4d7059b69634fad7933dc0a4da9ffc5cd19af5f0b77f
766182b961ef296f926a67785dfa2db501639c787652ca8985a027ff0d75830c
76a6b703f62a354439957004d66bc56aeea23b4b66ff67a2fec5977e27e5f23e
782039def1384a29c39a12bf80f27139b06bfd51cf46b92ccd5aae03b98d3ba5
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643
7a9b6ba838f689634ad4b502219f11cda5f48105fa2f12f79ce05facccffd15b
7ab4137562378e401faa076acf85a05b6b53c4a795f5bb1329d94250340faba4
7f0e106dc763bacfc94e034b6920b798fde759ecf5770a1b6f7341f396219d94
805a57aba5a9a8eab0860e67e2a4cbfb7006d1007c1934ca3b6ec6c7ce8b94ab
80cfaeafda9d2efd91765301661a27476b0a7b03237bdfa0c1b69230043cd8cc
8318b36ea964a68959576876dd85fa417cb7784a31ae78acaa3c58720d62dc34
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa3b5d9d216b02e39d2d39cc33a21a85e112a0fa9ddd5cd094b9b4d3dd4dcf1
8ce9d3ab6794802bb432b43975132f4a0b34b4cf8015f76fe1e63c378a55e053
99327be7785544a9c9223b762bc5106e7cfb886fea15bd4e6a2a4d0d2152d2c4
9b29256842f1c582cf89c93a91e439079b4813d484181540602aaf146d19b605
a252133d8b4ab0e7db12e5cfc53ca94f20451de8c45a4b1de5151cfaadbd1b93
a2ff36d09d8876d761bfbd44973a9b872aeb0db3fd7d7dca49edbb954f1b56d4
a4668422ba84c271bb7e3af7f7db8e92868e878d0e51e92637e8d1a014e9ca4b
a812d0b1cd90fda15fa8dc06492e775055d9dbaaf0cc5e8e39f9fc4e53e39d69
ac20ceba876caa6afd07438a7736e83edcb67ca94af22eeb33aaf58353d2a866
ad464ae772cac6b2bb54646c803681cb85c240269eeab88bc87821f71f3b3fae
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92
b95a832f5cf25d58db39c37b3b6045d769e4b76bad18a71bd660b2aa8bce4a3b
bfabbfcfe95d6f210712178b09a2a3115501f2f4f2fb55f9d371c703b6b8eb9e
c60effd373d81355362c0687756ba19e849ed437ebdff6ee60876f42fa5a8fbb
c6beb8dc86b78d41fbc8556cb4734e17f22b7d59b2e3f7fcba35a54736023fb7
c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245
ccfc2ef3e8df3c9aa893c6ede7d98f79a18c7ea2be9e2bcd70f9332c3b9ec82a
cf21c901072e4c6f68eda08091ad46e6d4e183f57ebabcf5e75732c4303357a6
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d186d1478e9d8cca31763cf806823292f1fa6ee92399d60e8c746708e5ed1df8
d1ed0b616b43501dbe725623340e064d6880d5a2b85045a2eea86f6fc609f903
d3165fd696ed5ce438f3f23e257f6fb623cabb022a51fa79fbec8260866b82d7
d5b86aa096c5935b51054a162df06d80b268f344704ede09ef7448bacb922269
d7c3bc851347ec06409a900f99ea9dc1e8012b0655da83e2930078ff5d6be820
d9084c8d15d1443f22f31d7724ae80d662d69d384d206213458cc784ebd3bf9a
d937d1ea2f9a045d0cb591827fb7b6dd2b338756111369e368d40a5996ec07ef
da585867001768a615da7909ee1c6202366e724426fb74dc36fc3abc77d6d02f
daabf20d1cb5bebc3e10b9d5e0285f136a49607ca9547f80c7dbd270747ba79d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9400ab060f5ceb9bcb8ce72732502205a8eea6bb45d29ad5d451632efd8a009
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07c05c627751529d956e30f15ac85d832648762a4ee7cad22d23745fdba68a1
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa
f4159afb293a0ab0ed043b405ee67c78a7ea9650bd0b95bc2072a097609da3a8
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
f76e6bb25721d40b504e770322537c7608e514a953a42ef0f73e161ad5f42667
fbdbd8fcfaec73d6a43abcdec87bb3a3a70e3deccdcd582393995fb695b90562
ff2158fa4acb1d955cdb06ed085c0c80e3e1e524b2e839e7645d99a8cc8ce84f

www.t-online.de Open in urlscan Pro 62.138.239.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

99 %HTTPS

13 %IPv6

38 Domains

53 Subdomains

32 IPs

8 Countries

1085 kBTransfer

3929 kBSize

10 Cookies

35 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.t-online.de Open in urlscan Pro
62.138.239.100 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

99 %
HTTPS

13 %
IPv6

38
Domains

53
Subdomains

32
IPs

8
Countries

1085 kB
Transfer

3929 kB
Size

10
Cookies

132 HTTP transactions
10 data transactions