pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On May 13 via api (May 13th 2023, 9:49:47 pm UTC) from TR — Scanned from DE

Summary HTTP 403 Redirects Behaviour Indicators

Summary

This website contacted 80 IPs in 11 countries across 70 domains to perform 403 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
2	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
8	104.111.216.120 104.111.216.120	16625 (AKAMAI-AS) (AKAMAI-AS)
21	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 3	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.64.140.4 18.64.140.4	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 4	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
3	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
1	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.157.146.5 35.157.146.5	16509 (AMAZON-02) (AMAZON-02)
5	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	185.7.176.218 185.7.176.218	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2 40	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:218d:e200:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1	192.229.233.53 192.229.233.53	15133 (EDGECAST) (EDGECAST)
1	3.67.108.165 3.67.108.165	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
7 37	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
6 7	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:212... 2600:9000:2127:3e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	52.31.191.243 52.31.191.243	16509 (AMAZON-02) (AMAZON-02)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
6 6	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 2	3.75.1.114 3.75.1.114	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	18.196.211.71 18.196.211.71	16509 (AMAZON-02) (AMAZON-02)
2 2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	2a05:d018:d29... 2a05:d018:d29:3602:feb5:e693:bc09:7eaf	16509 (AMAZON-02) (AMAZON-02)
4 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.210.125.176 23.210.125.176	16625 (AKAMAI-AS) (AKAMAI-AS)
6	18.133.36.104 18.133.36.104	() ()
2	65.9.95.127 65.9.95.127	() ()
1	65.9.95.123 65.9.95.123	() ()
1 2	2620:100:a001::c 2620:100:a001::c	() ()
6	18.135.126.181 18.135.126.181	() ()
1	178.250.7.13 178.250.7.13	() ()
2	23.56.202.187 23.56.202.187	() ()
1	23.32.184.180 23.32.184.180	() ()
2	23.32.184.192 23.32.184.192	() ()
4	185.64.191.210 185.64.191.210	() ()
1 1	193.0.160.130 193.0.160.130	() ()
4	185.64.189.110 185.64.189.110	() ()
1 1	178.250.1.9 178.250.1.9	() ()
2 2	213.155.156.169 213.155.156.169	() ()
1	34.250.212.34 34.250.212.34	() ()
2 2	34.111.129.221 34.111.129.221	() ()
1	34.111.131.239 34.111.131.239	() ()
1	34.91.62.186 34.91.62.186	() ()
2 2	37.157.2.229 37.157.2.229	() ()
4 4	69.173.144.165 69.173.144.165	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 3	69.173.144.139 69.173.144.139	() ()
1 2	52.215.85.23 52.215.85.23	() ()
403	80

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.216.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-120.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.7.176.223 (Turkey) 1 redirects

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rek.izlesene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.140.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-140-4.mct50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.146.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-146-5.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.7.176.218 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

rek-n18.nktcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:e200:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Philippines)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.53 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.108.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-108-165.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.186.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.115 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:3e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.127.253.7 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.31.191.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com

s.h.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.44 (Castricum, Netherlands) 6 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.1.114 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-1-114.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.211.71 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-211-71.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:feb5:e693:bc09:7eaf (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.133.36.104 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.127 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.123 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.135.126.181 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.180 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.191.210 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.212.34 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (None, ) 2 redirects

ASN- ()

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (None, )

ASN- ()

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.85.23 (None, ) 1 redirects

ASN- ()

unilever.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	844 KB
66	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	384 KB
42	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 399852 cdn.ye-mek.net	625 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 31186 ad4m.at — Cisco Umbrella Rank: 11978 assets.ad4m.at — Cisco Umbrella Rank: 41727	2 MB
21	virgul.com static.virgul.com — Cisco Umbrella Rank: 63243 ng.virgul.com — Cisco Umbrella Rank: 65891 ng2.virgul.com — Cisco Umbrella Rank: 73693	271 KB
18	pubmatic.com 6 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506 image6.pubmatic.com — Cisco Umbrella Rank: 746 ads.pubmatic.com simage2.pubmatic.com image2.pubmatic.com	29 KB
15	rubiconproject.com 5 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 948 fastlane.rubiconproject.com — Cisco Umbrella Rank: 491 eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	42 KB
14	w55c.net ads.w55c.net — Cisco Umbrella Rank: 12668 cti.w55c.net — Cisco Umbrella Rank: 3749 i.w55c.net — Cisco Umbrella Rank: 2245 s.h.w55c.net — Cisco Umbrella Rank: 9407	107 KB
10	gstatic.com www.gstatic.com	80 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	524 KB
10	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	3 KB
9	addthis.com 2 redirects s7.addthis.com — Cisco Umbrella Rank: 1865 e.dlx.addthis.com — Cisco Umbrella Rank: 1932 m.addthis.com	222 KB
8	webgains.io analytics.webgains.io api.webgains.io	63 KB
6	webgains.com track.webgains.com	29 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 301 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448	3 KB
5	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 733 gum.criteo.com mug.criteo.com dis.criteo.com	8 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com	43 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	1 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	4 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 547	3 KB
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 798	1 KB
4	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4323 c1.adform.net	4 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7680	983 B
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax.amazon-adsystem.com — Cisco Umbrella Rank: 406 aax-eu.amazon-adsystem.com Failed s.amazon-adsystem.com Failed	60 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 imasdk.googleapis.com — Cisco Umbrella Rank: 468 fonts.googleapis.com — Cisco Umbrella Rank: 50	155 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr idsync.frontend.weborama.fr	898 B
3	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 199770 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 153404	4 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1307	587 B
3	nktcdn.com rek-n18.nktcdn.com	3 MB
3	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 59847	424 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1651 mp.4dex.io — Cisco Umbrella Rank: 2234	25 KB
2	demdex.net 1 redirects unilever.demdex.net	2 KB
2	de17a.com 2 redirects d5p.de17a.com	562 B
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 17733	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 505	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3063	207 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 949 r.turn.com — Cisco Umbrella Rank: 3697	869 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 324	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 682	901 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 664	59 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 444	2 KB
2	inmobi.com 2 redirects sync.inmobi.com — Cisco Umbrella Rank: 1523	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1581	1 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 124947	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1834 feed.pghub.io — Cisco Umbrella Rank: 8229	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13164	6 KB
2	cloakan.co www.cloakan.co	706 B
1	linkedin.com px.ads.linkedin.com	651 B
1	simpli.fi um.simpli.fi	612 B
1	crwdcntrl.net sync.crwdcntrl.net	266 B
1	rfihub.com 1 redirects p.rfihub.com	793 B
1	addthisedge.com v1.addthisedge.com	1 KB
1	webgains.team cdn.track.production.webgains.team	15 KB
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7558	624 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 710	732 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 776	75 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 761	443 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 214384	918 B
1	izlesene.com 1 redirects rek.izlesene.com — Cisco Umbrella Rank: 441800	170 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1435	386 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 639	397 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 499	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	46 KB
0	brealtime.com Failed biddr.brealtime.com Failed
0	emxdgt.com Failed hb.emxdgt.com Failed
403	70

	Domain	Requested by
40	tpc.googlesyndication.com	2 redirects d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com ye-mek.net securepubads.g.doubleclick.net
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
37	cm.g.doubleclick.net	7 redirects d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com ye-mek.net googleads.g.doubleclick.net ads.pubmatic.com
33	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com pcloak.blob.core.windows.net googleads.g.doubleclick.net www.googletagservices.com www.gstatic.com tpc.googlesyndication.com ye-mek.net securepubads.g.doubleclick.net
20	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net pcloak.blob.core.windows.net d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com www.googletagservices.com
12	assets.ad4m.at	as.ad4m.at
11	s.h.w55c.net	cti.w55c.net s.h.w55c.net
10	www.gstatic.com	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
10	www.googletagservices.com	securepubads.g.doubleclick.net d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com pcloak.blob.core.windows.net googleads.g.doubleclick.net
9	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com as.ad4m.at googleads.g.doubleclick.net ad4m.at
8	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	ng.virgul.com	static.virgul.com ye-mek.net ng2.virgul.com pcloak.blob.core.windows.net
7	image6.pubmatic.com	6 redirects ads.pubmatic.com
6	api.webgains.io	analytics.webgains.io
6	track.webgains.com	as.ad4m.at
6	www.google.com	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	s7.addthis.com	ye-mek.net s7.addthis.com
5	fastlane.rubiconproject.com	static.virgul.com
4	token.rubiconproject.com	4 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	match.adsrvr.org	googleads.g.doubleclick.net static.virgul.com ads.pubmatic.com
4	ssum-sec.casalemedia.com	4 redirects
4	sync.1rx.io	4 redirects
4	onetag-sys.com	3 redirects ye-mek.net
4	ng2.virgul.com	static.virgul.com ye-mek.net
4	ib.adnxs.com	1 redirects static.virgul.com acdn.adnxs.com
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	pixel.rubiconproject.com	1 redirects
3	pr-bh.ybp.yahoo.com	3 redirects
3	rtb.openx.net	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
3	rek-n18.nktcdn.com	ye-mek.net
3	cpm.programattik.com	static.virgul.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	unilever.demdex.net	1 redirects
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.pubmatic.com	static.virgul.com ads.pubmatic.com
2	eus.rubiconproject.com	static.virgul.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	analytics.webgains.io	track.webgains.com
2	www.awin1.com	as.ad4m.at
2	sync.mathtag.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	prod-rtb.ad4mat.net	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	static.criteo.net	static.virgul.com static.criteo.net
2	id5-sync.com	ye-mek.net
2	sync.inmobi.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	fonts.googleapis.com	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
2	adx.adform.net	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	ye-mek.net	www.cloakan.co ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	px.ads.linkedin.com
1	um.simpli.fi	ads.pubmatic.com
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	p.rfihub.com	1 redirects
1	acdn.adnxs.com	static.virgul.com
1	mug.criteo.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	ius.ctnsnet.com	1 redirects
1	s.tribalfusion.com	ye-mek.net
1	a.tribalfusion.com	1 redirects
1	d.agkn.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	ssbsync.smartadserver.com	d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
1	static-de.ad4mat.net	as.ad4m.at
1	s.ad.smaato.net	1 redirects
1	i.w55c.net	googleads.g.doubleclick.net
1	cti.w55c.net	googleads.g.doubleclick.net
1	t.hspvst.com	googleads.g.doubleclick.net
1	ads.w55c.net	googleads.g.doubleclick.net
1	rek.izlesene.com	1 redirects
1	imasdk.googleapis.com	c1.imgiz.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	a.teads.tv	static.virgul.com
1	ap.lijit.com	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	z.moatads.com	s7.addthis.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	s.amazon-adsystem.com Failed
0	aax-eu.amazon-adsystem.com Failed
0	biddr.brealtime.com Failed	static.virgul.com
0	hb.emxdgt.com Failed	static.virgul.com
403	111

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-20` - `2023-05-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.nktcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-16` - `2023-11-06`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-03-01` - `2023-07-27`	5 months	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
ads.w55c.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
h.w55c.net R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 54 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: 8949A0040C57E43F08AA247CB55E5AE9
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: CADCED37B277A1D4395F8B7AF11FFED3
Requests: 131 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 547CCEEC2BEA1EEFCB9EEAE3E9FA9984
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: B46A655278134CAE62022AF6089DD0EF
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 62E2D84805115AF930BB9BB2940C7DAC
Requests: 1 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 93EF1E9CBF460CEBBC7BFEE23F503937
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583144&bpp=4&bdt=727&idt=295&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&nras=1&correlator=5224461814654&frm=24&ife=1&pv=2&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44773810%2C44759837%2C42532089%2C42532185%2C44759876%2C31074512%2C42531706%2C44785294%2C44788442%2C44790154&oid=2&pvsid=367862464275285&tmod=942239543&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.lg07cev6kelf&fsb=1&dtd=308
Frame ID: 1ECAAAAB6A9DA788F2AEB0FB7763F85C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuBFgOx5SLc4gnaCUa_-Z6rKXZwC-n4NGM6LoYgDgw531pzD5mXmqEd80cDApJ9HirXSjVYicR7c-amNOfSH9_aNStXSyh0KbQ4MKfUBcMgOgohNgC_0A-MHmJoXsXvWdQtAfPtbFzN5rdMY3Z5eice6wnWXYLwyRNaSz1WSXXT_398yU&cry=1&dbm_d=AKAmf-Bd3xgzpHdusHdV9iApR6xOhC_bVuo6V7o8POG1EjPu7THdhHVqFf5wQ_Z1zA7AYLbVn_2PQhbeZZoMFKDojnUov_kVUeGmWdaiE207RMY8QZl_WgbAz1U6Zf03IX3ZLDJWAqhlgry7ZT-ZAdaB6oZ4syrpg9sca59RdqVtKavGc5gGyrKpOflQOQb8wYnnirU1090Skrk_fSBYwPawtqVyiv6-62gIxm2djBC8D1eMwbxrpiBogqKp_HwnIv9z_-KxsLc48dMgseU-y-sslvZ9JQXe8aOCZw8hE5DA7fwUla4tKQHQWxRA0ILUHKV-DKztWBflz1jhTRwTH9bYxsUfSFq6ux6fPpMw1pJI8pHk8g0jcxCv1JG83VkShfNHEKFDWzkkCoQ6C7Q8puDyCC6pOWFG0AjBT3XlW1XdjCsDhXy2derdCIeYcH7tne8F3mK6qNRKndjqqwrrCyIi4KVq-fD7vQ0GjYh7iSg3XwhtEVqEvBoswIFUk-ue2ATyi52jJ2JzNIs9sHXUIQGAbjbM6FES7p46sOyLSHocWncmCeVlk3V1ghg52-auCMMokE68AZ9-rpTH0yBfgyPmPSWPPDYCtB_taEb0rQrEaOF8bECub87HIE0mq2n1UaHasdLTAVCHryQYVjSFrh5viUPHbhu_jQUZ217K1U1SPghTeNvIAoxlley016v07vpE9CdBpNaU68y4Ek2JZ6LA1OqvJoEvaD-tvF5k3J4X2Qh7pE5shuR-W2FaFTI10EOGfiiGts5uevRYy_YbsJJn2SQRdRF3tg0ASZv-p5VD99OG-lye7kBvMstOIiKOhd5cQLylVNh927iz8JpeXeWUXhpSwW0Fb3WhGcAbaCg566muPGK8J342Ur_JvXe_QKK5hC2MJXQIncUTA2ZlYUj7OnX6bGDDvnI4nRBRPkfA9MoZenJTRPl-Ha-jsZZMC4u5a5011w5NvrVw0twbYFmmYhdO9-CaXjy_nTX7jR2_khas_1RWTrNmkMMsa7vmPM1LAhDWleq8haoMFHWWMQyOBZI9xEuv4KI4QAibnOOlZH1OsDMqe-1KD0vtgGhOt4nTKWc56gHEEQq-w15sb2CkMOvtWcEijg-4KzPzgx9lC3lsLmn8xgF6GqaMPf3GINiJhxe-vtuU9aOnuAHKGVNaE1MTt0sh07z3A_fi2efKVn8tO_AZ4_rfqz-JUb9PblrNsi-0yLepppadgv964toVbEnVcHLP7Q_va_buqiAvJ2hDqsWITB2_A0xA5Ftoej0vKwEB8nK8mC7m8dD-nJ3Mtxps1rKOTPNc86A4lIfZxG-mgTHIzfhr_ABYlMqfjez5Ozsii5IEZBR1ZOpLj0g50lP3xDFCnhQbN07BU-aJ19OTILnyj6MX2iJ7btr8FwjC8jMdee6KJXR9YSBvUHvQUmoKUEXo70UpjXflYo0PcWbzpQrCb6NCy8WhCwQ3LEHSFdV-TcCMWMzdohCruLNQFdhFQQWgklSXlvOWI4VlYNQ7_dVfJdbvrUqtSI7GLBgkEvC6iPPQ9pnfb9X5vWRMblBXlI3t4DMvKsaWaGXDZ5dlspPxExLZdGnpXWXr3_zdnUiLEZ7gtmlcY4-FQ7wy0Fi64X-WvkrKOEkoTeyWUmxojlfsRT_Ep_QlI9_m8C3E8O1ZuKaO7mHqENg2YaV29wftvvbJpp66OcDW2_nN-xbvSHNXchhEhYeHJ22xJFqjECPnFxFuYWrlsJWQu0IeNHwomit3qPXCFwFyOMWN4qoDByRBzgceKHi1Qz77liQgkWc3nQIJYS78y5Cfxe2OpydMb4hE_bNPz0KYhLDegTD_BCoFjPn-MerS8TAdVeJ_9zxC3BYTeBiLl4NlvZ7nMZaC3o9FU7UkZQWR1hKmheIoFPsJnPbpDgbdJi8wQtHgp1_5PsTWuCKQw8gOeAFLvuqwQP6JRLxsbGaTG4KS-f1yGEXTuPgBGa7MHVCVrRqzSjFcQbPxgQ3YWzz8Xc-LLAdWGoGZmhiONsJunYPiNQMEhjeSHWl_7bw5MxLSu8G_GrVID6aK4vIg9A8zI3AuE2WOw5oCaDB5TfBWJXcMaiOqMkz6P80wPYXbc-fjY4meFIBF86NC4-fig0jnrYp3VmebbN_HsZDZR7siFo1L5f4i6BCYSCCBQ8K9K-cm04SZpGt5hR42ugU1k0XZxAqYcqkHWaRLmKQumkn1ObZOz45hsgIszoRjGRhWC4ChZq_V-S_U6yOOFpUUhXgWTjGYBB4bGgLHdLq6NvSc-JVY0tREfX1YRwvp3cMp09CG_X_f7Ywblm5lhoV_h41RnlyJakKtof3Gsnd2KP0x-LQGlogB5qFcJ_JrQTCsyCGCL3cBL4PfUl67DjXRM16i1Rbw7QZi0Cklc2wzT8pJJO_VZuk2iwfozN2iZ_xnN2nEFUogb5hvCBy4eSqJrOQSGX7G9yTJGdKMtL3wUarrHDjM798Kq3Yc04QBp9RhZnIk441vqiImQLjuThP5XbrhovQ4HZDBJ4hHKldCT1papNZ1DLua9WqNUvuQFT2kZQ-lXuBHyjV4Y0qtfr3Vj7d_YG7z9nysigJzUgDy6Sa9enGfFxaNQ_VCoH2K-9LbnfjPI0SQPCprnQ6iu8DNOaHrh75kQJRnlMGtNDKM4p_3pdFr7vpmTwKKpF553Vc-EZoS9wpvJpOaa7Ex2686PfpdKE8L_tzEcORqxdGGfBDPVZ5eUQo-_c4hibObCM6HPnifmL184cfQYfvbJC8eGrB_HCFlKjmWGNrx4Q22IDoGSwo3Lp1YBb2eXTqrRqaV9GGL8WyFftzaMkD0K5wCgTof0osZnHCdhGp91GDQrSDDt7t0NMER-vNQbVi48UDM7P6N0d9X62OOo0WY2d_iKiHIGEsf7GeE5j8CjT2dQCxvkRBYaA4po2_s1iSe8ZPoxT-PDVXBlYtQ1FD7orvPhOOMYoJ5Z-TvXJ4Vj4OTvoc3Vow9Fv69YnY2TzHfKhO0qrF5gT0vtP6QMmL0Sl9lV5KmW7th2Rhp0fdjnE_G4Dym2C1ebBkGG0GNLAK3TapsxddDhI4S3xLgefGMMlhHDNDBSCcl27gfuoyoqldiYOFAWQcdA7ZX3NnJwZUYJYHoaW9GvQuDWfBuAgQvykK77fGBjIloXOEBSEgWf_32YgHFIoGvCft-4AjFSkJRxsBqFvFeqmQMbBg3E2lu2kpxtYyIXFbc6v1DIruf6pKzVFyrZSxaRjtOOu-X8CRqLkoiY4-euR4NKyB51VvvO529pivl9NCbF9bMtPOmLl2EFui3uw6WXtm7pba9cQyUNSyu_xn6XwLJqH13cC2nGz9prxI3kMxFthk7TJ6_CmWSpzWqe1GkDJjIruUGngVoaj1xMOWHdq95SYZO4Ns_MVfMEdltiuRCNmvJiC6USffnyBL5-eexaeOeFHnr_fXewwM9ChZ8xuXJdkL2tdvLzkz9dKUfZvaTUhojNLtsz-h1ch6ktTZVlSXIhcMD2uOT82sEaD3U3N_peJd9TNFGPNLS9OaBVSZAncl5E-piJS8x5l0iUx3jWTejclqFH6TEkawwDcGK4cMxSunGmKeJ9XvmElWGgCf1LTMdjSSssCvhKTy36-3w53dXwXXghVMNGd4BaVLZAaDW5-YXYzp0Ci5NlDvVeYwVkjxrOtL8w1i4UDLrjv0JUzHf-85b9uGK8hROuFvT70ufF8zqCkutSDRAsyrrfpNpcPxjwfCnn3KAmTdnQOTNExZpkJF8WioliQUSykjdsEP7sgyDRPLFOZWIOclU5abEysXHrnd6k4t2RjuhUX1VhUaimHrCwGvkyq4N08wa0nsYLl4YJsz7Ni6xmrxISySeOQmAPSK5fezkdL8Rbl3Uja5MeIBLvMOqdMXO9eAHJaeksRz7JJkspGwJ03NxWJCG_uey0AYQGFIljXBFG1kzOSQSmMec0D-GJrkvCe_XMR2bSlanKRAZojRqqmRzDwtb9-V5Hr6ickGqnxdxWq72vxVGZwUoHlYPs_e7oDQ41wWZCzd8kmy6VqAbmKhF1Y-yjkawp0_hSRLajP3BfieYdP_hgtMTZYcSEPK3F_enpP2QHmKkR56v487DaYhvRNW4NIAaFgIWZp9K_o7vuxKkDw9wGoewGRLa7CQczyMX1n5_XOoneNxPE0KxNZNWXt93tDnb9T5EeGarUAUUVp_0_xF20NcXh-Ww1M2vtsoZ1VTwGvM3iMgMgiX4YkkVUMiwX7oHKBFfyUbtP2TFuGvO5HFpFP6Mv98&cid=CAQSLQBygQiDyfu692e6P71IPXdnAbtzxETbf99PqA4mK6vuHwZsZzVraUO4-_YkxBgB
Frame ID: 816C627821B715232A21DFFC6A70C7EB
Requests: 5 HTTP requests in this frame

Frame: https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1684014582891&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83&vmn=60b91f99e4b0b65b3ce7bc5b___153493579667981
Frame ID: 71DAAF87E8DB4A6C1EB9E5475FEC18D6
Requests: 2 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4DBEC40B104BC5A0EC899E8D95A6FDA7
Requests: 13 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9F4210341BCFBDFD283234EE54A2129C
Requests: 10 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7EF8D6412652CC1237D6391BBD423ED9
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 0F8B2103DC23A843D613C0262F41D6D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583885&bpp=8&bdt=152&idt=305&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=6073340010786&frm=8&ife=1&pv=2&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.jmp1qwj7kzyu&fsb=1&dtd=320
Frame ID: 491136949D3FEEF0AE25FCEE92297C35
Requests: 1 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E3F3D5CC4730BAB8849A402169B9AAF7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583893&bpp=1&bdt=161&idt=341&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6073340010786&frm=8&ife=1&pv=1&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fx0svvsiyrpu&fsb=1&dtd=346
Frame ID: 4DC9C692EA101CA1123661859AD56E7A
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 84E294908801F1A14AB12A47135EDA5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407278883&plat=1%3A147968%2C2%3A147968%2C3%3A2163200%2C4%3A2163200%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584248&bpp=2&bdt=255&idt=203&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&nras=1&correlator=4772026716901&frm=8&ife=1&pv=2&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.btohwpkkshpk&fsb=1&dtd=217
Frame ID: F84E0CD80907141C88DEBF3656CBEAD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220
Frame ID: EFCA03F26B87E553FA956D74C1830DDB
Requests: 7 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5457BD3AEB8AAE637BB428457EA6DE57
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g09mtzf1cta6pbw3ez997fr33c1v5rh47c1w8813deyhcjavk88k5b96k3vez5tkqa4s4x6wpa26yf21gp1ab40648gcqnwjshkwa1k737cp92fkfcdngghqbqtrxzs3acm5ckxb9za11fw52rvxk9q5je7yeq30ac874e7j2w3r2nwq6nj2vswygexfhqqt5y55kc860z1bpnvnhngscmxfywy365jhwxxpycdtxe4dmf1dr8sn2sj8fr89dsk5nvyd0xzt4rkq8gdjj64t95t1vzwkxjb3817apm1tsx5z4nvjzpdxfvr3zbzmz42pcj9mqgphse4szzxng59tg0yab58sjq6gmsmnbmr40jw8zzpg1yw3925yxbqzcj35zrvp9eq85mxpw8g6xq79hbp841qzz5z91g2dez1s3js8zsyypvc05s5arbb0a8e1ygvanycd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: E42ED8D62CC7F2197FFCFC8F7EAB5324
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 718328329393294CD320FCC2855AE63A
Requests: 9 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 01A5571C7E09DA15BE385C921F88CE89
Requests: 18 HTTP requests in this frame

Frame: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0BFEA42F400527309AD6859AA025AADA
Requests: 17 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5F5AF44A90B3A64A17D62E87F7AB21A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5C09DCCD25871E070F4DA0BC6E70DA64
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D134BDBE986A75DD9FC43605CD6F732
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D541FC3A293E9413ABEED433D2288D54
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kbvbcwg5gqey3nzwy7hhkjrz04x4vq7rhxp0xay54nqq4zs92qfyaxtdb531cpd010s0qp7h46g1adybx560b7hgq8m1yxayexgzdmygb6yh4t7vkynwg5ctd2x284cy8y1nh9c79x3hnrwnyc23eq7w9qxf5na7hx31khre8mwxk07rr07ehv6jj1dyjjneg4wn1rjvnnqypd9jdza5qyww7bp9382r9e21mc9pkxmd8xjbcy3px5ate59qt7srjxaskzvwm12bae1bjf30t5gb51r8aenpxz8nbvtxv1d5xgy7dem81cjq4kgt619g5p78j9gps7nzsaqk65y7p5ezdbxfhqhenkj1gmqmr8tmv7d2jygzdjcqm23jjb5xcpx5menpb7236v6akyzvxb51g75bwc8kyfxche8m0ag9dje1m3xfebe0j461h5tyc8a2sgvcz10&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: E153D04B70F50333160C337789DCB0F6
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2CAFB98484D37FBF911E1DF9C23F7593
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: F6D77BE2E0AF999E45351EAC7AEADA80
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: B4D1FAF7407B05E1606D797702C02D9B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A0D314B4E32C308A13E032259B50263F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: EE9B1DE189EF26182F9AE5DF766DBF63
Requests: 14 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/cf7851c9-3263-4bce-8f91-9a5861a569af
Frame ID: A4C658028FC586F2DAF9DBDA96165B93
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: EAE7021AFF72A3789CBC22276DE13151
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9EAEB7800DFA48CE5A00C5DFD70589DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 36342DA3A51008C7DB487467B58C8735
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B39051863E725A4D3BFEC4138C6CC3A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED48F146C7C93B2BF7AF1C8C04E09A14
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7A5A84C08B408F384D787AB37444F036
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 510AD5F8BE9E11F7DBEFCE3B72BC75CD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 3C2A15EDA963C5DA5A21B247384B5ACE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FC25DEB95F73CA8D1268E631B748B23
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81F40C032CB6B089402E4CFE257B2BCB
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E0D8F74B496BAEFF04A6A7DF62C06284
Requests: 10 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 99B858FAAEBA0E735C484218218BB479
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7E2AD4F82671C08B0561AB995D5E2618
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: C445A9E066CE80F44013F9D4EE286877
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74726460-05f9-4d00-8655-a00aa42a999b&gdpr=0&gdpr_consent=
Frame ID: 7632D26BB0814E6554F740BA89EAF301
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827860448095
Frame ID: 3A1D8F730BC5B58B0D711A0187C6F563
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 6CFFF116EE4DDBC2DC88B5418A8FE1CF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7974488385232500322
Frame ID: E2284F6DE26CE2A2CB656F4E89A4DB7A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4710005064773880771&gdpr=0&gdpr_consent=
Frame ID: E408F9A420163B20E6D04F3C0DB0D388
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nuvemshop (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

Nuvem

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

403
Requests

87 %
HTTPS

35 %
IPv6

70
Domains

111
Subdomains

80
IPs

11
Countries

8952 kB
Transfer

15426 kB
Size

49
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://rek.izlesene.com/mockups/philips/Philips_utu_DB.mp4 HTTP 302
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4

Request Chain 124

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 156

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 201

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBFXifxmhtsHAbqC1boSxCk&google_cver=1&google_push=ATf1kGNWVRhAliBQeQ9pFaVPwLCfPzyv_HerhLprkWJTDNaupprh8iKOjvQZl_ARhCkezDbTDeF1JiZP5frOLcCpHcMSyyz2yAU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGNWVRhAliBQeQ9pFaVPwLCfPzyv_HerhLprkWJTDNaupprh8iKOjvQZl_ARhCkezDbTDeF1JiZP5frOLcCpHcMSyyz2yAU

Request Chain 203

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECkt4KQcL0_GV5YoMbivC_M&google_cver=1&google_push=ATf1kGOua8Yih7XD_9TEqgxOxv_k72CCFswx0jr-hbgWCx723Er7umeRvYSUfqvIJ2jaMErKPYmywx8jMoqOQbafh9vFd9mFtw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECkt4KQcL0_GV5YoMbivC_M&google_cver=1&google_push=ATf1kGOua8Yih7XD_9TEqgxOxv_k72CCFswx0jr-hbgWCx723Er7umeRvYSUfqvIJ2jaMErKPYmywx8jMoqOQbafh9vFd9mFtw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOua8Yih7XD_9TEqgxOxv_k72CCFswx0jr-hbgWCx723Er7umeRvYSUfqvIJ2jaMErKPYmywx8jMoqOQbafh9vFd9mFtw

Request Chain 204

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECgKPV-cbZVeMtmwjIq9nu4&google_cver=1&google_push=ATf1kGPXLf6S31FINupCCcFH0VDdKREOyIA0f2vsraOqxmh1JZnMHZ_3PxNPPu7Y5cl_I0V25Jhbx6WgvcvMRkYNKChsZM3_N9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPXLf6S31FINupCCcFH0VDdKREOyIA0f2vsraOqxmh1JZnMHZ_3PxNPPu7Y5cl_I0V25Jhbx6WgvcvMRkYNKChsZM3_N9w

Request Chain 205

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKEhmtsszSb8-4TjIXBsH6Y&google_cver=1&google_push=ATf1kGOWLcbLaO0Jy10uHjui3T_nZpjM1gizv2JCGDzDDMSnggzx1BlL3dWJQQ9vrRtcOkUurjHMh0p7rV2Qvmcj_NHHo7qlrbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOWLcbLaO0Jy10uHjui3T_nZpjM1gizv2JCGDzDDMSnggzx1BlL3dWJQQ9vrRtcOkUurjHMh0p7rV2Qvmcj_NHHo7qlrbg

Request Chain 206

https://sync.inmobi.com/gob?google_gid=CAESEDXkgzTcLJvqtvScv-OB8v8&google_cver=1&google_push=ATf1kGOdLmTV8Z3XQ7IFWnhSeTSbJKY3CDEciUsWR0-WefyCI-a1EE0zL_AZ-YQfINCVv3CSe5ZZe7xwdB9MpV_B8wqw6FexXz3w HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOdLmTV8Z3XQ7IFWnhSeTSbJKY3CDEciUsWR0-WefyCI-a1EE0zL_AZ-YQfINCVv3CSe5ZZe7xwdB9MpV_B8wqw6FexXz3w

Request Chain 207

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKEhmtsszSb8-4TjIXBsH6Y&google_cver=1&google_push=ATf1kGNRint4a8okAe_Z3IxFxQOLabbnoz2SLuln02sNCkUSCSDnCo9VlbNRwBUEVhDsYsQ8OLYFG3ArFd5ZTabdBvzEqkRmo1b3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNRint4a8okAe_Z3IxFxQOLabbnoz2SLuln02sNCkUSCSDnCo9VlbNRwBUEVhDsYsQ8OLYFG3ArFd5ZTabdBvzEqkRmo1b3 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 250

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_cver=1&google_push=ATf1kGP45KnXRvqpBU6wCAIVrxEizZgDh7Cd7ny6fWIOuQ8r3lTVHW0ndWg8zSflBnIzMb3HH9VqXIYVKS_WJJGJASdKfEEQlBZKBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGP45KnXRvqpBU6wCAIVrxEizZgDh7Cd7ny6fWIOuQ8r3lTVHW0ndWg8zSflBnIzMb3HH9VqXIYVKS_WJJGJASdKfEEQlBZKBQ

Request Chain 252

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECkt4KQcL0_GV5YoMbivC_M&google_cver=1&google_push=ATf1kGN8EMF5lhm37X9zBCS-ZTT6jjfwIwPwS4lQoDjyCL7kESbjG1pUyWMiLzT3n8VXAxF3AzfVQcdHpAb4Hic3WFS4pZPOfAhhhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGN8EMF5lhm37X9zBCS-ZTT6jjfwIwPwS4lQoDjyCL7kESbjG1pUyWMiLzT3n8VXAxF3AzfVQcdHpAb4Hic3WFS4pZPOfAhhhg

Request Chain 253

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIJV9o1ImstVfSMrup4LzRY&google_cver=1&google_push=ATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1684014585094 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-24af462b-e7e6-472b-a16d-d04536375f51-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw%26google_hm%3DAySvRivn5kcroW3QRTY3X1E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw&google_hm=AySvRivn5kcroW3QRTY3X1E

Request Chain 255

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAWfkeJsci718o8Acg1Vsgk&google_cver=1&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2cfQaXySgyLzjBj1Cd87KgyUnonJWBCdlHVU0SKWWFyP0avE HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAWfkeJsci718o8Acg1Vsgk&google_cver=1&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2cfQaXySgyLzjBj1Cd87KgyUnonJWBCdlHVU0SKWWFyP0avE&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XTkpTaWNSRTJ1RXBoNWZrdEs2RXVvbDlSeUlrU3RRan5B&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2cfQaXySgyLzjBj1Cd87KgyUnonJWBCdlHVU0SKWWFyP0avE

Request Chain 256

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEB1Y9F4by_qcefdQl7VCrlU&google_cver=1&google_push=ATf1kGOvaMUwPGqJqR0OOlL6g0-DPsf8RowOw_hdsJUqUfc8iT5FwNx8H93PdjQhxlEzXfPEJerXdYevStrO-W5cL5MQcgTcP9fJkJ0 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEB1Y9F4by_qcefdQl7VCrlU&google_cver=1&google_push=ATf1kGOvaMUwPGqJqR0OOlL6g0-DPsf8RowOw_hdsJUqUfc8iT5FwNx8H93PdjQhxlEzXfPEJerXdYevStrO-W5cL5MQcgTcP9fJkJ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c2f0f786-d413-4d32-978f-7dcad1e420a7&%%GOOGLE_PUSH_PAIR%%

Request Chain 258

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOXMLxEXB2FJLA9HxCV9J4Q&google_cver=1&google_push=ATf1kGO-VHt4b7uTh7R49WDA56wwsyzh3rprjbCbGK2k3pFIZgcrchx6lxKeQLgYE7DBk9fxQa7P1nfDxOw2nc8fcDtsvRzAjOA7bmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE1MDA0ODQyNzg2MTgyOTkxNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOXMLxEXB2FJLA9HxCV9J4Q&google_cver=1

Request Chain 260

https://d.agkn.com/pixel/2175/?google_gid=CAESEH7_kbnGkVbNfznpoWlUOQg&google_cver=1&google_push=ATf1kGNLQMC5V7Lh_nLrj_rm1bgga-sxfIJ-lKujGm2ZncVzrvaX7a3w1TTy_1-oUTrqfakNgSwnoab-eEIxsMdWstO0-tLjbh6nUeY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNLQMC5V7Lh_nLrj_rm1bgga-sxfIJ-lKujGm2ZncVzrvaX7a3w1TTy_1-oUTrqfakNgSwnoab-eEIxsMdWstO0-tLjbh6nUeY&google_hm=Q0FFU0VIN19rYm5Ha1ZiTmZ6bnBvV2xVT1Fn

Request Chain 261

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGMjcYGMPjDh4X8T_Max3DIa6ZU5JOl4YOPAmmOqZL69jVBuTiX8wSf7DcznYyrfWsI_mfsavVKagp1kGgWBchodA2YJqGcKNd4&google_gid=CAESEPwBn09klNx4J8KzxoLOha8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGMjcYGMPjDh4X8T_Max3DIa6ZU5JOl4YOPAmmOqZL69jVBuTiX8wSf7DcznYyrfWsI_mfsavVKagp1kGgWBchodA2YJqGcKNd4&google_gid=CAESEPwBn09klNx4J8KzxoLOha8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MTMyMTQ5NDUwMDA4MjYzODg0MjI1MA%3D%3D&google_push=ATf1kGMjcYGMPjDh4X8T_Max3DIa6ZU5JOl4YOPAmmOqZL69jVBuTiX8wSf7DcznYyrfWsI_mfsavVKagp1kGgWBchodA2YJqGcKNd4

Request Chain 262

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEJyTrXw2C4GtInJXV1dH7A&google_cver=1&google_push=ATf1kGNxvyD74I6DpMJVXK7f9XUMacIMAdhr4MLn34oscCWeZp9UuCOdMeqq2xRDz_EZmV8OfOaaYW090k_HGcJ3rk6kvKAaZvK4UXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNxvyD74I6DpMJVXK7f9XUMacIMAdhr4MLn34oscCWeZp9UuCOdMeqq2xRDz_EZmV8OfOaaYW090k_HGcJ3rk6kvKAaZvK4UXs&google_hm=eS1yZ2xTdXpKRTJwRmQzSTdiajBYYkxyVnJMb1ZEanhYQ35B

Request Chain 263

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECkt4KQcL0_GV5YoMbivC_M&google_cver=1&google_push=ATf1kGNsEMutnUVEmbYYBX037bGhZqR9d-HTKy7qaFcqoKMyb0oM0vLZY29NxBUPI0ZZAsgOMEa1yqwZKLIuvjQKk70lkl3d4N6QDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNsEMutnUVEmbYYBX037bGhZqR9d-HTKy7qaFcqoKMyb0oM0vLZY29NxBUPI0ZZAsgOMEa1yqwZKLIuvjQKk70lkl3d4N6QDg

Request Chain 264

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_cver=1&google_push=ATf1kGOGsp5eQ4e-zALr2fl0-9SDbDPqMmH6H6rrcz8eE9pfaI7cZ0jzpdbr0wz4cMAkHzilY15yangUbF0Wrzl_4ZN1tosk1-BBD6s HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_push=ATf1kGOGsp5eQ4e-zALr2fl0-9SDbDPqMmH6H6rrcz8eE9pfaI7cZ0jzpdbr0wz4cMAkHzilY15yangUbF0Wrzl_4ZN1tosk1-BBD6s&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGOGsp5eQ4e-zALr2fl0-9SDbDPqMmH6H6rrcz8eE9pfaI7cZ0jzpdbr0wz4cMAkHzilY15yangUbF0Wrzl_4ZN1tosk1-BBD6s

Request Chain 266

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH4udF7sqlYyD_pzkrUGXUM&google_cver=1&google_push=ATf1kGMOm9XuWXDaDJpdXUWy-_0AjVWeLigXc-M6j_8_UTh2xR571ZdtcpXXEKZ3RVXVrMG66PTKk9iwS3BTZwu8lVsB4kowRuc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMOm9XuWXDaDJpdXUWy-_0AjVWeLigXc-M6j_8_UTh2xR571ZdtcpXXEKZ3RVXVrMG66PTKk9iwS3BTZwu8lVsB4kowRuc

Request Chain 267

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBFXifxmhtsHAbqC1boSxCk&google_cver=1&google_push=ATf1kGPYZeLL5pgFV1XuumSEMNkV7VWAxOgbH-ReOInAq7onwv7XUxay0zz2uhRl1mkdLXSzXsnDvgK1znw3tKz7kh5XWBcvhOgN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGPYZeLL5pgFV1XuumSEMNkV7VWAxOgbH-ReOInAq7onwv7XUxay0zz2uhRl1mkdLXSzXsnDvgK1znw3tKz7kh5XWBcvhOgN

Request Chain 268

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEJyTrXw2C4GtInJXV1dH7A&google_cver=1&google_push=ATf1kGPMMelEa5P_GjScpaNbNJehDcVS_3ILVIKNMq-OezOjo3gt_lt59j49xFGU_f67pNCvxlCAWBLpfjlVoj-Dr-nr4kL2xgs4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPMMelEa5P_GjScpaNbNJehDcVS_3ILVIKNMq-OezOjo3gt_lt59j49xFGU_f67pNCvxlCAWBLpfjlVoj-Dr-nr4kL2xgs4&google_hm=eS1jSHRTRFdWRTJwRzBnWEZ4Ynh4bXVfcktrX3FtLnFES35B

Request Chain 270

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECkt4KQcL0_GV5YoMbivC_M&google_cver=1&google_push=ATf1kGMuvedqlHSsDSEaPxxGwY1tG_puqHp-yOLIhHqyhgvb-z3P1i2vIftTfojQr4uoDWlFu3EfcS_Q2hAfO0HuHqJf4610i84W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMuvedqlHSsDSEaPxxGwY1tG_puqHp-yOLIhHqyhgvb-z3P1i2vIftTfojQr4uoDWlFu3EfcS_Q2hAfO0HuHqJf4610i84W

Request Chain 271

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIJV9o1ImstVfSMrup4LzRY&google_cver=1&google_push=ATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1684014585094 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-24af462b-e7e6-472b-a16d-d04536375f51-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8%26google_hm%3DAySvRivn5kcroW3QRTY3X1E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8&google_hm=AySvRivn5kcroW3QRTY3X1E

Request Chain 272

https://sync.inmobi.com/gob?google_gid=CAESEDXkgzTcLJvqtvScv-OB8v8&google_cver=1&google_push=ATf1kGNbHS8HP8gkKYUMef8ISobiINmF0UvexGlPkncKVLvauavZJfkl-haZu3CdsTYWcb8z2ilF7kA3sK6OlgOnOH_C5vQAr8kM5A HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNbHS8HP8gkKYUMef8ISobiINmF0UvexGlPkncKVLvauavZJfkl-haZu3CdsTYWcb8z2ilF7kA3sK6OlgOnOH_C5vQAr8kM5A

Request Chain 277

https://a.tribalfusion.com/i.match?p=b6&u=CAESEObe88g55PNquUohWrBykDo&google_cver=1&google_push=ATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObe88g55PNquUohWrBykDo&google_cver=1&google_push=ATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 278

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_cver=1&google_push=ATf1kGO--VDZTzhXaDzk84jbJw-88MuSjD3ezwBzoPNC1nsrMMrpYIZIvSnIZWg0ja0BawPwgQnGhcVO3f9pz70dthyhq2mm_oft HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGO--VDZTzhXaDzk84jbJw-88MuSjD3ezwBzoPNC1nsrMMrpYIZIvSnIZWg0ja0BawPwgQnGhcVO3f9pz70dthyhq2mm_oft

Request Chain 280

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_cver=1&google_push=ATf1kGNiaTSBVoLvp8icFKKxua4mjzxq_Kl8EDVCiYpR9Wk4jFVd6GrjiiYG1oSvHeL5jsMaWJT16adFSufQV-UjWcKoANVFuQg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_push=ATf1kGNiaTSBVoLvp8icFKKxua4mjzxq_Kl8EDVCiYpR9Wk4jFVd6GrjiiYG1oSvHeL5jsMaWJT16adFSufQV-UjWcKoANVFuQg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGNiaTSBVoLvp8icFKKxua4mjzxq_Kl8EDVCiYpR9Wk4jFVd6GrjiiYG1oSvHeL5jsMaWJT16adFSufQV-UjWcKoANVFuQg

Request Chain 281

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKEhmtsszSb8-4TjIXBsH6Y&google_cver=1&google_push=ATf1kGOng9VTdGqZk5MS_1WVxZDTBki1ysHRiBWtEruSoyV8xmCzmeZ9PcXiAnQl6FgDvArzs0PE88Hw887EtSTeaI6UUXLNDgK1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOng9VTdGqZk5MS_1WVxZDTBki1ysHRiBWtEruSoyV8xmCzmeZ9PcXiAnQl6FgDvArzs0PE88Hw887EtSTeaI6UUXLNDgK1

Request Chain 282

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBxUAMDLI9zw80AxAMvZYV8&google_cver=1&google_push=ATf1kGOVFASEEomdcXuUgVoG4I25l8yXb9D2X-O4zyIy15wfYPw_MnHuEX_1MJptnvjdNTlVyLaejlYgE9VwBOeSqKKYJ8P2KaHVUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOVFASEEomdcXuUgVoG4I25l8yXb9D2X-O4zyIy15wfYPw_MnHuEX_1MJptnvjdNTlVyLaejlYgE9VwBOeSqKKYJ8P2KaHVUw&google_hm=K6yT4Gr5Qw-CKUQ39c7j5qY

Request Chain 368

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Jh4RInxDd3NpNE0xRE9QMlNtNHE1Q2UzRFVCYjgvU1JJbEw1S0hEdmxpN3plWHhEdHBEZXJITlZGa0ZxWkw4V2IxcThZSlNtR2k3Q2ZObEJNWVI5MkpXaWhPL3AxVjQ4eTJqMW5henFSTVNDQ1NjNzdqL0dMZXlGLzJPS0w2Y054RDlMRGNZOFJLNUI1dVlxdGp0a3pFTnhuWDFoR0tmVjF1Q2pLK0xqNExtL3R3TkJlS1JKcTZycTBGQktrc3FPMzlWWGVCS2l3RmExazRycEFmRTBvcjFjQ1VnSmJSMmEwVis2alBRdUlFbWRhNnhybkxrQU90cGJ2bDVjWHJhcUJDRUpXRXplZnlBeHNuZk01Vm1OeWxJWUNIem03NFB5MU1URTJaMDhFaUkwNWNFZz18&cppv=2

Request Chain 387

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74726460-05f9-4d00-8655-a00aa42a999b&gdpr=0&gdpr_consent=

Request Chain 388

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827860448095

Request Chain 389

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 390

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7974488385232500322

Request Chain 391

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4710005064773880771&gdpr=0&gdpr_consent=

Request Chain 392

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 394

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2073744397 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53A9F8C7-93FF-478C-804A-7A3EDC4486E8

Request Chain 395

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=53A9F8C7-93FF-478C-804A-7A3EDC4486E8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aGg0a25iMlotTWJTNHk0M3N5VWxLT2ZCdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTNBOUY4QzctOTNGRi00NzhDLTgwNEEtN0EzRURDNDQ4NkU4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 397

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFXmjx2EfJUpTRUdd39FrXE&google_cver=1

Request Chain 399

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1379965003804439536

Request Chain 401

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHMISWPG-9-4I2H

Request Chain 403

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/mtD_8R2N3Y-Z5Wh33J4KSQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-60jb1zNE2oJ67ZFSD4vx7X6Dj33F3kTYTe8txw--~A

Request Chain 404

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QqZTisKcRL6zC8g2eZiHIg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QqZTisKcRL6zC8g2eZiHIg

Request Chain 405

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhNSVNXUEctOS00STJI HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGJkLBnEuOkAk17jnkH8A3Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNSVNXUEctOS00STJI&google_push=

Request Chain 406

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzI5ODQ1OGJiZDg0ZDM2MjZmODg0ZjBlNDUzZjMwNDkwNTYwNDVkZQ

Request Chain 407

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEcYI6vpAf3Hd1u1shWeF88&google_cver=1

Request Chain 409

https://unilever.demdex.net/event?d_sid=25453995&cs=1684014587180 HTTP 302
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1684014587180

403 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x69807j0b5.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 399ms
98ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1318
Content-MD5: +Dz/d7Mp2GQfilgWrAkqiw==
Content-Type: text/html
Date: Sat, 13 May 2023 21:49:40 GMT
ETag: 0x8DB3056EC846A51
Last-Modified: Wed, 29 Mar 2023 13:10:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f157d8f2-401e-005d-1be4-854889000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 93ms
93ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-request-id: f157d939-401e-005d-5ee4-854889000000
Date: Sat, 13 May 2023 21:49:40 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 283ms
96ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 13 May 2023 21:49:40 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: f157d9ee-401e-005d-7be4-854889000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 186ms
93ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 13 May 2023 21:49:40 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: f157d998-401e-005d-2fe4-854889000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 55 B
321 B 331ms
113ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:39 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 45

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 227ms
119ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:39 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame CADC 75 KB
76 KB 203ms
55ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fff874a7f8a3308b64a56752b45cc037f2cb2d8c5d465843e04ea65190158c72

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 77172
content-type: text/html; charset=utf-8
date: Sat, 13 May 2023 21:49:42 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame CADC 90 KB
33 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 12:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 May 2024 12:36:30 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame CADC 10 KB
2 KB 84ms
83ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame CADC 40 KB
12 KB 69ms
7ms Stylesheet
text/css 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 2205129
x-accel-date: 1681809453
x-77-nzt: AcO1qhEOR5T/yaUhAA
x-accel-expires: @1713345453
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 4c156224c1345cb3f6056064a7677f1c
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CADC 116 KB
46 KB 151ms
62ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dbb38a1a8aa51e4a4ed0038e0f6adfb911858030fd726275b6c8a82b391b183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46276
x-xss-protection: 0
last-modified: Sat, 13 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 May 2023 21:49:42 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame CADC 542 B
896 B 10ms
10ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205194
x-accel-date: 1681809388
content-length: 542
x-77-nzt: AcO1qhH/lyP/CqYhAA
x-accel-expires: @1713345388
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 4c156224c1345cb3f6056064647b8523
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame CADC 2 KB
2 KB 7ms
7ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205129
x-accel-date: 1681809453
content-length: 1651
x-77-nzt: AcO1qhEiKlT/yaUhAA
x-accel-expires: @1713345453
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 4c156224c1345cb3f605606483b55e24
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yumurtali-ciris-otu-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame CADC 17 KB
18 KB 13ms
7ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/yumurtali-ciris-otu-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cf5d15aa91ac6d6ccd06ddcf375983be7283bd8bc7a441f82113deb7b41f2743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 87250
x-accel-date: 1683927332
content-length: 17596
x-77-nzt: AcO1qhGcVZv/0lQBAA
x-accel-expires: @1715463332
last-modified: Fri, 12 May 2023 21:20:28 GMT
server: CDN77-Turbo
etag: "645ead9c-44bc"
x-77-nzt-ray: 4c156224c1345cb3f6056064b5ccb724
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame CADC 15 KB
15 KB 15ms
10ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 173509
x-accel-date: 1683841073
content-length: 15403
x-77-nzt: AcO1qhGNI8z/xaUCAA
x-accel-expires: @1715377073
last-modified: Thu, 11 May 2023 20:25:52 GMT
server: CDN77-Turbo
etag: "645d4f50-3c2b"
x-77-nzt-ray: 4c156224c1345cb3f6056064aecdbe24
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame CADC 17 KB
17 KB 18ms
12ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 255936
x-accel-date: 1683758646
content-length: 17312
x-77-nzt: AcO1qhHDuFH/wOcDAA
x-accel-expires: @1715294646
last-modified: Wed, 10 May 2023 22:21:12 GMT
server: CDN77-Turbo
etag: "645c18d8-43a0"
x-77-nzt-ray: 4c156224c1345cb3f6056064c1f1ce24
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame CADC 16 KB
16 KB 21ms
15ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcc58cc9d4be09fdd40a74ca3a453622a269f2bdd1c598a863f54d2bd07a2126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 343454
x-accel-date: 1683671128
content-length: 16203
x-77-nzt: AcO1qhEHf5//nj0FAA
x-accel-expires: @1715207128
last-modified: Tue, 09 May 2023 22:05:32 GMT
server: CDN77-Turbo
etag: "645ac3ac-3f4b"
x-77-nzt-ray: 4c156224c1345cb3f60560645319d424
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame CADC 14 KB
14 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204332
x-accel-date: 1681810250
content-length: 14314
x-77-nzt: AcO1qhGBMe3/rKIhAA
x-accel-expires: @1713346250
last-modified: Sat, 26 Feb 2022 22:43:44 GMT
server: CDN77-Turbo
etag: "621aad20-37ea"
x-77-nzt-ray: 4c156224c1345cb3f6056064ebc8d724
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-gogsu-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/07/ Frame CADC 15 KB
16 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/07/tavuk-gogsu-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e8f206722d43879dc706b4270e95add2fb8ff20785b9ff7c2bf2bab8f4012435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205113
x-accel-date: 1681809469
content-length: 15544
x-77-nzt: AcO1qhFQlsX/uaUhAA
x-accel-expires: @1713345469
last-modified: Thu, 08 Jul 2021 13:19:59 GMT
server: CDN77-Turbo
etag: "60e6fb7f-3cb8"
x-77-nzt-ray: 4c156224c1345cb3f605606460fcda24
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kabak-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame CADC 15 KB
16 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kabak-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2614739e5032eef7a58aa35faf7010861d20c62b93b0e8d42a1e8d0a2a7ffa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204476
x-accel-date: 1681810106
content-length: 15726
x-77-nzt: AcO1qhE9hX7/PKMhAA
x-accel-expires: @1713346106
last-modified: Mon, 04 May 2020 23:42:37 GMT
server: CDN77-Turbo
etag: "5eb0a86d-3d6e"
x-77-nzt-ray: 4c156224c1345cb3f6056064254edd24
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/02/ Frame CADC 13 KB
13 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/02/nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204214
x-accel-date: 1681810368
content-length: 13272
x-77-nzt: AcO1qhFeuxL/NqIhAA
x-accel-expires: @1713346368
last-modified: Wed, 01 May 2019 22:22:18 GMT
server: CDN77-Turbo
etag: "5cca1c1a-33d8"
x-77-nzt-ray: 4c156224c1345cb3f6056064e46bdf24
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 falafel-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame CADC 13 KB
13 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/falafel-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 25b0fc18fa46dfcb28fdab9b486f78a11dc35790fdfc410b1af2c062410e14d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204968
x-accel-date: 1681809614
content-length: 13336
x-77-nzt: AcO1qhFV8qT/KKUhAA
x-accel-expires: @1713345614
last-modified: Wed, 07 Oct 2020 22:28:47 GMT
server: CDN77-Turbo
etag: "5f7e411f-3418"
x-77-nzt-ray: 4c156224c1345cb3f6056064b6dde124
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 topalak-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame CADC 15 KB
15 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/topalak-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9b38d88b1023d2badd893cbb744210baf4a8f01a2c36f2efa8799dd86440cf2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204968
x-accel-date: 1681809614
content-length: 15156
x-77-nzt: AcO1qhHBXXv/KKUhAA
x-accel-expires: @1713345614
last-modified: Sun, 03 Apr 2022 23:51:26 GMT
server: CDN77-Turbo
etag: "624a32fe-3b34"
x-77-nzt-ray: 4c156224c1345cb3f60560642ee2e424
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pelte-tatlisi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame CADC 17 KB
17 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/pelte-tatlisi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4f3c9219acd9ca11fcb6f32daaa79fb50b46fc9592e12c4c6c41f8f9e5b0ac72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2199421
x-accel-date: 1681815161
content-length: 16998
x-77-nzt: AcO1qhHrad3/fY8hAA
x-accel-expires: @1713351161
last-modified: Sun, 07 Nov 2021 00:02:21 GMT
server: CDN77-Turbo
etag: "6187178d-4266"
x-77-nzt-ray: 4c156224c1345cb3f6056064974d1425
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 etli-sogan-dolmasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/03/ Frame CADC 13 KB
13 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/03/etli-sogan-dolmasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f973d75ead19729433907ba993cee75784ac0ba25a5f229c3091e7f45966b1a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204488
x-accel-date: 1681810094
content-length: 12894
x-77-nzt: AcO1qhHkjYn/SKMhAA
x-accel-expires: @1713346094
last-modified: Wed, 01 May 2019 22:39:26 GMT
server: CDN77-Turbo
etag: "5cca201e-325e"
x-77-nzt-ray: 4c156224c1345cb3f60560643a5e1725
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patates-musakka-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame CADC 17 KB
18 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/patates-musakka-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d417c17bfce3dfec57bdd3b2d008fb4c6b3080107b3176d8e96c7ed80544622e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205058
x-accel-date: 1681809524
content-length: 17618
x-77-nzt: AcO1qhG5Irf/gqUhAA
x-accel-expires: @1713345524
last-modified: Fri, 23 Oct 2020 22:42:47 GMT
server: CDN77-Turbo
etag: "5f935c67-44d2"
x-77-nzt-ray: 4c156224c1345cb3f605606405911925
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sebzeli-tencere-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame CADC 16 KB
16 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/sebzeli-tencere-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5e28786e68ee9365dbc5f4b39fa49358367e4371322c7bfc70f7b016e7cfed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205106
x-accel-date: 1681809476
content-length: 16006
x-77-nzt: AcO1qhEvQy7/sqUhAA
x-accel-expires: @1713345476
last-modified: Wed, 13 Apr 2022 23:53:28 GMT
server: CDN77-Turbo
etag: "62576278-3e86"
x-77-nzt-ray: 4c156224c1345cb3f6056064bc171c25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ev-usulu-firinda-urfa-kebap-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ Frame CADC 13 KB
13 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ev-usulu-firinda-urfa-kebap-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fb9ee137734c9d4933d908d02325dc37c4dd86dd58614a2c7d9d5a01890aefd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2203806
x-accel-date: 1681810776
content-length: 12802
x-77-nzt: AcO1qhGzEuz/nqAhAA
x-accel-expires: @1713346776
last-modified: Wed, 01 May 2019 22:49:22 GMT
server: CDN77-Turbo
etag: "5cca2272-3202"
x-77-nzt-ray: 4c156224c1345cb3f60560649ba21e25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-orman-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame CADC 12 KB
13 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/kofteli-orman-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2ee4854a38ad37b61a8727c71e98305037bc4711d65f4bac43420986b4c9455f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205057
x-accel-date: 1681809525
content-length: 12566
x-77-nzt: AcO1qhGIWaj/gaUhAA
x-accel-expires: @1713345525
last-modified: Sat, 25 May 2019 22:23:34 GMT
server: CDN77-Turbo
etag: "5ce9c066-3116"
x-77-nzt-ray: 4c156224c1345cb3f605606463202125
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sebzeli-tavuk-haslama-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/10/ Frame CADC 12 KB
12 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/10/sebzeli-tavuk-haslama-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b3487493fe130a7c5fd02e5d4568d85b5aea1b549db0799d87e088cda9b0da3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2199256
x-accel-date: 1681815326
content-length: 12424
x-77-nzt: AcO1qhFL51X/2I4hAA
x-accel-expires: @1713351326
last-modified: Mon, 10 Oct 2022 22:26:39 GMT
server: CDN77-Turbo
etag: "63449c1f-3088"
x-77-nzt-ray: 4c156224c1345cb3f6056064ff732325
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame CADC 14 KB
15 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204816
x-accel-date: 1681809766
content-length: 14751
x-77-nzt: AcO1qhHL22X/kKQhAA
x-accel-expires: @1713345766
last-modified: Wed, 05 May 2021 00:03:16 GMT
server: CDN77-Turbo
etag: "6091e0c4-399f"
x-77-nzt-ray: 4c156224c1345cb3f60560649a5b2525
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame CADC 12 KB
13 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/tavuk-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2201391
x-accel-date: 1681813191
content-length: 12499
x-77-nzt: AcO1qhFMH8H/L5chAA
x-accel-expires: @1713349191
last-modified: Wed, 01 May 2019 23:26:22 GMT
server: CDN77-Turbo
etag: "5cca2b1e-30d3"
x-77-nzt-ray: 4c156224c1345cb3f6056064f7ee2725
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-burger-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame CADC 11 KB
11 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/tavuk-burger-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 78aa3d973a83de17d8b856934f19a2613483fbfd3cd2b6c5bc50865014924659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204558
x-accel-date: 1681810024
content-length: 11304
x-77-nzt: AcO1qhEwR0j/jqMhAA
x-accel-expires: @1713346024
last-modified: Mon, 28 Feb 2022 17:23:23 GMT
server: CDN77-Turbo
etag: "621d050b-2c28"
x-77-nzt-ray: 4c156224c1345cb3f605606431052a25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firin-mucver-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/02/ Frame CADC 11 KB
11 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/02/firin-mucver-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a52a69704652f7261a3f3664cd687babce03765af948cf237a247e4e97b9e800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2202135
x-accel-date: 1681812447
content-length: 11328
x-77-nzt: AcO1qhFqusn/F5ohAA
x-accel-expires: @1713348447
last-modified: Wed, 01 May 2019 23:30:53 GMT
server: CDN77-Turbo
etag: "5cca2c2d-2c40"
x-77-nzt-ray: 4c156224c1345cb3f6056064ca752d25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/12/ Frame CADC 15 KB
15 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/12/borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7ba27913161d377216951f272f6e07028fb541c374eedb19939dc564100ca021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204258
x-accel-date: 1681810324
content-length: 14976
x-77-nzt: AcO1qhHllHj/YqIhAA
x-accel-expires: @1713346324
last-modified: Wed, 01 May 2019 23:28:24 GMT
server: CDN77-Turbo
etag: "5cca2b98-3a80"
x-77-nzt-ray: 4c156224c1345cb3f6056064fe283025
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/06/ Frame CADC 14 KB
15 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/06/domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204477
x-accel-date: 1681810105
content-length: 14650
x-77-nzt: AcO1qhHELIH/PaMhAA
x-accel-expires: @1713346105
last-modified: Wed, 16 Jun 2021 22:40:57 GMT
server: CDN77-Turbo
etag: "60ca7df9-393a"
x-77-nzt-ray: 4c156224c1345cb3f60560649bb63225
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 havuc-pilaki-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame CADC 16 KB
16 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/havuc-pilaki-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 90dec89369d64e98c561b6eebf4c986b0e41f155b6524927779ea55ac632ba4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2202790
x-accel-date: 1681811792
content-length: 15987
x-77-nzt: AcO1qhHuVlL/ppwhAA
x-accel-expires: @1713347792
last-modified: Mon, 13 Mar 2023 21:52:36 GMT
server: CDN77-Turbo
etag: "640f9b24-3e73"
x-77-nzt-ray: 4c156224c1345cb3f605606427f03425
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mercimekli-tarhana-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/08/ Frame CADC 13 KB
13 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/08/mercimekli-tarhana-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 31e62e0b092bc9ff94b2b8e841ae9305955b398a7cd80116a4d79bc9fe3b6e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204764
x-accel-date: 1681809818
content-length: 12901
x-77-nzt: AcO1qhFETZ7/XKQhAA
x-accel-expires: @1713345818
last-modified: Mon, 23 Aug 2021 21:56:40 GMT
server: CDN77-Turbo
etag: "61241998-3265"
x-77-nzt-ray: 4c156224c1345cb3f6056064a92b3725
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 muradiye-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame CADC 11 KB
11 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/muradiye-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 43204d58f6a24cdd36d594f28e4dc0f9ab0f5ad29b4a166bb6d5f3c16756636f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205032
x-accel-date: 1681809550
content-length: 11241
x-77-nzt: AcO1qhHouOf/aKUhAA
x-accel-expires: @1713345550
last-modified: Wed, 01 May 2019 23:47:00 GMT
server: CDN77-Turbo
etag: "5cca2ff4-2be9"
x-77-nzt-ray: 4c156224c1345cb3f605606471373925
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 salcali-karnabahar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame CADC 9 KB
9 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/salcali-karnabahar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b5343e342183c9d48f9abe8eaf2cc0885268be08bd24bd3b8855a2b2ebf27180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204610
x-accel-date: 1681809972
content-length: 9137
x-77-nzt: AcO1qhFrfbf/wqMhAA
x-accel-expires: @1713345972
last-modified: Wed, 02 Dec 2020 13:58:22 GMT
server: CDN77-Turbo
etag: "5fc79d7e-23b1"
x-77-nzt-ray: 4c156224c1345cb3f6056064356b3b25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sikicik-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame CADC 16 KB
16 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/sikicik-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204777
x-accel-date: 1681809805
content-length: 16008
x-77-nzt: AcO1qhEE3vb/aaQhAA
x-accel-expires: @1713345805
last-modified: Thu, 04 Nov 2021 21:22:00 GMT
server: CDN77-Turbo
etag: "61844ef8-3e88"
x-77-nzt-ray: 4c156224c1345cb3f60560643db73d25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pastane-usulu-ekler-pasta-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame CADC 13 KB
13 KB 26ms
23ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/pastane-usulu-ekler-pasta-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6781c62e164b88da426379f11b224136e5c2304c6a31d652af03a33515a3a264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2203942
x-accel-date: 1681810640
content-length: 12905
x-77-nzt: AcO1qhGspeH/JqEhAA
x-accel-expires: @1713346640
last-modified: Wed, 01 May 2019 22:49:53 GMT
server: CDN77-Turbo
etag: "5cca2291-3269"
x-77-nzt-ray: 4c156224c1345cb3f6056064f27e4025
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mozaik-toplari-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame CADC 16 KB
16 KB 26ms
23ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/mozaik-toplari-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 878de60769bec438439f67e4a6facea40f500e79c90118ab9137415159f0f003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2202646
x-accel-date: 1681811936
content-length: 15973
x-77-nzt: AcO1qhFhoh//FpwhAA
x-accel-expires: @1713347936
last-modified: Wed, 01 May 2019 23:47:04 GMT
server: CDN77-Turbo
etag: "5cca2ff8-3e65"
x-77-nzt-ray: 4c156224c1345cb3f6056064ffdf4325
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 muzlu-profiterol-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame CADC 18 KB
18 KB 26ms
23ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/muzlu-profiterol-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 36e34de84ff3c4b14b5aff9c5072b9552b86918290dd3f5c39b616672f80437e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2204864
x-accel-date: 1681809718
content-length: 18311
x-77-nzt: AcO1qhGn7Zn/wKQhAA
x-accel-expires: @1713345718
last-modified: Fri, 20 May 2022 22:19:19 GMT
server: CDN77-Turbo
etag: "628813e7-4787"
x-77-nzt-ray: 4c156224c1345cb3f605606457ef4625
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 murdum-erikli-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/08/ Frame CADC 10 KB
11 KB 27ms
23ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/08/murdum-erikli-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f3119241b70c717a03d9b1fd22756103beca92c2d88a1e38e1dda588dbe28429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205033
x-accel-date: 1681809549
content-length: 10494
x-77-nzt: AcO1qhH76lr/aaUhAA
x-accel-expires: @1713345549
last-modified: Fri, 23 Aug 2019 23:57:03 GMT
server: CDN77-Turbo
etag: "5d607d4f-28fe"
x-77-nzt-ray: 4c156224c1345cb3f605606429794925
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 glutensiz-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/08/ Frame CADC 13 KB
13 KB 27ms
23ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/08/glutensiz-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 57a835c5d836b1cf5fa67347fc236c0f29253d86d07a7169204e7be865979f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2200504
x-accel-date: 1681814078
content-length: 13215
x-77-nzt: AcO1qhHyhRD/uJMhAA
x-accel-expires: @1713350078
last-modified: Sun, 28 Aug 2022 22:14:07 GMT
server: CDN77-Turbo
etag: "630be8af-339f"
x-77-nzt-ray: 4c156224c1345cb3f60560642aff4b25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-mayasiz-borek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame CADC 11 KB
11 KB 27ms
24ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/tavada-mayasiz-borek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c162654fd41397ba148ddb6c357b0659c843c1cd76bf366c1dbec08eaecc9bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 1680001
x-accel-date: 1682334581
content-length: 10966
x-77-nzt: AcO1qhH8DZb/gaIZAA
x-accel-expires: @1713870581
last-modified: Sat, 21 Dec 2019 21:54:13 GMT
server: CDN77-Turbo
etag: "5dfe9485-2ad6"
x-77-nzt-ray: 4c156224c1345cb3f60560645df34e25
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hamursuz-pizza-dilimleri-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/09/ Frame CADC 15 KB
16 KB 27ms
24ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/09/hamursuz-pizza-dilimleri-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8bb1f11b33513eeb6cecb02de3ad7a28953aec48e5cfc7145e7b53b4e576b046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2201411
x-accel-date: 1681813171
content-length: 15797
x-77-nzt: AcO1qhH1Z33/Q5chAA
x-accel-expires: @1713349171
last-modified: Sat, 26 Sep 2020 22:48:04 GMT
server: CDN77-Turbo
etag: "5f6fc524-3db5"
x-77-nzt-ray: 4c156224c1345cb3f605606443775225
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 siyah-zeytin-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/11/ Frame CADC 12 KB
13 KB 27ms
24ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/11/siyah-zeytin-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0c23f6a48bd83f8880c0b081d28bb96a001e5af3fab7edf77c9a79dc0d96e188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2202165
x-accel-date: 1681812417
content-length: 12681
x-77-nzt: AcO1qhFPyA//NZohAA
x-accel-expires: @1713348417
last-modified: Thu, 24 Nov 2022 22:40:17 GMT
server: CDN77-Turbo
etag: "637ff2d1-3189"
x-77-nzt-ray: 4c156224c1345cb3f605606491fb5525
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame CADC 5 KB
6 KB 77ms
17ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1684014582.cds211.am5.hn,1684014582.cds292.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame CADC 353 KB
114 KB 291ms
24ms Script
application/javascript 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 13 May 2023 21:49:42 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116356

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame CADC 465 B
584 B 78ms
19ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1684014582.cds211.am5.hn,1684014582.cds214.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame CADC 74 KB
26 KB 224ms
45ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 08:37:30 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame CADC 3 KB
2 KB 46ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df646ff35419e573335fbc000d6851e36e8cf171f0f4edb668fce4ca70cc06c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 21:49:42 GMT
content-md5: V3ln6JLBv2xUtUm/eKon2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: ukjkc5bbrpqd2HAoMtkVZxowoASf4KCnCrzOh0mMHM18y5U8JNVVqrgR3jVZwj2WG5DcTY3Q5BIIfcZa5OY/8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 048549fb753be6d4d5c3d20dd1c7bdef
cross-origin-opener-policy: same-origin-allow-popups
etag: "c18e51cce30f7edef8f3eb221f905976"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 13 May 2023 22:05:32 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame CADC 21 KB
21 KB 25ms
24ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 13 May 2023 21:49:42 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2205129
x-accel-date: 1681809453
content-length: 21525
x-77-nzt: AcO1qhGpChP/yaUhAA
x-accel-expires: @1713345453
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 4c156224c1345cb3f605606484575825
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame CADC 306 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=d42ca6c51329653fd715c63d38cb64be

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3cff69face0b2111b46bb2ebcee80a0c55ee03a9812561ca14fd3c4f24b3155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 21:49:42 GMT
content-md5: KuC72BsIBjEtd1V4f0a9wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88730
x-fb-rlafr: 0
x-fb-debug: QSPXMQQbJ6EBkLz6bKGCoXzpcZQbxtRVdiT3KHWf74zIZT/Om89ANdFWffN4rRWyY3XpLN8yUoPEJcYynMSi3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7cb8f340901ef33dcbf467e9e9d6b198
cross-origin-opener-policy: same-origin-allow-popups
etag: "eb2607f12615394b03929e1bee5c8afd"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), hid=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 May 2024 21:25:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame CADC 51 KB
21 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 21:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2682
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 13 May 2023 23:05:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CADC 75 KB
25 KB 243ms
144ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9257f817594a290c2ca86da071f2e7052e01eab3989f99fe4daa47b9328fdd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25435
x-xss-protection: 0
server: cafe
etag: 199 / 19490 / 31074557 / config-hash: 12209807291441061903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame CADC 120 B
306 B 42ms
42ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 547C 891 B
1 KB 42ms
42ms Document
text/html 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Sat, 13 May 2023 21:49:42 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CADC 137 KB
47 KB 185ms
101ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabcca2a301047fe044c52a4c75a169cd93827100011abbb89b9e7106dff21c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47816
x-xss-protection: 0
server: cafe
etag: 7029697870869657021
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:42 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame CADC 489 KB
182 KB 49ms
49ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame CADC 230 KB
57 KB 36ms
8ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:35:55 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 21:23:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 828
x-amz-server-side-encryption: AES256
etag: W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: DX5VY4DKwwODnrTFUnilQMGhGcfcd-LRXz9pzSwnz6DDj-IHjyp0aA==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame CADC 39 KB
7 KB 233ms
73ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1684014582891&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.3103069948000523
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 4c510fd8c5c5ccbe9be63baa32332c3b276a2c59ab7a4978b93c2371e3258510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame CADC 12 KB
2 KB 42ms
42ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19490
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: gzip
last-modified: Fri, 12 May 2023 21:52:47 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame CADC 49 KB
5 KB 212ms
55ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=467781
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 9aa75ddced4634afecb21268d1818d575393964de1e55bd0b3cd96c0ff5f7036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame CADC 2 KB
1 KB 55ms
6ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11723
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame CADC 0
306 B 8ms
7ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:03:07 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 20794
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 4VKYvWuFquPiJwI5xcV5OXGFEM5HnJXoPBic3YKKlWjjbRCGP2sPlQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CADC 6 KB
3 KB 24ms
7ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
date: Sat, 13 May 2023 21:16:52 GMT
x-amz-cf-pop: FRA2-C1
age: 1971
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 11 May 2023 21:16:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: VuKlbelFX_UIbTNP6BJE2afqoa2V9L6JUFU8ehXhbvlsaLApBtnmlw==

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame CADC 9 KB
3 KB 43ms
43ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame CADC 11 KB
5 KB 43ms
42ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=467781
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame CADC 17 KB
5 KB 90ms
15ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:23:26 GMT
content-encoding: gzip
age: 1577
x-guploader-uploadid: ADPycdu1nEgJWhxcaft20Udd2SDTkmEUtfTQjVgboRIfwhLMpNqh2pF4bIe2axHqRzZyJukCEfPAGroycNPBRbWgO7fOk6reNVkm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame CADC 0
209 B 43ms
43ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1684014583130&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.642415078892816
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:43 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/ Frame CADC 357 KB
120 KB 193ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074512

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f8d629de1ee84c6373a4ef069114dde822abf3c8836734f623d3805a06b5e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122875
x-xss-protection: 0
server: cafe
etag: 2715573643350976693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame B46A 10 KB
5 KB 124ms
40ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:34:14 GMT
etag: 15057649708203361565
expires: Sat, 27 May 2023 21:34:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame CADC 7 KB
3 KB 272ms
43ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19490
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 20 May 2023 21:49:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ Frame CADC 403 KB
125 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12557
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127561
x-xss-protection: 0
server: cafe
etag: 1000764176958695900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 12 May 2024 18:20:26 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame CADC 0
209 B 43ms
43ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1684014583180&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.9473524183504558
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:43 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 62E2 13 B
257 B 73ms
24ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Sat, 13 May 2023 21:49:43 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame CADC 483 B
1016 B 36ms
13ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 21:49:43 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 171912
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2J%2B14sNwbo39vRh3WNsC9qReVZi31AHWldwEWJhZta2XwiN8p6NoNpF3Qqw1wFWXgC13Nq48GGJnlfrxczTNkpjZesOsIcQ0hXy0XiEcsDqS5OldlK%2FFeIKmJIlt1SkIgZdn7M0KmALJZwI"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7c6e1ce9ef1d3836-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame CADC 23 B
354 B 897ms
434ms XHR
text/javascript 18.64.140.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=R0oeNSoIqu6UQ&cb=0&ws=1600x1200&v=23.505.1627&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.140.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-140-4.mct50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
via: 1.1 9648e05822820cc2f1496be50b69c468.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MCT50-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pDk8ttBwxxMUv7XDCDozIJ6fWQkB5a3AV0n6A8RXI2sHFewVRlV-Jw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame CADC 107 B
531 B 160ms
50ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CADC 107 B
456 B 131ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 22 KB
10 KB 313ms
313ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=3142797191179233&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014583341&lmt=1684014583&dlt=1684014582417&idt=886&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=25ztnff25vgq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3051062f96a1e43ca0288371519aeab5fde072e07a60ddf6e3082fae1ae3584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10375
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425219174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 31 KB
15 KB 263ms
263ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=2121986231142125&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_pageskin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1051%7C100x100%7C100x400&ifi=3&adks=3698513385&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014583349&lmt=1684014583&dlt=1684014582417&idt=886&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=5wbtrbpmanyj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=900&ohw=0&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343cd6aa06aa2b77454dbfd568635c4d1a03a256b65bed38ca44e6ff0209d3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15717
x-xss-protection: 0
google-lineitem-id: 6271164171
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430115743
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 93EF 6 KB
3 KB 210ms
73ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CADC 31 KB
10 KB 220ms
186ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b016bea34770f8247a6eea584435db123378042126b757749f934d3e66a4c11c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 May 2023 21:49:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5f422016-1d70-4be8-abcd-713c61ebe663
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST /
hb.emxdgt.com/ Frame CADC 0
0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame CADC 0
528 B 215ms
81ms XHR
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 hb Show response
cpm.programattik.com/ Frame CADC 0
141 B 181ms
50ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame CADC 0
141 B 181ms
50ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame CADC 0
142 B 180ms
50ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame CADC 24 B
397 B 512ms
172ms XHR
application/json 63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 557005b07e3a4d87e41c8b32e1f26cb0266715f2c65d1d61502e461e2964c198

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 May 2023 21:49:43 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame CADC 16 B
386 B 74ms
40ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sat, 13 May 2023 21:49:43 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CADC 0
212 B 149ms
20ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=32069161009&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 prebid Show response
mp.4dex.io/ Frame CADC 0
280 B 84ms
45ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7c6e1cea5a3591ea-FRA
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame CADC 173 B
399 B 93ms
9ms XHR
application/json 35.157.146.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.146.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-146-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7e30b71313eb2d6aa00f3a94a8c96d3622df566e1095c1aa51ad014c9d5b56f1

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-prebid: pbs-java/1.118.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CADC 12 KB
6 KB 172ms
113ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=e46698f2-06a1-4ed8-9a8d-b31709ee0707%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=05a12e29-fd9a-4381-ab54-e836fc39721d&l_pb_bid_id=3509f132edb1737&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9472714295793592
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a56d653c8ebfbd05aa525e7b528407e9da019eebd47465af1114fd94233dae9e

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CADC 12 KB
6 KB 163ms
105ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=e46698f2-06a1-4ed8-9a8d-b31709ee0707%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=b117a0ed-01c2-4866-838a-2c3f4b1bf039&l_pb_bid_id=36c2da792cca97f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12820297492908472
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b35f9d9addc149acaf7b5584296e9ba2786087b1af7661ad8290a171446df6bc

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CADC 12 KB
6 KB 211ms
154ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=e46698f2-06a1-4ed8-9a8d-b31709ee0707%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=818ba731-49e5-4c8e-a2e6-e7f5e1aabd3d&l_pb_bid_id=37c2f20a13b248e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3982612749779417
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 69a216b4db7e3a2b5f9c8e79270bad9e1b4224e0542f50ca2b0ed468444c08fe

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CADC 12 KB
6 KB 176ms
119ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=e46698f2-06a1-4ed8-9a8d-b31709ee0707%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=271077d1-045a-4dd0-9230-3e30cc730492&l_pb_bid_id=3896f8db2da1506&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6483019445197806
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5fcabddd145dec1fa28617362440eb2537774cfbd43e8a72b739446aebf689f1

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CADC 12 KB
6 KB 179ms
122ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=e46698f2-06a1-4ed8-9a8d-b31709ee0707%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f4ae2b59-3634-4038-9767-632fe34f0855&l_pb_bid_id=40dda807b04c6be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10087941298881153
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9650a7e132b3eed7d44c3753d5734c276c859bb530a0633a81a50ed8c01942f5

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CADC 38 KB
14 KB 233ms
207ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

15bac7f67ec8659a6d8ca88792a5b63b0887ac54e5ea46c34d2832f029446acf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 May 2023 21:49:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 182048ef-efeb-4d95-8fc3-2be3a051587d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame CADC 0
112 B 183ms
146ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame CADC 2 KB
2 KB 201ms
84ms XHR
application/json 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e69c632bae2be4b1b6fb037092335684de67adc0f032c7a4e18553a8e7543ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://ye-mek.net
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 110 KB
35 KB 370ms
369ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=2734100755357489&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=3967657422&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014583395&lmt=1684014583&dlt=1684014582417&idt=886&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=29eazhch0hzf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c7873a1453ffd0b085f7df8994281282a598e338d399b7042d36ca17d4da357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35953
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 22 KB
10 KB 539ms
539ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=2734100755357489&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=5&adks=4263857193&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014583398&lmt=1684014583&dlt=1684014582417&idt=886&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=wu2zyj1zbil9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1805b1653dad550fbd03e2603d7642e0d00932b30c4bf990bacc5ff7077953f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10469
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425927494
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 110 KB
35 KB 790ms
790ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=2734100755357489&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=6&adks=1811907176&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014583401&lmt=1684014583&dlt=1684014582417&idt=886&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ur5uz5fzucp5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2102803b8dcbeb86decf333ac756d87831eb7c764910e4beb7b83109bbb423dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35977
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame CADC 74 KB
24 KB 50ms
22ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 21:49:43 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NMYYQ26E7ASZD4GN
Age: 1511967
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: qVwmnnUaet5GOC0u0QNHEEcPDc+/iqAq9/yUcDGfDGEJItwcjB7L4ByLv69hSUOMX4H0I0lTdkg=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73iW%2B12t1DM%2B3%2BxShNJnSN6RKzWzd69aqMtotok7Xh5qafSaGlTatmd9Zg7VlMFd1SNmyf5qmm7Um3r8a%2FTjWUFPzWKEx15YBOb6u1q02YhAMNi2AueiSi3vnXG6RH2Py3oOw8rqKzDLPwjc"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 7c6e1cea7fdd1c0b-FRA

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1ECA 603 B
218 B 164ms
164ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583144&bpp=4&bdt=727&idt=295&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&nras=1&correlator=5224461814654&frm=24&ife=1&pv=2&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44773810%2C44759837%2C42532089%2C42532185%2C44759876%2C31074512%2C42531706%2C44785294%2C44788442%2C44790154&oid=2&pvsid=367862464275285&tmod=942239543&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.lg07cev6kelf&fsb=1&dtd=308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CADC 360 KB
121 KB 204ms
106ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame CADC 399 KB
128 KB 47ms
47ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/13/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
last-modified: Mon, 06 Mar 2023 16:42:16 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 20 May 2023 21:49:43 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 816C 42 B
65 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuBFgOx5SLc4gnaCUa_-Z6rKXZwC-n4NGM6LoYgDgw531pzD5mXmqEd80cDApJ9HirXSjVYicR7c-amNOfSH9_aNStXSyh0KbQ4MKfUBcMgOgohNgC_0A-MHmJoXsXvWdQtAfPtbFzN5rdMY3Z5eice6wnWXYLwyRNaSz1WSXXT_398yU&cry=1&dbm_d=AKAmf-Bd3xgzpHdusHdV9iApR6xOhC_bVuo6V7o8POG1EjPu7THdhHVqFf5wQ_Z1zA7AYLbVn_2PQhbeZZoMFKDojnUov_kVUeGmWdaiE207RMY8QZl_WgbAz1U6Zf03IX3ZLDJWAqhlgry7ZT-ZAdaB6oZ4syrpg9sca59RdqVtKavGc5gGyrKpOflQOQb8wYnnirU1090Skrk_fSBYwPawtqVyiv6-62gIxm2djBC8D1eMwbxrpiBogqKp_HwnIv9z_-KxsLc48dMgseU-y-sslvZ9JQXe8aOCZw8hE5DA7fwUla4tKQHQWxRA0ILUHKV-DKztWBflz1jhTRwTH9bYxsUfSFq6ux6fPpMw1pJI8pHk8g0jcxCv1JG83VkShfNHEKFDWzkkCoQ6C7Q8puDyCC6pOWFG0AjBT3XlW1XdjCsDhXy2derdCIeYcH7tne8F3mK6qNRKndjqqwrrCyIi4KVq-fD7vQ0GjYh7iSg3XwhtEVqEvBoswIFUk-ue2ATyi52jJ2JzNIs9sHXUIQGAbjbM6FES7p46sOyLSHocWncmCeVlk3V1ghg52-auCMMokE68AZ9-rpTH0yBfgyPmPSWPPDYCtB_taEb0rQrEaOF8bECub87HIE0mq2n1UaHasdLTAVCHryQYVjSFrh5viUPHbhu_jQUZ217K1U1SPghTeNvIAoxlley016v07vpE9CdBpNaU68y4Ek2JZ6LA1OqvJoEvaD-tvF5k3J4X2Qh7pE5shuR-W2FaFTI10EOGfiiGts5uevRYy_YbsJJn2SQRdRF3tg0ASZv-p5VD99OG-lye7kBvMstOIiKOhd5cQLylVNh927iz8JpeXeWUXhpSwW0Fb3WhGcAbaCg566muPGK8J342Ur_JvXe_QKK5hC2MJXQIncUTA2ZlYUj7OnX6bGDDvnI4nRBRPkfA9MoZenJTRPl-Ha-jsZZMC4u5a5011w5NvrVw0twbYFmmYhdO9-CaXjy_nTX7jR2_khas_1RWTrNmkMMsa7vmPM1LAhDWleq8haoMFHWWMQyOBZI9xEuv4KI4QAibnOOlZH1OsDMqe-1KD0vtgGhOt4nTKWc56gHEEQq-w15sb2CkMOvtWcEijg-4KzPzgx9lC3lsLmn8xgF6GqaMPf3GINiJhxe-vtuU9aOnuAHKGVNaE1MTt0sh07z3A_fi2efKVn8tO_AZ4_rfqz-JUb9PblrNsi-0yLepppadgv964toVbEnVcHLP7Q_va_buqiAvJ2hDqsWITB2_A0xA5Ftoej0vKwEB8nK8mC7m8dD-nJ3Mtxps1rKOTPNc86A4lIfZxG-mgTHIzfhr_ABYlMqfjez5Ozsii5IEZBR1ZOpLj0g50lP3xDFCnhQbN07BU-aJ19OTILnyj6MX2iJ7btr8FwjC8jMdee6KJXR9YSBvUHvQUmoKUEXo70UpjXflYo0PcWbzpQrCb6NCy8WhCwQ3LEHSFdV-TcCMWMzdohCruLNQFdhFQQWgklSXlvOWI4VlYNQ7_dVfJdbvrUqtSI7GLBgkEvC6iPPQ9pnfb9X5vWRMblBXlI3t4DMvKsaWaGXDZ5dlspPxExLZdGnpXWXr3_zdnUiLEZ7gtmlcY4-FQ7wy0Fi64X-WvkrKOEkoTeyWUmxojlfsRT_Ep_QlI9_m8C3E8O1ZuKaO7mHqENg2YaV29wftvvbJpp66OcDW2_nN-xbvSHNXchhEhYeHJ22xJFqjECPnFxFuYWrlsJWQu0IeNHwomit3qPXCFwFyOMWN4qoDByRBzgceKHi1Qz77liQgkWc3nQIJYS78y5Cfxe2OpydMb4hE_bNPz0KYhLDegTD_BCoFjPn-MerS8TAdVeJ_9zxC3BYTeBiLl4NlvZ7nMZaC3o9FU7UkZQWR1hKmheIoFPsJnPbpDgbdJi8wQtHgp1_5PsTWuCKQw8gOeAFLvuqwQP6JRLxsbGaTG4KS-f1yGEXTuPgBGa7MHVCVrRqzSjFcQbPxgQ3YWzz8Xc-LLAdWGoGZmhiONsJunYPiNQMEhjeSHWl_7bw5MxLSu8G_GrVID6aK4vIg9A8zI3AuE2WOw5oCaDB5TfBWJXcMaiOqMkz6P80wPYXbc-fjY4meFIBF86NC4-fig0jnrYp3VmebbN_HsZDZR7siFo1L5f4i6BCYSCCBQ8K9K-cm04SZpGt5hR42ugU1k0XZxAqYcqkHWaRLmKQumkn1ObZOz45hsgIszoRjGRhWC4ChZq_V-S_U6yOOFpUUhXgWTjGYBB4bGgLHdLq6NvSc-JVY0tREfX1YRwvp3cMp09CG_X_f7Ywblm5lhoV_h41RnlyJakKtof3Gsnd2KP0x-LQGlogB5qFcJ_JrQTCsyCGCL3cBL4PfUl67DjXRM16i1Rbw7QZi0Cklc2wzT8pJJO_VZuk2iwfozN2iZ_xnN2nEFUogb5hvCBy4eSqJrOQSGX7G9yTJGdKMtL3wUarrHDjM798Kq3Yc04QBp9RhZnIk441vqiImQLjuThP5XbrhovQ4HZDBJ4hHKldCT1papNZ1DLua9WqNUvuQFT2kZQ-lXuBHyjV4Y0qtfr3Vj7d_YG7z9nysigJzUgDy6Sa9enGfFxaNQ_VCoH2K-9LbnfjPI0SQPCprnQ6iu8DNOaHrh75kQJRnlMGtNDKM4p_3pdFr7vpmTwKKpF553Vc-EZoS9wpvJpOaa7Ex2686PfpdKE8L_tzEcORqxdGGfBDPVZ5eUQo-_c4hibObCM6HPnifmL184cfQYfvbJC8eGrB_HCFlKjmWGNrx4Q22IDoGSwo3Lp1YBb2eXTqrRqaV9GGL8WyFftzaMkD0K5wCgTof0osZnHCdhGp91GDQrSDDt7t0NMER-vNQbVi48UDM7P6N0d9X62OOo0WY2d_iKiHIGEsf7GeE5j8CjT2dQCxvkRBYaA4po2_s1iSe8ZPoxT-PDVXBlYtQ1FD7orvPhOOMYoJ5Z-TvXJ4Vj4OTvoc3Vow9Fv69YnY2TzHfKhO0qrF5gT0vtP6QMmL0Sl9lV5KmW7th2Rhp0fdjnE_G4Dym2C1ebBkGG0GNLAK3TapsxddDhI4S3xLgefGMMlhHDNDBSCcl27gfuoyoqldiYOFAWQcdA7ZX3NnJwZUYJYHoaW9GvQuDWfBuAgQvykK77fGBjIloXOEBSEgWf_32YgHFIoGvCft-4AjFSkJRxsBqFvFeqmQMbBg3E2lu2kpxtYyIXFbc6v1DIruf6pKzVFyrZSxaRjtOOu-X8CRqLkoiY4-euR4NKyB51VvvO529pivl9NCbF9bMtPOmLl2EFui3uw6WXtm7pba9cQyUNSyu_xn6XwLJqH13cC2nGz9prxI3kMxFthk7TJ6_CmWSpzWqe1GkDJjIruUGngVoaj1xMOWHdq95SYZO4Ns_MVfMEdltiuRCNmvJiC6USffnyBL5-eexaeOeFHnr_fXewwM9ChZ8xuXJdkL2tdvLzkz9dKUfZvaTUhojNLtsz-h1ch6ktTZVlSXIhcMD2uOT82sEaD3U3N_peJd9TNFGPNLS9OaBVSZAncl5E-piJS8x5l0iUx3jWTejclqFH6TEkawwDcGK4cMxSunGmKeJ9XvmElWGgCf1LTMdjSSssCvhKTy36-3w53dXwXXghVMNGd4BaVLZAaDW5-YXYzp0Ci5NlDvVeYwVkjxrOtL8w1i4UDLrjv0JUzHf-85b9uGK8hROuFvT70ufF8zqCkutSDRAsyrrfpNpcPxjwfCnn3KAmTdnQOTNExZpkJF8WioliQUSykjdsEP7sgyDRPLFOZWIOclU5abEysXHrnd6k4t2RjuhUX1VhUaimHrCwGvkyq4N08wa0nsYLl4YJsz7Ni6xmrxISySeOQmAPSK5fezkdL8Rbl3Uja5MeIBLvMOqdMXO9eAHJaeksRz7JJkspGwJ03NxWJCG_uey0AYQGFIljXBFG1kzOSQSmMec0D-GJrkvCe_XMR2bSlanKRAZojRqqmRzDwtb9-V5Hr6ickGqnxdxWq72vxVGZwUoHlYPs_e7oDQ41wWZCzd8kmy6VqAbmKhF1Y-yjkawp0_hSRLajP3BfieYdP_hgtMTZYcSEPK3F_enpP2QHmKkR56v487DaYhvRNW4NIAaFgIWZp9K_o7vuxKkDw9wGoewGRLa7CQczyMX1n5_XOoneNxPE0KxNZNWXt93tDnb9T5EeGarUAUUVp_0_xF20NcXh-Ww1M2vtsoZ1VTwGvM3iMgMgiX4YkkVUMiwX7oHKBFfyUbtP2TFuGvO5HFpFP6Mv98&cid=CAQSLQBygQiDyfu692e6P71IPXdnAbtzxETbf99PqA4mK6vuHwZsZzVraUO4-_YkxBgB

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 816C 169 KB
53 KB 185ms
97ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H2 200 adview Show response
ng2.virgul.com/ Frame 71DA 1 KB
1 KB 152ms
43ms Document
text/html 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1684014582891&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83&vmn=60b91f99e4b0b65b3ce7bc5b___153493579667981
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cc293992814b485909a9e35df9fa4654590b6280c140f44b33fdb7ce089367c5

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ye-mek.net
content-length: 1129
content-type: text/html
date: Sat, 13 May 2023 21:49:43 GMT
expires: Tue, 04 Jan 2022 10:49:40 GMT
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server: openresty/1.15.8.3

GET
H2 200 mobile_sound_on.gif
static.virgul.com/theme/mockups/icons/ Frame CADC 19 KB
19 KB 43ms
42ms Image
image/gif 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.virgul.com/theme/mockups/icons/mobile_sound_on.gif
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d3b45b06882fe1aa9b47a8d88df978f19ce55a249840cc1b44eed3974a0fcd6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 21:49:43 GMT
last-modified: Fri, 29 Jan 2021 08:57:46 GMT
server: openresty/1.15.8.3
accept-ranges: bytes
content-length: 19674
content-type: image/gif

GET
H2 200 mobile_sound_off.png
static.virgul.com/theme/mockups/icons/ Frame CADC 18 KB
18 KB 42ms
42ms Image
image/png 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.virgul.com/theme/mockups/icons/mobile_sound_off.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5aa2370fd272d30acd5cb39f9b191a243d55a2adab6f0d7ff1950c39f028d331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 21:49:43 GMT
last-modified: Fri, 29 Jan 2021 08:57:44 GMT
server: openresty/1.15.8.3
accept-ranges: bytes
content-length: 17986
content-type: image/png

GET
H2 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4DBE 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

206

Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame CADC
Redirect Chain

https://rek.izlesene.com/mockups/philips/Philips_utu_DB.mp4
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4

80 KB
0

278ms
42ms

Media
video/mp4

185.7.176.218
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Server: 185.7.176.218 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
last-modified: Wed, 19 Apr 2023 06:23:17 GMT
server: openresty/1.15.8.3
x-amz-request-id: tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type: video/mp4
Content-Range: bytes 0-2913708/2913709
cache-control: max-age=5184000
Content-Length: 2913709

Redirect headers

location: https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
date: Sat, 13 May 2023 21:49:44 GMT
cache-control: max-age=0
content-type: text/html
server: openresty/1.15.8.3
content-length: 151
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4DBE 24 KB
7 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 May 2024 14:52:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4DBE 136 KB
47 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d823485c575eea7e16cd00971760cf2d287c1a323f8ef754e601872d2d7278e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Origin: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47505
x-xss-protection: 0
server: cafe
etag: 13965611109237782495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DBE 169 KB
52 KB 167ms
158ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H3 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F42 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 60b91f99e4b0b65b3ce7bc5b
ng.virgul.com/tck/imp/ Frame 71DA 0
212 B 43ms
43ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/60b91f99e4b0b65b3ce7bc5b?userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83&mt=1684014582891&sdr=&et=&r=153493@site_geneli@yemek_net:site_geneli&l=&info=&t=banner:153493@site_geneli@yemek_net:site_geneli&os=&c=&cs=1684014583798
Requested by: Host: ng2.virgul.com
URL: https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1684014582891&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83&vmn=60b91f99e4b0b65b3ce7bc5b___153493579667981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ng2.virgul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ng2.virgul.com
date: Sat, 13 May 2023 21:49:43 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 css
fonts.googleapis.com/ Frame 9F42 4 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 20:33:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H2

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 9F42
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
9 KB

38ms
38ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 19:41:57 GMT
x-content-type-options: nosniff
age: 7666
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 19:41:57 GMT

Redirect headers

date: Sat, 13 May 2023 09:29:48 GMT
x-content-type-options: nosniff
server: cafe
age: 44395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 09:29:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9F42 2 KB
910 B 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 20:51:52 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9F42 0
0 89ms
89ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRCLZ9wVgZPjLHJaW7_UP8OK8sA3vg8Shbr_Ir6y_DszHmqb9CBABIMCygmtgleKQgqAHoAGwuqHXA8gBCakCuEm_tTNnsj7gAgCoAwHIA8sEqgT9AU_Q86ce5Gre0EOVE_3V8pM2n_r9ID-GjspXCt5Hckx0MgidD4hE_-Vdfq-UzH2sgEBgBw2WQ3_U_VcN698TZLEZhlXeZHTScplfU1Lay-sk-LderFbzdAcYx4fbvif1sE51aV4H3AJl8KSLEGs-bC4SIm2LjbUHT5GbcsX7ZOvAdcEKGTMyk7aV0VLKeSoLcFPRBAiR662Vh1ofzaD3osTE2D75cfW_TkYIGObmXzMlxZdawy96tjVWB19X39YtS84mWcs8hu-vrWC9hK_zliAxhDwqmaFEr2FsFR2HD4JeT3Vd4ltckgCOAGaK6NHP9KkyaK2hBf4aw74Fh33ABMmYqargA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMH5BdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=4YSzzQNlPQE&uach_m=[UACH]&cid=CAQSbQBygQiDzgD0yzvCW7cozCcrF0OA38P-APzqg-yXsbsUBVDzj9rsTUu3xgGoPAiFV2mc42ZEmI3MZPOK7uMvixgVUD-qsc7tDjazuL3EvjrKaTGcRtRr8wIYDmPm_Gb6KESjiIqQxCtDYci41IoYAQ&template_id=494
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 9F42 22 KB
9 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9F42 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:20:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9F42 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F42 169 KB
52 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:43 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 9F42 32 KB
14 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DBE 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpNV9AmAS_mGrJh1VUMiQWL37fpGEX054Dagu_4x-SGg8OQ3yBk-lP7tWMwWQcF-PPiofYfrL6YUqfx8dle-re1mgRVOuQeo-wpi13UL1tFfQXeKrVK8INfyi7hrIIriCavjigwYZzyg_B3k_0P9Z1fTE9h-zk2xQgcS8qAqDkyqCwH6QSEOMP2COPi82FNRij70OOvkCI46EHIH7xlcZ9wJAuvRNbDUeawTOVG5W1XezMJHiBYwbkOD8cj9BWIzG8qP9xkiZyA8pyWGphqidV15Q7-_D_nUF-Zk4Fzm4c8besYParZOP-2SqhI1qnqazXIKqgGzI9zRJXVJLsmdASUri93y7OqZvUVyS_YHTljiRskdE&sai=AMfl-YT0vyqTHxa6VgA0LjOxeCUtnMqohMU87ghp67xeC_yvP7n4HDKFIV8sfR4FVK1srF0--f3dNHUuFvn3kCXvIYPLrkMdVrN5o7ggXt7f6GQ&sig=Cg0ArKJSzFPQbPbFsYy7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ Frame 4DBE 356 KB
120 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2901b2ca5b6d9b061f062dacc26083909055eb585bc49f9d623deaf2e900e89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122684
x-xss-protection: 0
server: cafe
etag: 16321356732330657822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:43 GMT

GET
DATA 200
OK truncated
/ Frame 4DBE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55551eddb075a142b33b1bf7b5cb65981a38aeabcc11a31c5fdca58efabd3e06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 816C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 782f9af14580affd41dce037f614897034dedf3124bd123ed471eb0c2f5a4f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 816C 0
0 165ms
88ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszZiGAnL8-Trb49Wkmk7bU5syB5KmmTVxao13VaKg6fdALlqWJhmk53gglglYy_p_abG20-ALKyIKdDFae5q_xSN6x4UOEQT76hhFZVve1Lzq6hvSWVTDXvTHHlKLYN_U0Us_NpEvRJAV-zlkqr7qBNjCe5eQXXNC-KYvoOWMZX6Wc3IvqbAH4JG_a_h3eUim85G204N_r4NIesZmdN9cm1EZvDGeGSx6jf-oRi72UaW0km19972N8wMAdkyJI2Y9QON7bYnQP1iNzJbiY--ugvTFXvp6s0sy_KE6877sP9E-4eE9qbq6U4dipMSSmLM68XpcZs_os_yYjSiDbGhJtUDbbrvw&sai=AMfl-YQJrv6bPiq75FnsGqixv4WBNmCXeLudr8TTH7bXd_CtV-BjgAgB6S5TQAxPmBapfLrRGcSSkRxK0mGtC0VjNZxud_Y_f9oPyF_qXxcqv8I&sig=Cg0ArKJSzG4LPg2GPamiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H3 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EF8 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7EF8 24 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 May 2024 14:52:15 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7EF8 137 KB
47 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5de1b2430abd27f9db06143f6a4734c3f89e96de9fec7e0a658a738183b21f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Origin: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47669
x-xss-protection: 0
server: cafe
etag: 7892779847915558135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EF8 169 KB
52 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H2 200 6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame CADC 0
209 B 45ms
45ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684014582891&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:44 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F8B 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7EF8 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXbDyouLtFryjnylbHw5QS_JwIjEfs_zz3Bi0j-t20ZiungtE1C4a76I8RRpG-sL1b-3mYo6uA9m2cjeIkj5T2-GtbbDwCA7zTTf9GzV8x3RDg2Nw5QCu3oQWSkdWQe5-Zp3xAHcKouNW-1ItQtyAvWmanxFYg9huheopSWR4eMRgifn9VOR9ca6TgnnSf0E7f-rD8QJ9AFA0XAFPAkBI2QmkG71vUNSbo-q8GqXhSDa5SJzlXjGjNFGTJ1y6xrZPdCh2phQIawOneboDr-OT217YDbHjYNe2gK0OAeoQOByB4rWi7QgN0HXeSCQoLETxCqPtiSdspoDY4VkOB2vF03OjS0ehICg&sai=AMfl-YSGWcw7tGsPxD4B9hI8KkaqGDm7LxpV82YNBIoGilnm39q6xCSbg_pYn6-GlCSCRbDTNxE2pdPjF76hh1jgUzvJ75TD09iAdDP6haiKIeZ_ip43xMwygCuV7N6-vJfJbnY9g5xkPkP-tdKcDqKACkGc4UKP0vh0EkIXwXoDS_zdk5xznkhwz8Vg9FjAl-yF&sig=Cg0ArKJSzBbmYHJlQPIYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4DBE 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4DBE 107 B
165 B 47ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4911 0
16 B 289ms
288ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583885&bpp=8&bdt=152&idt=305&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=6073340010786&frm=8&ife=1&pv=2&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.jmp1qwj7kzyu&fsb=1&dtd=320

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3F3 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4DC9 29 KB
13 KB 488ms
487ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583893&bpp=1&bdt=161&idt=341&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6073340010786&frm=8&ife=1&pv=1&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fx0svvsiyrpu&fsb=1&dtd=346

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20018c09714ea0f3101b7fc7f1fc0f00125fc5998c0f4fe09272d90c904061e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13181
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/ Frame 7EF8 357 KB
120 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com&bust=31074512

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09e71a55b96e55227518f8a75ccfed95462bccae6d41a7e776691775f9687238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122863
x-xss-protection: 0
server: cafe
etag: 3806932121576722951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame CADC 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CADC 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 31 KB
14 KB 366ms
366ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=2942795560836049&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=345722362&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.31%26hb_adid%3D59f4e03034f9ecb%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.31%26hb_adid_rubicon%3D59f4e03034f9ecb%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D0.31&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014584274&lmt=1684014584&dlt=1684014582417&idt=886&adxs=436&adys=1480&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=whdch0e0gmk1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=976&psts=ABHeCvgWltcCR7QO-EaoWXbRcl-VmXSULbOjDNg4tgpeobvb2Df-E4146gV88_2WSvbJ8u64lZMnyVpnCr5a-ThySQ%2CABHeCvhPFSMyuzcWp1eWhk7VT-jKqlJe0GARXpQUJ9-1iMIjr8vX0AyMawqMDisetgqcVN2CCKCP8ieepy3PK_R2PA%2CABHeCvinFZ7vcyzQtAM7X97fYDrhyg85FmvWoOv8-77IN350CKHbAiaE2_m_-6WM3vQ_-B75OUqCwykoWlG6bRBLxA&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a836d01527415c3297ded2d0ccd19692d8d16a8823261ec49ef03a6ec1f2cd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13863
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 112 KB
39 KB 410ms
409ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=330619217374171&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=456810305&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.31%26hb_adid%3D565a420e1c77757%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.31%26hb_adid_rubicon%3D565a420e1c77757%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D0.31&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014584281&lmt=1684014584&dlt=1684014582417&idt=886&adxs=436&adys=842&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=shsmloifkaut&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=976&psts=ABHeCvgWltcCR7QO-EaoWXbRcl-VmXSULbOjDNg4tgpeobvb2Df-E4146gV88_2WSvbJ8u64lZMnyVpnCr5a-ThySQ%2CABHeCvhPFSMyuzcWp1eWhk7VT-jKqlJe0GARXpQUJ9-1iMIjr8vX0AyMawqMDisetgqcVN2CCKCP8ieepy3PK_R2PA%2CABHeCvinFZ7vcyzQtAM7X97fYDrhyg85FmvWoOv8-77IN350CKHbAiaE2_m_-6WM3vQ_-B75OUqCwykoWlG6bRBLxA&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67c97c75fe9d3daa0e1c32ce6444440634c28048156b3d9719caaf143c3fa6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40186
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CADC 112 KB
39 KB 434ms
434ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=367862464275285&correlator=1473015351533579&eid=31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=2157304621&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.31%26hb_adid%3D57ba94725c79f5e%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.31%26hb_adid_rubicon%3D57ba94725c79f5e%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D0.31&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684014582891%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c1fd289-0279-4aa9-817c-0014b89f0a83%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c1fd28902794aa9817c0014b89f0a83&sc=1&cdm=ye-mek.net&abxe=1&dt=1684014584285&lmt=1684014584&dlt=1684014582417&idt=886&adxs=436&adys=2118&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=8fs21ni2l8fb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=976&psts=ABHeCvgWltcCR7QO-EaoWXbRcl-VmXSULbOjDNg4tgpeobvb2Df-E4146gV88_2WSvbJ8u64lZMnyVpnCr5a-ThySQ%2CABHeCvhPFSMyuzcWp1eWhk7VT-jKqlJe0GARXpQUJ9-1iMIjr8vX0AyMawqMDisetgqcVN2CCKCP8ieepy3PK_R2PA%2CABHeCvinFZ7vcyzQtAM7X97fYDrhyg85FmvWoOv8-77IN350CKHbAiaE2_m_-6WM3vQ_-B75OUqCwykoWlG6bRBLxA&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a5ca7849d87a28554ddc05be8ef1cc663d99a2aa40d7100e5ad1de683569188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39916
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E3F3 4 KB
751 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 20:51:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame E3F3
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

38ms
38ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 19:41:57 GMT
x-content-type-options: nosniff
age: 7667
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 19:41:57 GMT

Redirect headers

date: Sat, 13 May 2023 09:29:48 GMT
x-content-type-options: nosniff
server: cafe
age: 44396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 09:29:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E3F3 2 KB
765 B 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 20:51:52 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E3F3 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CX81z9wVgZMuiN6GP7_UPwO2guAbvg8Shbr_Ir6y_DszHmqb9CBABIMCygmtgleKQgqAHoAGwuqHXA8gBCakCuEm_tTNnsj7gAgCoAwHIA8sEqgT9AU_QAOCqFm3IwVMgz8LJZP5k2_TySvEaTChBdRs4pZjl5tDQqdJHQkk2KTlfzF3Uj4ZxAnrVZlzkNpA1KGpJsyOOgxiFelbus43zRGfgeT5bs9tw8yDXp5ERT5ABss7DTprRDB9THIhjcRfjM6Bzgsf7HZcxgYa2_Npg2JTuQe5F5IP49BXEWkg0fqP0nsShFqXzW6M-YX6KwzZSbcJ-VT26fDvEHQBRxOyz4KSo_4N0FIfHGhdGd72sOuHHx_xCs7kfhM2hYQIuVX1ET8RKq-KZBAhaeocInsEwIsVbB_HSOZFAdGVRdQr_F947ivki9YXDJxrknAacYmOYVbDABMmYqargA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEI_MA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=lAEuM5GaISA&uach_m=[UACH]&cid=CAQSbQBygQiDQr5nFpPghf5zPDi_8INcvx3OnF9hDp0krl_jZ9oGFpt9Vo0cfbvmIXMXzht52pSfw82ZfcipD9R-78TKAZNNlGuZFj7VvvN6VRG_9ZcYlEkQXBag-Ro5jzNFHiAayvMCGhTOiXVJNTYYAQ&template_id=494
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame E3F3 22 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E3F3 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:20:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E3F3 19 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3F3 169 KB
52 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame E3F3 32 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 84E2 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7EF8 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7EF8 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F84E 0
16 B 228ms
228ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407278883&plat=1%3A147968%2C2%3A147968%2C3%3A2163200%2C4%3A2163200%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584248&bpp=2&bdt=255&idt=203&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&nras=1&correlator=4772026716901&frm=8&ife=1&pv=2&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.btohwpkkshpk&fsb=1&dtd=217

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EFCA 27 KB
12 KB 427ms
427ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acebe1d8f0f6e2238421115b044649a3fe25a49b2b60b7097be09dc3618d971c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame CADC 29 KB
30 KB 75ms
75ms Media
video/mp4 185.7.176.218
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.218 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a9baef98a9f2b4098a8e9e4c62b30f1d89054be3b7dbca5058a7f13fe95a1887

Request headers

Referer: https://ye-mek.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=2883584-

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
last-modified: Wed, 19 Apr 2023 06:23:17 GMT
server: openresty/1.15.8.3
x-amz-request-id: tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type: video/mp4
Content-Range: bytes 2883584-2913708/2913709
cache-control: max-age=5184000
Content-Length: 30125

GET
H2 206 Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame CADC 3 MB
3 MB 42ms
42ms Media
video/mp4 185.7.176.218
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.218 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 879ae7bc7101bb41ed1115bdc0acddffcbab22d393dcfb0327f989ae728f0fea

Request headers

Referer: https://ye-mek.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=65536-

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
last-modified: Wed, 19 Apr 2023 06:23:17 GMT
server: openresty/1.15.8.3
x-amz-request-id: tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type: video/mp4
Content-Range: bytes 65536-2913708/2913709
cache-control: max-age=5184000
Content-Length: 2848173

GET
H3 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5457 6 KB
3 KB 42ms
42ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E42E 2 KB
3 KB 54ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g09mtzf1cta6pbw3ez997fr33c1v5rh47c1w8813deyhcjavk88k5b96k3vez5tkqa4s4x6wpa26yf21gp1ab40648gcqnwjshkwa1k737cp92fkfcdngghqbqtrxzs3acm5ckxb9za11fw52rvxk9q5je7yeq30ac874e7j2w3r2nwq6nj2vswygexfhqqt5y55kc860z1bpnvnhngscmxfywy365jhwxxpycdtxe4dmf1dr8sn2sj8fr89dsk5nvyd0xzt4rkq8gdjj64t95t1vzwkxjb3817apm1tsx5z4nvjzpdxfvr3zbzmz42pcj9mqgphse4szzxng59tg0yab58sjq6gmsmnbmr40jw8zzpg1yw3925yxbqzcj35zrvp9eq85mxpw8g6xq79hbp841qzz5z91g2dez1s3js8zsyypvc05s5arbb0a8e1ygvanycd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5bde439f5e72e4ab133dbb3434e5d8705e60ae119ccc11d71eec5a386f5b700

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c6e1cf29c9d2c71-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:44 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5457 3 KB
1 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:20:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7183 1 KB
643 B 41ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 03:51:22 GMT
etag: 48472445140208031
expires: Sun, 14 May 2023 03:51:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5457 19 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5457 24 KB
6 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 May 2024 14:52:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5457 169 KB
52 KB 109ms
107ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H3 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 01A5 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame 4DC9 43 KB
44 KB 83ms
25ms Image
image/png 2600:9000:218d:e200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NTIzNzJGNjNCQ0I3NDJCMDMxMERFMjAzRDg0RUM0NTN8R0ZMN01mbkRteXwxNjg0MDE0NTg0NTA1fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0yMzQ1NTY5MzdfRVh8Mzg4ODJ8fHx8LjBQfFVTRA&ei=GOOGLE_CONTENTNETWORK&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjc4ODE4Mjc0fElBQjgtOCMwLjUyMDUwNzYzfElBQjgtNyMwLjE1MzgzNzU2fElBQjgtOSMwLjA1MTYzNDUxNw&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1684014584512&c=DE&r=G-HE&epid=R0N5ZS1tZWsubmV0&mi=d2Vi&wp_exchange=NWP

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583893&bpp=1&bdt=161&idt=341&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6073340010786&frm=8&ife=1&pv=1&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fx0svvsiyrpu&fsb=1&dtd=346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218d:e200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date: Sat, 13 May 2023 07:36:11 GMT
via: 1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: CDG50-P2
age: 52780
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 44534
x-amz-meta-height: 90
content-length: 44534
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "ccf751b21647e448aa5dadd8c05f5ac6"
vary: Accept-Encoding
content-type: image/png
cache-control: must-revalidate
accept-ranges: bytes
x-amz-cf-id: jSX8PSSxFYrgtgJk1Y-dWWkljF6vJDb4krHewzsJMyvDL7eF2CEW9w==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 4DC9 95 B
918 B 174ms
35ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=1736853188617732
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583893&bpp=1&bdt=161&idt=341&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6073340010786&frm=8&ife=1&pv=1&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fx0svvsiyrpu&fsb=1&dtd=346
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Philippines, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 21:49:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Tue, 10 May 2033 21:49:43 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 4DC9 5 KB
3 KB 72ms
7ms Script
text/javascript 192.229.233.53
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=NTIzNzJGNjNCQ0I3NDJCMDMxMERFMjAzRDg0RUM0NTN8R0ZMN01mbkRteXwxNjg0MDE0NTg0NTA1fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0yMzQ1NTY5MzdfRVh8Mzg4ODJ8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEBhehcnpdb1zG4wywoMHIzY&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
last-modified: Wed, 23 Feb 2022 16:57:18 GMT
server: ECS (frb/67DF)
age: 276579
etag: "3321997696"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
content-length: 2391
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 4DC9 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:20:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 4DC9 19 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DC9 169 KB
52 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H3 200 container.html Show response
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BFE 6 KB
3 KB 43ms
43ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:43 GMT
expires: Sun, 12 May 2024 21:49:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4DC9 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHzoG-AVgZJe2FIa77wL9tIigCbqItI9cnNfu7qkIwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwGqBNIBT9DCre4KTVhS8RvzdcmWmkQI53V29qVf_i7hqWOKyFCN11PEWtLqv_WxMHUTvRLL2tU4DR2bte0UsVKvdCFvXH8xuAfKr3NuD7jmV4KKTpbce3jeidQB_0pBtjd0hgqc9YFPT97b-ry2voDJMrWr1EaboqVeoUmUpS9kvWm0U0zZkQtLaC4Msj0EfIhrKbBcAMLy_XQGg6OvYG-o06wPc3g37sdhjX7U3DKvSmkmQ-N5wvFF3K_42y8nmSZiEydGDP1BcJABlKpXZjcEwAiBIjwSgAbRyaWX66WWlesBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTkzNTIzMjEwMDEwMTU0GAA&sigh=spa4W6JHjcY&uach_m=[UACH]&cid=CAQSKQBygQiD_9if6nDZRtdMy3dJ6aTCCdhs27UIZJPmSUcl8T8VHiwseVsoGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583893&bpp=1&bdt=161&idt=341&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6073340010786&frm=8&ife=1&pv=1&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fx0svvsiyrpu&fsb=1&dtd=346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 21:49:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 4DC9 42 B
582 B 75ms
8ms Fetch
image/gif 3.67.108.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NTIzNzJGNjNCQ0I3NDJCMDMxMERFMjAzRDg0RUM0NTN8R0ZMN01mbkRteXwxNjg0MDE0NTg0NTA1fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0yMzQ1NTY5MzdfRVh8Mzg4ODJ8fHx8LjBQfFVTRA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZGAF-AAFGxcKW92GAAIafS2LGbjYIU2sqy97lQ&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjc4ODE4Mjc0fElBQjgtOCMwLjUyMDUwNzYzfElBQjgtNyMwLjE1MzgzNzU2fElBQjgtOSMwLjA1MTYzNDUxNw&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1684014584512&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=1736853188617732&epid=R0N5ZS1tZWsubmV0&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1jYU9UR0ZnRw&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VCaGVoY25wZGIxekc0d3l3b01ISXpZ&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=xLIQ_IXsqCYdUPyWp5QZVQ&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEBhehcnpdb1zG4wywoMHIzY&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.108.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-108-165.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E42E 103 KB
13 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g09mtzf1cta6pbw3ez997fr33c1v5rh47c1w8813deyhcjavk88k5b96k3vez5tkqa4s4x6wpa26yf21gp1ab40648gcqnwjshkwa1k737cp92fkfcdngghqbqtrxzs3acm5ckxb9za11fw52rvxk9q5je7yeq30ac874e7j2w3r2nwq6nj2vswygexfhqqt5y55kc860z1bpnvnhngscmxfywy365jhwxxpycdtxe4dmf1dr8sn2sj8fr89dsk5nvyd0xzt4rkq8gdjj64t95t1vzwkxjb3817apm1tsx5z4nvjzpdxfvr3zbzmz42pcj9mqgphse4szzxng59tg0yab58sjq6gmsmnbmr40jw8zzpg1yw3925yxbqzcj35zrvp9eq85mxpw8g6xq79hbp841qzz5z91g2dez1s3js8zsyypvc05s5arbb0a8e1ygvanycd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g09mtzf1cta6pbw3ez997fr33c1v5rh47c1w8813deyhcjavk88k5b96k3vez5tkqa4s4x6wpa26yf21gp1ab40648gcqnwjshkwa1k737cp92fkfcdngghqbqtrxzs3acm5ckxb9za11fw52rvxk9q5je7yeq30ac874e7j2w3r2nwq6nj2vswygexfhqqt5y55kc860z1bpnvnhngscmxfywy365jhwxxpycdtxe4dmf1dr8sn2sj8fr89dsk5nvyd0xzt4rkq8gdjj64t95t1vzwkxjb3817apm1tsx5z4nvjzpdxfvr3zbzmz42pcj9mqgphse4szzxng59tg0yab58sjq6gmsmnbmr40jw8zzpg1yw3925yxbqzcj35zrvp9eq85mxpw8g6xq79hbp841qzz5z91g2dez1s3js8zsyypvc05s5arbb0a8e1ygvanycd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 454228
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOyY0H26egkQBQ1rSsMxbazb86oC8MY6f0eh6%2FjY%2FDE8QwYTHesOSBqlz%2BmMIyl5%2FiA3qdQ8JbtmKfWXOI2%2F7v3VLk7NslrBWD%2BLFatn%2BGBiRRbGIUA91EgV%2BbPlVXE8cK2Ee%2FozeKc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c6e1cf2dcd32c71-FRA
expires: Sat, 13 May 2023 22:49:44 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E42E 25 KB
10 KB 28ms
18ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g09mtzf1cta6pbw3ez997fr33c1v5rh47c1w8813deyhcjavk88k5b96k3vez5tkqa4s4x6wpa26yf21gp1ab40648gcqnwjshkwa1k737cp92fkfcdngghqbqtrxzs3acm5ckxb9za11fw52rvxk9q5je7yeq30ac874e7j2w3r2nwq6nj2vswygexfhqqt5y55kc860z1bpnvnhngscmxfywy365jhwxxpycdtxe4dmf1dr8sn2sj8fr89dsk5nvyd0xzt4rkq8gdjj64t95t1vzwkxjb3817apm1tsx5z4nvjzpdxfvr3zbzmz42pcj9mqgphse4szzxng59tg0yab58sjq6gmsmnbmr40jw8zzpg1yw3925yxbqzcj35zrvp9eq85mxpw8g6xq79hbp841qzz5z91g2dez1s3js8zsyypvc05s5arbb0a8e1ygvanycd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 186257
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAe4GoFr9hLmAt38s%2FDxnl%2BUsh97kpLWrBx5OMNpo02ZPyaf64t2GV9WUqIX3zRJjpWHT7V9WBj%2Fq0mF4QrdzIca7sktFeFq9Z8g%2FFFNS%2BhJ0bz7Mr1vS2eD6cqOO67ExBOB45w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7c6e1cf2ecda2c71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 13:46:06 GMT

GET
H3 200 5c132af01198b79277f9291767bd072e.js Show response
www.gstatic.com/mysidia/ Frame 01A5 8 KB
4 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3651
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:41:10 GMT

GET
H3 200 044a83e5da670341b3efea50f0ca4b53.js Show response
www.gstatic.com/mysidia/ Frame 01A5 18 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7569
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:41:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 01A5 2 KB
765 B 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 20:51:52 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 01A5 6 KB
2 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Mon, 08 May 2023 23:51:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 16:22:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 01A5 22 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 01A5 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:20:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 01A5 19 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 01A5 0
0 139ms
49ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrm1T9RrK6hoivk1D17rOyiPAg_N4yHZlVGPRxuurPBIxrZlUQEprkaufBVSkeq1dzcEDYxC3_-boftz9DZqqDItkpWw
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01A5 169 KB
52 KB 85ms
82ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 01A5 32 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
DATA 200
OK truncated
/ Frame 5457 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99cb2e33917289977b17e739b5597e0dd95bd2d3230c987161689b6ae236bf3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7183
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBFXifxmhtsHAbqC1boSxCk&google_cver=1&google_push=ATf1kGNWVRhAliBQeQ9pFaVPwLCfPzyv_HerhLprkWJTDNaupprh8iKOjvQZl_ARhCkezDbTDeF1JiZP5frOLc...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGNWVRhAliBQeQ9pFaVPwLCfPzyv_HerhLprkWJTDNaupprh8iKOjvQZl_ARhCkezDbTDeF1JiZP5frOLcCpHc...

170 B
232 B

95ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGNWVRhAliBQeQ9pFaVPwLCfPzyv_HerhLprkWJTDNaupprh8iKOjvQZl_ARhCkezDbTDeF1JiZP5frOLcCpHcMSyyz2yAU

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGNWVRhAliBQeQ9pFaVPwLCfPzyv_HerhLprkWJTDNaupprh8iKOjvQZl_ARhCkezDbTDeF1JiZP5frOLcCpHcMSyyz2yAU
Date: Sat, 13 May 2023 21:49:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 7183 43 B
208 B 298ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIt89UfhfdgGOJfpXUmXGtM&google_cver=1&google_push=ATf1kGPeDBfbgpxyT_oEUhNWbP81Bbc0g6ND-tdCdlPZvQC20xRBhNws15_ThLwNgSZK1OT8g_Be9eKW78j_jzL0cEryMd8BmlQ
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: g6dkqcm2gsiutp12alqt653unre2chco

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7183
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

53ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOua8Yih7XD_9TEqgxOxv_k72CCFswx0jr-hbgWCx723Er7umeRvYSUfqvIJ2jaMErKPYmywx8jMoqOQbafh9vFd9mFtw

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOua8Yih7XD_9TEqgxOxv_k72CCFswx0jr-hbgWCx723Er7umeRvYSUfqvIJ2jaMErKPYmywx8jMoqOQbafh9vFd9mFtw
date: Sat, 13 May 2023 21:49:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7183
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECgKPV-cbZVeMtmwjIq9nu4&google_cver=1&google_push=ATf1kGPXLf6S31FINupCCcFH0VDdKREOyIA0f2vsraOqxmh1JZnMHZ_3PxNPPu7Y5cl_I0V25Jhbx6WgvcvMRkYN...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPXLf6S31FINupCCcFH0VDdKREOyIA0f2vsraOqxmh1JZnMHZ_3PxNPPu7Y5cl_I0V25Jhbx6WgvcvMRkYNKChsZM3_N9w

170 B
329 B

65ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPXLf6S31FINupCCcFH0VDdKREOyIA0f2vsraOqxmh1JZnMHZ_3PxNPPu7Y5cl_I0V25Jhbx6WgvcvMRkYNKChsZM3_N9w

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 May 2023 21:49:44 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPXLf6S31FINupCCcFH0VDdKREOyIA0f2vsraOqxmh1JZnMHZ_3PxNPPu7Y5cl_I0V25Jhbx6WgvcvMRkYNKChsZM3_N9w
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: wu_0ALmV-UPyhmykh_o2aWfJ8OWRXcMcWLxxAehLtACQXgMVdODpLw==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7183
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKEhmtsszSb8-4TjIXBsH6Y&google_cver=1&google_push=ATf1kGOWLcbLaO0Jy10uHjui3T_nZpjM1gizv2JCGDzDDMSnggzx1BlL3dWJQQ9vrRtcOkUurjHMh0p7rV2Q...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOWLcbLaO0Jy10uHjui3T_nZpjM1gizv2JCGDzDDMSnggzx1BlL3dWJQQ9vrRtcOkUurjHMh0p7rV2Qvmcj_NHHo7qlrbg

170 B
232 B

53ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOWLcbLaO0Jy10uHjui3T_nZpjM1gizv2JCGDzDDMSnggzx1BlL3dWJQQ9vrRtcOkUurjHMh0p7rV2Qvmcj_NHHo7qlrbg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOWLcbLaO0Jy10uHjui3T_nZpjM1gizv2JCGDzDDMSnggzx1BlL3dWJQQ9vrRtcOkUurjHMh0p7rV2Qvmcj_NHHo7qlrbg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 7183
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEDXkgzTcLJvqtvScv-OB8v8&google_cver=1&google_push=ATf1kGOdLmTV8Z3XQ7IFWnhSeTSbJKY3CDEciUsWR0-WefyCI-a1EE0zL_AZ-YQfINCVv3CSe5ZZe7xwdB9MpV_B8wqw6FexXz3w
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOdLmTV8Z3XQ7IFWnhSeTSbJKY3CDEciUsWR0-WefyC...

43 B
1 KB

48ms
16ms

Image
image/gif

162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOdLmTV8Z3XQ7IFWnhSeTSbJKY3CDEciUsWR0-WefyCI-a1EE0zL_AZ-YQfINCVv3CSe5ZZe7xwdB9MpV_B8wqw6FexXz3w

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

HTTP/1.1

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 13 May 2023 21:49:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sat, 13 May 2023 21:49:45 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOdLmTV8Z3XQ7IFWnhSeTSbJKY3CDEciUsWR0-WefyCI-a1EE0zL_AZ-YQfINCVv3CSe5ZZe7xwdB9MpV_B8wqw6FexXz3w
x-download-options: noopen
vary: Accept
content-length: 271
x-xss-protection: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 7183
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKEhmtsszSb8-4TjIXBsH6Y&google_cver=1&google_push=ATf1kGNRint4a8okAe_Z3IxFxQOLabbnoz2SLuln02sNCkUSCSDnCo9VlbNRwBUEVhDsYsQ8OLYFG3ArFd5...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNRint4a8okAe_Z3IxFxQOLabbnoz2SLuln02sNCkUSCSDnCo9VlbNRwBUEVhDsYsQ8OLYFG3ArFd5ZTabdBvzEqkRmo1b3
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

10ms
9ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7183 0
139 B 158ms
49ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVUz7zh1IFI_mwIQOX1zA6H7c40U4bHz0RzyiMRGNJWHcjQuHVEejJDUNd67xTH7T5EAX063w

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 5c132af01198b79277f9291767bd072e.js Show response
www.gstatic.com/mysidia/ Frame 0BFE 8 KB
4 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3651
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:41:10 GMT

GET
H3 200 044a83e5da670341b3efea50f0ca4b53.js Show response
www.gstatic.com/mysidia/ Frame 0BFE 18 KB
7 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7569
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:41:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0BFE 2 KB
765 B 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 20:51:52 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 0BFE 6 KB
2 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Mon, 08 May 2023 23:51:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 16:22:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 0BFE 22 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0BFE 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:20:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0BFE 19 KB
8 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0BFE 0
0 61ms
49ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHTHP5N-bHGBbcrB_SdE7gzzpHh8T0rkHqswKcVngn6ceXvEMrf7MuONBKKrKPVBhdI4yrBaw4AEkHxj54fkze_YHi7g
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BFE 169 KB
52 KB 104ms
102ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:44 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 0BFE 32 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E42E 3 KB
4 KB 62ms
23ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1286
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9dRVV6tAuqBY%2BUziNd54p3Yhipf8cmP93N3epO6kOL3xLIJyMU3jSmWPN3dXF8UxfVSfWx4CeDCEz5wCCQpfIucpu%2F6ZMOLFTQwiBxZSGZNBnCpuwCizYPaxk4iMD3NkiJdHLCG5VxeWghtCEnpfN3W"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7c6e1cf37b1490f4-FRA
expires: Sat, 13 May 2023 21:50:41 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5F5A 2 KB
1 KB 24ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2025834
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7c6e1cf33d969bfa-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 13 May 2023 21:49:44 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rHWz3P33thwVFXWGXvFZazDGg3Xxu4n2FYm3KB%2BMweN6JwSn9Cv0oob6wpIMYCL73Aek7oAwkdxTEZ%2BkNjiJhO%2BykLWNQhhy6G%2F%2BU8Tt1hVLLmHi7TDxnxZJq4c2rbbCoF%2FLpk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK analytics.js Show response
s.h.w55c.net/2/948461/ Frame 4DC9 6 KB
3 KB 128ms
29ms Script
text/javascript 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=NTIzNzJGNjNCQ0I3NDJCMDMxMERFMjAzRDg0RUM0NTN8R0ZMN01mbkRteXwxNjg0MDE0NTg0NTA1fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0yMzQ1NTY5MzdfRVh8Mzg4ODJ8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEBhehcnpdb1zG4wywoMHIzY&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-191-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0183f8a8f97586c18fffd7e1b6576aef66dadc086af955e25432c813d282a343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2890
Expires: 0

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame CADC 89 KB
29 KB 398ms
198ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5816361503823898501/ Frame 01A5 8 KB
8 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5816361503823898501/14763004658117789537?w=195&h=102

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983d5108c0a060b4e1fc208c4313015045fcbd65788c410f8c82871dbb7c2e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:10:59 GMT
x-content-type-options: nosniff
age: 175125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7812
x-xss-protection: 0
last-modified: Thu, 04 May 2023 15:33:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 May 2024 21:10:59 GMT

GET
DATA 200
OK truncated
/ Frame 01A5 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 01A5 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cew0D-AVgZMjCFeWh9u8P-du_aJKZ4bRwn9_qwJ0Rz8makp4BEAEgwLKCa2CV4pCCoAegAbDssswDyAEGqQK5DqrQN5hrPuACAKgDAcgDywSqBPoBT9BNLAKyNGoSxNz_y2r2V6VJKWBk33DY5gHOVyAKI6adFgBJvm5HJCXIRUTIbZhAb0t16fUI8AW3lcZQRTLkPoiUg5vajRxla4KK7dqbNVocjZNBOJJSS00f6WTRtKsL6m0oJMRPbz_5lLPqO9xPK2ev-ekKkYex9wYmRi5nlgZl0oPGF4VQkNctYGH-P6Hcc6cqKFdTw8yBJBcwTp0AJ5tD40NDbbWqAZN6w8-vj_mMBCTkxtzJ4H3eWOC-uQnxiZPcOejWG-iRtXLrmUC8FNPMoSI9RQZnu6OJBfNZ15ZznE-Zr5XqpLPf8PBLtFFTzlUNrrLFSje_VMAEoZmyq68E4AQBoAY3gAe4k80zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQz48E0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTA4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=tzvqEgu8P-U&uach_m=[UACH]&cid=CAQSOwBygQiD8bFxL0bF7LJCT2m76rnvsyOvWxDO8Lt7_qaZJhdh_g0pAllFdKddY2Dzs6FW6LqD2Yn7i5dqGAE&template_id=492
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5C09 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 03:51:22 GMT
etag: 48472445140208031
expires: Sun, 14 May 2023 03:51:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5D13 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 03:51:22 GMT
etag: 48472445140208031
expires: Sun, 14 May 2023 03:51:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5457 0
0 83ms
82ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CG3s5-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEmQJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr-zn_ngc0PFPKIRR_0m9FVmI9-XTd6bQutfFk4r6AMkt1xuyHq70uAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=p63VdtHLNvo&uach_m=[UACH]&cid=CAQSOwBygQiD8aV2Wu6moCaF-DaCs1P3i5uraIdV3DJqW6Kcg2Bl9GPGDQ159FSWoRS7LUluMgaEMFlx2izkGAE&cbvp=2&vis=1
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5457 0
39 B 62ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hccybk59q4hjsbarmyyswe814pbcs2mn0ssxtqfm1megbkhcp1am7d6ndvfcqq4s8143age52gh2z3wnsdpp8jhf6fjgm4nsnv45a8gm79mt79fgtnm19r058x8ek2b966244jtq61vd3azsq3vrsrvkbhqmt7jx1eqhqwq7xk5z6na8eabefdkfjm7r7qnpz5dp16bbxzq91dgt282x2grbkpvdqp7k5befvy874yty3gvxcrfn64etrgrpqreesmfh6mcsdbch8fs9vve1zsrg4pdzjtxdvqhhtcab9h2dt3q3qshx5pc0bh2vfkvvbbmf2hs735asyz3yek417jmvb8r1pv9g4e9h5dmw3tbf5nwbrefjj1cwww4q4xwp4t7rt20gfe449v7&b=ZGAF-AAFWkIH_ZARAAl-csOOj5AyMKLWCuWu9Q&cbvp=2
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 21:49:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EFCA 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:20:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EFCA 19 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 18:05:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EFCA 0
0 48ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0p0eMrdQaBp9Wkevni8wFQ7gFLtkTYWA2tVfC2n7oKJZ_TdKC8wm9xRVCWqwPiDTed-IFimjqLUYX8wC-xx0kUG_2jQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFCA 169 KB
52 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 21:49:45 GMT

GET
DATA 200
OK truncated
/ Frame 4DC9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 885b3db13c38792c0b9550a4953bd44c906df00f3fe4a2f0ad76ccd419e0f09c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 01A5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 265bef9dab46c2b5382aeccf89156ee653960894ceaef2b2973a351a598b8cce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5816361503823898501/ Frame 0BFE 8 KB
8 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5816361503823898501/14763004658117789537?w=195&h=102

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983d5108c0a060b4e1fc208c4313015045fcbd65788c410f8c82871dbb7c2e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:10:59 GMT
x-content-type-options: nosniff
age: 175125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7812
x-xss-protection: 0
last-modified: Thu, 04 May 2023 15:33:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 May 2024 21:10:59 GMT

GET
DATA 200
OK truncated
/ Frame 0BFE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0BFE 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDvHv-AVgZN7FFc2V7_UP6fWN2A2SmeG0cJ_f6sCdEc_JmpKeARABIMCygmtgleKQgqAHoAGw7LLMA8gBBqkCuQ6q0DeYaz7gAgCoAwHIA8sEqgT6AU_QZ0U-9h2u9l81YXZln-qV2SQl4gCuBHO7TBD-hyvJQcNI0OJy9oRT5ntbvx3V15Yllq4qe8SaTTHcSNY4_7LNyuzjKCD7GLDVJvmcERLuclUYh4rmy3PcmPbBPsbM6YkROBLjxHx8taGhdNn83YqhdKTePJQ9YGXlzbVOJ_D3Qx7XKUStsAE9AXG4H92Y2KCdR5Hf-OKcHfhy-XsehwErdPlTknzLuW_PuULxSurll4vw1JXxVY0C5tPg-zeDO-hTocB1UFrhPeAbTu9rWUZahqsJ23PuejXX9dhB35R_RjlmSGUwfxch6etn7nt8nBq5EkzD5iFNpEfABKGZsquvBOAEAaAGN4AHuJPNM6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL7VAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=vHWbmGDYxuw&uach_m=[UACH]&cid=CAQSOwBygQiD71M8wrYlNRUw1c9fzrbQZScNh4uwxAaz2gRTWVjlvq5S1eCMDKjCnSm35xHZf5BIG_qiGBnbGAE&template_id=492
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D541 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 03:51:22 GMT
etag: 48472445140208031
expires: Sun, 14 May 2023 03:51:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame CADC 0
209 B 42ms
42ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684014582891&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:44 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EFCA 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CojLb-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTTAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHNlZ_2gAeEC2vL7Ep84MREpkzr7qheZN87XywES_QjV02Badh9QGiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=GN8FZ80mtVk&uach_m=[UACH]&cid=CAQSKQBygQiDJLgh_dtooKDudAKqbYOR_kIL7QbVzBkcMCRYfu7BNTZnRN2hGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EFCA 0
0 22ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hpgr92j21gjcdvset2rj2adenmfm6gpkydb4aq74fmf11mb1gsg7m9zzkbb2s2wbx3m2whygv7qqn85eyb7kn7zqpptzvbpra6y31sz1n9877ptcm87v5wkcm7neh9b6vzjdwwprpy67ajm83kt0jyhncb45be8qkv10enyteh7090x0bk7tyfcspgf8a6g9t291gjfpk7g28kfn9767vpzd0e3971ccgxz55k3p440k9fnejvkz7503nez18vdq0sz0s3v5h7mc8bb17fh3t9v4ysdrwfsxnpam8gkw1tqp74pdw575qa0339rqmtwhnwwqgr0ed7ftcz1c1cqv69e3d9evcm7rz2s1nv6v49jh3a4kmx17sjz0k6z479jahvszvd4dx7q6bwz&b=ZGAF-AAIm7cKW9MCAA7-3RKJCV52hjba3BETww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 21:49:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame E153 2 KB
2 KB 43ms
42ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kbvbcwg5gqey3nzwy7hhkjrz04x4vq7rhxp0xay54nqq4zs92qfyaxtdb531cpd010s0qp7h46g1adybx560b7hgq8m1yxayexgzdmygb6yh4t7vkynwg5ctd2x284cy8y1nh9c79x3hnrwnyc23eq7w9qxf5na7hx31khre8mwxk07rr07ehv6jj1dyjjneg4wn1rjvnnqypd9jdza5qyww7bp9382r9e21mc9pkxmd8xjbcy3px5ate59qt7srjxaskzvwm12bae1bjf30t5gb51r8aenpxz8nbvtxv1d5xgy7dem81cjq4kgt619g5p78j9gps7nzsaqk65y7p5ezdbxfhqhenkj1gmqmr8tmv7d2jygzdjcqm23jjb5xcpx5menpb7236v6akyzvxb51g75bwc8kyfxche8m0ag9dje1m3xfebe0j461h5tyc8a2sgvcz10&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95bd2395464ef8f12e83461e82515fc342ca683b0b82224c75859de8adadb132

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c6e1cf41e789bfa-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2CAF 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 03:51:22 GMT
etag: 48472445140208031
expires: Sun, 14 May 2023 03:51:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 816C 42 B
64 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszbD_xqlS5PbJCtpomdykpXQXcv4JUqOwbjojv5xMwYM4uNoeGQjDYuNth8WdGNzYMDDiq4C8bUonjeQtwBorf6exVl--61_JBoI2R6AwLMoFgPRO0I9hzVepdmRjSGWvzQn0t9ypO7vDIfuQ91cKWGmUXCH03dnLWtCi9nmu-3SUrdjAKS-yc5MS4m6ddku7gmBNOtvUJJMm9ZpeGJ5iJUTig7wpYMhHnL7E&sai=AMfl-YT_a6CFiH2irBCdchqYZhuqyHbzjKFP5KjusR5alLB4RwO7hDHnQW_5X0H4RB_tRRuMfaj4ZiJtl_3DPcMRu-n_2pCAkpSgd9kkhjp-&sig=Cg0ArKJSzJvKjh9hcQjqEAE&id=lidar2&mcvt=1059&p=0,0,100,100&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3698513385&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684014583650&rpt=285&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01A5 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBjcyOHg5MAoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAA1QDAECg0QAyEAAACYmXllQDAECg0QCiEAAAAAzMz0PzAECg0QDSEAAAAAAAAAADAECgwQHioGNzI4eDkwMAQKDBAZKgY3Mjh4OTAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAmJm5ZUAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAQ0AwBAoNEAUhAAAAAADAZUAwBAoNEBAhAAAAAAASp0AwBAoNEBEhAAAAAOD-8UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAzMzcckAwBBIaQ01pZTQ1aWo4XzRDRmVXUV9RY2QtZTBQRFEiFXRleHQvamVhbl9ncmV5X3YyX29jaCgE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0BFE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a68c838373d2c5ccfde545f6b49b8cdc40af29a83f62e848a09bbb9d882e3f22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E153 103 KB
13 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbvbcwg5gqey3nzwy7hhkjrz04x4vq7rhxp0xay54nqq4zs92qfyaxtdb531cpd010s0qp7h46g1adybx560b7hgq8m1yxayexgzdmygb6yh4t7vkynwg5ctd2x284cy8y1nh9c79x3hnrwnyc23eq7w9qxf5na7hx31khre8mwxk07rr07ehv6jj1dyjjneg4wn1rjvnnqypd9jdza5qyww7bp9382r9e21mc9pkxmd8xjbcy3px5ate59qt7srjxaskzvwm12bae1bjf30t5gb51r8aenpxz8nbvtxv1d5xgy7dem81cjq4kgt619g5p78j9gps7nzsaqk65y7p5ezdbxfhqhenkj1gmqmr8tmv7d2jygzdjcqm23jjb5xcpx5menpb7236v6akyzvxb51g75bwc8kyfxche8m0ag9dje1m3xfebe0j461h5tyc8a2sgvcz10&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kbvbcwg5gqey3nzwy7hhkjrz04x4vq7rhxp0xay54nqq4zs92qfyaxtdb531cpd010s0qp7h46g1adybx560b7hgq8m1yxayexgzdmygb6yh4t7vkynwg5ctd2x284cy8y1nh9c79x3hnrwnyc23eq7w9qxf5na7hx31khre8mwxk07rr07ehv6jj1dyjjneg4wn1rjvnnqypd9jdza5qyww7bp9382r9e21mc9pkxmd8xjbcy3px5ate59qt7srjxaskzvwm12bae1bjf30t5gb51r8aenpxz8nbvtxv1d5xgy7dem81cjq4kgt619g5p78j9gps7nzsaqk65y7p5ezdbxfhqhenkj1gmqmr8tmv7d2jygzdjcqm23jjb5xcpx5menpb7236v6akyzvxb51g75bwc8kyfxche8m0ag9dje1m3xfebe0j461h5tyc8a2sgvcz10&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 454229
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8qSQXeUkJGIPD55yAF2GqCdouSERPiqaB5EtGQ7Gq2R5enTHKoC93ggiUrZnyMhwajvj5qNeEmCJ2Y7Rd9qklFGAuOWHBIkvav4S5lT22VDPD3DRNGj3dhNkwqVIhzbn04mE0JmrKU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c6e1cf48eef9bfa-FRA
expires: Sat, 13 May 2023 22:49:45 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame E153 25 KB
10 KB 19ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbvbcwg5gqey3nzwy7hhkjrz04x4vq7rhxp0xay54nqq4zs92qfyaxtdb531cpd010s0qp7h46g1adybx560b7hgq8m1yxayexgzdmygb6yh4t7vkynwg5ctd2x284cy8y1nh9c79x3hnrwnyc23eq7w9qxf5na7hx31khre8mwxk07rr07ehv6jj1dyjjneg4wn1rjvnnqypd9jdza5qyww7bp9382r9e21mc9pkxmd8xjbcy3px5ate59qt7srjxaskzvwm12bae1bjf30t5gb51r8aenpxz8nbvtxv1d5xgy7dem81cjq4kgt619g5p78j9gps7nzsaqk65y7p5ezdbxfhqhenkj1gmqmr8tmv7d2jygzdjcqm23jjb5xcpx5menpb7236v6akyzvxb51g75bwc8kyfxche8m0ag9dje1m3xfebe0j461h5tyc8a2sgvcz10&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 447973
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqtRcyLAeTBLu8REM15b1MZFQyZ7R2hWw0Z6XoD12rsSLhxCq4rT0HaTwYdHduQf30NGuxdvLoGOH3dv8WKqmToITg8mV%2FveR2ZRgrcL9tBDNstXnaDZxpw%2Fn%2F%2Fkt7me0bhbiXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7c6e1cf48ef19bfa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 02 May 2023 13:46:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C09
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGP45KnXRvqpBU6wCAIVrxEizZgDh7Cd7ny6fWIOuQ8r3lTVHW0ndW...

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGP45KnXRvqpBU6wCAIVrxEizZgDh7Cd7ny6fWIOuQ8r3lTVHW0ndWg8zSflBnIzMb3HH9VqXIYVKS_WJJGJASdKfEEQlBZKBQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230051-FRA
pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684014585.073953,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGP45KnXRvqpBU6wCAIVrxEizZgDh7Cd7ny6fWIOuQ8r3lTVHW0ndWg8zSflBnIzMb3HH9VqXIYVKS_WJJGJASdKfEEQlBZKBQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5C09 43 B
134 B 55ms
22ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIt89UfhfdgGOJfpXUmXGtM&google_cver=1&google_push=ATf1kGPcLk8GvqILaiZtfN2xBdZa25ScFGgDx08uxMT-EhcLaNgnlmyLJHVj8Ph_TBKlZWWWeHQiVJPLL3c2fabryGY4pAqdSwZnGw
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 17akgusrb0m7kll96c70hhdp3kgspatc

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5C09
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

56ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGN8EMF5lhm37X9zBCS-ZTT6jjfwIwPwS4lQoDjyCL7kESbjG1pUyWMiLzT3n8VXAxF3AzfVQcdHpAb4Hic3WFS4pZPOfAhhhg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGN8EMF5lhm37X9zBCS-ZTT6jjfwIwPwS4lQoDjyCL7kESbjG1pUyWMiLzT3n8VXAxF3AzfVQcdHpAb4Hic3WFS4pZPOfAhhhg
date: Sat, 13 May 2023 21:49:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C09
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-24af462b-e7e6-472b-a16d-d04536375f51-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPxip-pMTko-0WBVi8M_...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw&google_hm=AySvRivn5kcroW3QRTY3X1E

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw&google_hm=AySvRivn5kcroW3QRTY3X1E

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPxip-pMTko-0WBVi8M_cugLmI7jQTfVxk_Tk78njvGRoi3aOhJ4XBjJFoC1qNN8FdiAUc_r06UJQPfHDI0ldF9FoqtDqawnw&google_hm=AySvRivn5kcroW3QRTY3X1E
date: Sat, 13 May 2023 21:49:45 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX24af462be7e6472ba16dd04536375f51003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 5C09 0
75 B 111ms
20ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJBvMScx9YyPjtu8phaiPJk&google_cver=1&google_push=ATf1kGOdswuf6E6PZo5PehssuvOwKQoYMHbrEqy1S3gX_XFDWDWFTEaQsKKRH1YH93O06QtzT4iQZucdqL37DjekjW8-9yyrro69
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:44 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C09
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAWfkeJsci718o8Acg1Vsgk&google_cver=1&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2cfQaXySgyLzjBj1Cd8...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAWfkeJsci718o8Acg1Vsgk&google_cver=1&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2cfQaXySgyLzjBj1Cd8...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XTkpTaWNSRTJ1RXBoNWZrdEs2RXVvbDlSeUlrU3RRan5B&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2c...

170 B
188 B

54ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XTkpTaWNSRTJ1RXBoNWZrdEs2RXVvbDlSeUlrU3RRan5B&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2cfQaXySgyLzjBj1Cd87KgyUnonJWBCdlHVU0SKWWFyP0avE

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XTkpTaWNSRTJ1RXBoNWZrdEs2RXVvbDlSeUlrU3RRan5B&google_push=ATf1kGNx4OuSSSwqdeN7yS2ip9sOETuAYyacx7r1EujynqaNRyg1Z6N2cfQaXySgyLzjBj1Cd87KgyUnonJWBCdlHVU0SKWWFyP0avE
date: Sat, 13 May 2023 21:49:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C09
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEB1Y9F4by...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEB1...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c2f0f786-d413-4d32-978f-7dcad1e420a7&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c2f0f786-d413-4d32-978f-7dcad1e420a7&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c2f0f786-d413-4d32-978f-7dcad1e420a7&%%GOOGLE_PUSH_PAIR%%
date: Sat, 13 May 2023 21:49:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5C09 0
40 B 50ms
49ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEo9qfaQ6k3s4uQ6d3gDTwRRbzb-iBsmyXpw732IjbrhSmQxnUAEIzevQ-I_CmaQJnigllDyY

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5D13
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOXMLxEXB2FJLA9HxCV9J4Q&google_cver=1&google_push=ATf1kGO-VHt4b7uTh7R49WDA56wwsyzh3rprjbCbGK2k3pFIZgcrchx6lxKeQLgYE7DBk9fxQa7P1nfDxOw2nc8fcDtsvRzAjOA7bmI
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE1MDA0ODQyNzg2MTgyOTkxNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOXMLxEXB2FJLA9HxCV9J4Q&google_cver=1

43 B
398 B

56ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOXMLxEXB2FJLA9HxCV9J4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583893&bpp=1&bdt=161&idt=341&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6073340010786&frm=8&ife=1&pv=1&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fx0svvsiyrpu&fsb=1&dtd=346
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOXMLxEXB2FJLA9HxCV9J4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5D13 0
103 B 85ms
29ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC2XQRigih9DPdOc_1wxZxc&google_cver=1&google_push=ATf1kGNyfjv1CAVBvS5JWnT39-MI3t9OkGvOAb6WZZCQ3xGvSGbGb1MMZFzuJjCbsH2PQXNdkuT7DOhwLJtYVntImyrgBXLjdua9-p4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583893&bpp=1&bdt=161&idt=341&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6073340010786&frm=8&ife=1&pv=1&ga_vid=226848913.1684014584&ga_sid=1684014584&ga_hid=324655263&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3718169941&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759875%2C44759926%2C31074469%2C44788442%2C44792013%2C44792088%2C44789333&oid=2&pvsid=3610766118061132&tmod=1825455874&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fx0svvsiyrpu&fsb=1&dtd=346
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5D13
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEH7_kbnGkVbNfznpoWlUOQg&google_cver=1&google_push=ATf1kGNLQMC5V7Lh_nLrj_rm1bgga-sxfIJ-lKujGm2ZncVzrvaX7a3w1TTy_1-oUTrqfakNgSwnoab-eEIxsMdWstO0-tLjbh6nUeY
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNLQMC5V7Lh_nLrj_rm1bgga-sxfIJ-lKujGm2ZncVzrvaX7a3w1TTy_1-oUTrqfakNgSwnoab-eEIxsMdWstO0-tLjbh6nUeY&google_hm=Q0FFU0VIN19rYm5Ha1...

170 B
232 B

54ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNLQMC5V7Lh_nLrj_rm1bgga-sxfIJ-lKujGm2ZncVzrvaX7a3w1TTy_1-oUTrqfakNgSwnoab-eEIxsMdWstO0-tLjbh6nUeY&google_hm=Q0FFU0VIN19rYm5Ha1ZiTmZ6bnBvV2xVT1Fn

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:44 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNLQMC5V7Lh_nLrj_rm1bgga-sxfIJ-lKujGm2ZncVzrvaX7a3w1TTy_1-oUTrqfakNgSwnoab-eEIxsMdWstO0-tLjbh6nUeY&google_hm=Q0FFU0VIN19rYm5Ha1ZiTmZ6bnBvV2xVT1Fn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D13
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGMjcYGM...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGMjcYGM...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MTMyMTQ5NDUwMDA4MjYzODg0MjI1MA%3D%3D&google_push=ATf1kGMjcYGMPjDh4X8T_Max3DIa6ZU5JOl4YOPAmmOqZL69jVBuTiX8wSf7DcznYyrfWs...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MTMyMTQ5NDUwMDA4MjYzODg0MjI1MA%3D%3D&google_push=ATf1kGMjcYGMPjDh4X8T_Max3DIa6ZU5JOl4YOPAmmOqZL69jVBuTiX8wSf7DcznYyrfWsI_mfsavVKagp1kGgWBchodA2YJqGcKNd4

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MTMyMTQ5NDUwMDA4MjYzODg0MjI1MA%3D%3D&google_push=ATf1kGMjcYGMPjDh4X8T_Max3DIa6ZU5JOl4YOPAmmOqZL69jVBuTiX8wSf7DcznYyrfWsI_mfsavVKagp1kGgWBchodA2YJqGcKNd4
pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 13 May 2023 21:49:45 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D13
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEJyTrXw2C4GtInJXV1dH7A&google_cver=1&google_push=ATf1kGNxvyD74I6DpMJVXK7f9XUMacIMAdhr4MLn34oscCWeZp9UuCOdMeqq2xRDz_EZmV8OfOaaYW090k_HGcJ3rk6kvKA...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNxvyD74I6DpMJVXK7f9XUMacIMAdhr4MLn34oscCWeZp9UuCOdMeqq2xRDz_EZmV8OfOaaYW090k_HGcJ3rk6kvKAaZvK4UXs&google_hm=eS1yZ2xTdXpKRTJwRmQ...

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNxvyD74I6DpMJVXK7f9XUMacIMAdhr4MLn34oscCWeZp9UuCOdMeqq2xRDz_EZmV8OfOaaYW090k_HGcJ3rk6kvKAaZvK4UXs&google_hm=eS1yZ2xTdXpKRTJwRmQzSTdiajBYYkxyVnJMb1ZEanhYQ35B

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 May 2023 21:49:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNxvyD74I6DpMJVXK7f9XUMacIMAdhr4MLn34oscCWeZp9UuCOdMeqq2xRDz_EZmV8OfOaaYW090k_HGcJ3rk6kvKAaZvK4UXs&google_hm=eS1yZ2xTdXpKRTJwRmQzSTdiajBYYkxyVnJMb1ZEanhYQ35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5D13
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

57ms
55ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNsEMutnUVEmbYYBX037bGhZqR9d-HTKy7qaFcqoKMyb0oM0vLZY29NxBUPI0ZZAsgOMEa1yqwZKLIuvjQKk70lkl3d4N6QDg

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNsEMutnUVEmbYYBX037bGhZqR9d-HTKy7qaFcqoKMyb0oM0vLZY29NxBUPI0ZZAsgOMEa1yqwZKLIuvjQKk70lkl3d4N6QDg
date: Sat, 13 May 2023 21:49:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D13
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGOGsp5eQ4e-zALr2fl0-9SDbDPqMmH6H...

170 B
188 B

53ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGOGsp5eQ4e-zALr2fl0-9SDbDPqMmH6H6rrcz8eE9pfaI7cZ0jzpdbr0wz4cMAkHzilY15yangUbF0Wrzl_4ZN1tosk1-BBD6s

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGOGsp5eQ4e-zALr2fl0-9SDbDPqMmH6H6rrcz8eE9pfaI7cZ0jzpdbr0wz4cMAkHzilY15yangUbF0Wrzl_4ZN1tosk1-BBD6s
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5D13 0
49 B 50ms
49ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDeCimK1qpqjiljne7Jz6cc8_LIEeKPl1S9wYECc2Eh3XieJWnbztDgx_fSjaLfPpmQ9fz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D541
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH4udF7sqlYyD_pzkrUGXUM&google_cver=1&google_push=ATf1kGMOm9XuWXDaDJpdXUWy-_0AjVWeLigXc-M6j_8_UTh2xR571ZdtcpXXEKZ3RVXVrMG66PTKk9iwS3BTZwu8...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMOm9XuWXDaDJpdXUWy-_0AjVWeLigXc-M6j_8_UTh2xR571ZdtcpXXEKZ3RVXVrMG66PTKk9iwS3BTZwu8lVsB4kowRuc

170 B
188 B

54ms
54ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMOm9XuWXDaDJpdXUWy-_0AjVWeLigXc-M6j_8_UTh2xR571ZdtcpXXEKZ3RVXVrMG66PTKk9iwS3BTZwu8lVsB4kowRuc

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 13 May 2023 21:49:45 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x24 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMOm9XuWXDaDJpdXUWy-_0AjVWeLigXc-M6j_8_UTh2xR571ZdtcpXXEKZ3RVXVrMG66PTKk9iwS3BTZwu8lVsB4kowRuc
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 May 2023 21:49:44 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D541
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBFXifxmhtsHAbqC1boSxCk&google_cver=1&google_push=ATf1kGPYZeLL5pgFV1XuumSEMNkV7VWAxOgbH-ReOInAq7onwv7XUxay0zz2uhRl1mkdLXSzXsnDvgK1znw3tK...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGPYZeLL5pgFV1XuumSEMNkV7VWAxOgbH-ReOInAq7onwv7XUxay0zz2uhRl1mkdLXSzXsnDvgK1znw3tKz7kh...

170 B
232 B

53ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGPYZeLL5pgFV1XuumSEMNkV7VWAxOgbH-ReOInAq7onwv7XUxay0zz2uhRl1mkdLXSzXsnDvgK1znw3tKz7kh5XWBcvhOgN

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjc4NzU2NDI4NjI0NTAwOA%3D%3D&google_push=ATf1kGPYZeLL5pgFV1XuumSEMNkV7VWAxOgbH-ReOInAq7onwv7XUxay0zz2uhRl1mkdLXSzXsnDvgK1znw3tKz7kh5XWBcvhOgN
Date: Sat, 13 May 2023 21:49:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D541
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEJyTrXw2C4GtInJXV1dH7A&google_cver=1&google_push=ATf1kGPMMelEa5P_GjScpaNbNJehDcVS_3ILVIKNMq-OezOjo3gt_lt59j49xFGU_f67pNCvxlCAWBLpfjlVoj-Dr-nr4kL...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPMMelEa5P_GjScpaNbNJehDcVS_3ILVIKNMq-OezOjo3gt_lt59j49xFGU_f67pNCvxlCAWBLpfjlVoj-Dr-nr4kL2xgs4&google_hm=eS1jSHRTRFdWRTJwRzBnWE...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPMMelEa5P_GjScpaNbNJehDcVS_3ILVIKNMq-OezOjo3gt_lt59j49xFGU_f67pNCvxlCAWBLpfjlVoj-Dr-nr4kL2xgs4&google_hm=eS1jSHRTRFdWRTJwRzBnWEZ4Ynh4bXVfcktrX3FtLnFES35B

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 May 2023 21:49:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPMMelEa5P_GjScpaNbNJehDcVS_3ILVIKNMq-OezOjo3gt_lt59j49xFGU_f67pNCvxlCAWBLpfjlVoj-Dr-nr4kL2xgs4&google_hm=eS1jSHRTRFdWRTJwRzBnWEZ4Ynh4bXVfcktrX3FtLnFES35B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame D541 43 B
245 B 23ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIt89UfhfdgGOJfpXUmXGtM&google_cver=1&google_push=ATf1kGOSMNv_k80GqEueL_V0XA-d5E6EYRTBAeZpJdB8b68U5t-nyDTLuDvd7k0VFgxCildFxqMpHW49RWamInUcheqIcE_XJfI
Requested by: Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D541
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

54ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMuvedqlHSsDSEaPxxGwY1tG_puqHp-yOLIhHqyhgvb-z3P1i2vIftTfojQr4uoDWlFu3EfcS_Q2hAfO0HuHqJf4610i84W

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMuvedqlHSsDSEaPxxGwY1tG_puqHp-yOLIhHqyhgvb-z3P1i2vIftTfojQr4uoDWlFu3EfcS_Q2hAfO0HuHqJf4610i84W
date: Sat, 13 May 2023 21:49:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D541
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-24af462b-e7e6-472b-a16d-d04536375f51-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOq9yO_T8RLz_ZfQ2aQo...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8&google_hm=AySvRivn5kcroW3QRTY3X1E

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8&google_hm=AySvRivn5kcroW3QRTY3X1E

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOq9yO_T8RLz_ZfQ2aQoXvVL3WUGpFjHKeX4ef1Pzy7lTkSD0XTDbVpmTrz9alYe7apvyhMjqykQUCUs4SFY1JwD_qlRD8&google_hm=AySvRivn5kcroW3QRTY3X1E
date: Sat, 13 May 2023 21:49:45 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX24af462be7e6472ba16dd04536375f51003
content-type: text/html

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame D541
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEDXkgzTcLJvqtvScv-OB8v8&google_cver=1&google_push=ATf1kGNbHS8HP8gkKYUMef8ISobiINmF0UvexGlPkncKVLvauavZJfkl-haZu3CdsTYWcb8z2ilF7kA3sK6OlgOnOH_C5vQAr8kM5A
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNbHS8HP8gkKYUMef8ISobiINmF0UvexGlPkncKVLva...

43 B
1 KB

14ms
14ms

Image
image/gif

162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNbHS8HP8gkKYUMef8ISobiINmF0UvexGlPkncKVLvauavZJfkl-haZu3CdsTYWcb8z2ilF7kA3sK6OlgOnOH_C5vQAr8kM5A

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

HTTP/1.1

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 13 May 2023 21:49:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sat, 13 May 2023 21:49:45 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNbHS8HP8gkKYUMef8ISobiINmF0UvexGlPkncKVLvauavZJfkl-haZu3CdsTYWcb8z2ilF7kA3sK6OlgOnOH_C5vQAr8kM5A
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D541 0
49 B 52ms
51ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LelyoyTdt_VMnu2VoCPMb48qwdyKqQc54OPh4AzUylJmZlagAHwpiJKoXAm1NI6sANzqkveg

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 128ms
28ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?oz_pl=1&ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&psv=2.92.0&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:44 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.h.w55c.net/2/2.92.0/ Frame 4DC9 176 KB
55 KB 32ms
32ms Script
text/javascript 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/2.92.0/main.js

Requested by

Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-191-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 21:49:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 55694
Expires: Tue, 19 Jan 2055 07:56:40 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2CAF 0
104 B 35ms
28ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC2XQRigih9DPdOc_1wxZxc&google_cver=1&google_push=ATf1kGNCC8N_Shc5I_-WzX8yRVxDFakA9opJsMbwEYS8F2zEihiXw1jup47q7hjF9HPaN84SeGu3UXu83Hxohl-nOrrz5_O0px-j
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2CAF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEObe88g55PNquUohWrBykDo&google_cver=1&google_push=ATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObe88g55PNquUohWrBykDo&google_cver=1&google_push=ATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ...

43 B
414 B

180ms
180ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObe88g55PNquUohWrBykDo&google_cver=1&google_push=ATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c6e1cf66f57920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 16
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObe88g55PNquUohWrBykDo&google_cver=1&google_push=ATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP1BX_1ss_v09Q-gwFUgs4Q2cIjzmMRg809ZXCi8iOD4Q1uUM3M6VyvE3vr3l7QlrRxrBDrTR2bSYhioxGvUm1djDGk0aQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c6e1cf51e46920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CAF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGO--VDZTzhXaDzk84jbJw-88MuSjD3ezwBzoPNC1nsrMMrpYIZIvS...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGO--VDZTzhXaDzk84jbJw-88MuSjD3ezwBzoPNC1nsrMMrpYIZIvSnIZWg0ja0BawPwgQnGhcVO3f9pz70dthyhq2mm_oft

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230051-FRA
pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684014585.105671,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM4FDuyinQ6BKW3Ioteg5Rw&google_push=ATf1kGO--VDZTzhXaDzk84jbJw-88MuSjD3ezwBzoPNC1nsrMMrpYIZIvSnIZWg0ja0BawPwgQnGhcVO3f9pz70dthyhq2mm_oft
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2CAF 70 B
265 B 113ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBfJOnoiChZ61ParuYUJ0AM&google_cver=1&google_push=ATf1kGMO8rCJKDHogyzHcddAjX1LmT_xl0v2mO4XPF0J_Jh39LkT9mV2B2_kuSx67T2iiF-Qf4e4gGvCvo1ggvUp8wHQb8_NnQw1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198785760&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014584250&bpp=1&bdt=258&idt=217&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4772026716901&frm=8&ife=1&pv=1&ga_vid=2112098717.1684014584&ga_sid=1684014584&ga_hid=362421832&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=238393387&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759837%2C44773809%2C44759926%2C42532090%2C31074512%2C44788441%2C44792088&oid=2&pvsid=3912391652140771&tmod=1134167538&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.jh24asjem7rh&fsb=1&dtd=220
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CAF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGNiaTSBVoLvp8icFKKxua4mjzxq_Kl8E...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGNiaTSBVoLvp8icFKKxua4mjzxq_Kl8EDVCiYpR9Wk4jFVd6GrjiiYG1oSvHeL5jsMaWJT16adFSufQV-UjWcKoANVFuQg

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOBNtGh4HgtEbQLKnKIoe28&google_hm=ZGAF-UnxWjJJaUmDRkn0OwAABLkAAAAB&google_nid=index&google_push=ATf1kGNiaTSBVoLvp8icFKKxua4mjzxq_Kl8EDVCiYpR9Wk4jFVd6GrjiiYG1oSvHeL5jsMaWJT16adFSufQV-UjWcKoANVFuQg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2CAF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKEhmtsszSb8-4TjIXBsH6Y&google_cver=1&google_push=ATf1kGOng9VTdGqZk5MS_1WVxZDTBki1ysHRiBWtEruSoyV8xmCzmeZ9PcXiAnQl6FgDvArzs0PE88Hw887E...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOng9VTdGqZk5MS_1WVxZDTBki1ysHRiBWtEruSoyV8xmCzmeZ9PcXiAnQl6FgDvArzs0PE88Hw887EtSTeaI6UUXLNDgK1

170 B
232 B

53ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOng9VTdGqZk5MS_1WVxZDTBki1ysHRiBWtEruSoyV8xmCzmeZ9PcXiAnQl6FgDvArzs0PE88Hw887EtSTeaI6UUXLNDgK1

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOng9VTdGqZk5MS_1WVxZDTBki1ysHRiBWtEruSoyV8xmCzmeZ9PcXiAnQl6FgDvArzs0PE88Hw887EtSTeaI6UUXLNDgK1
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CAF
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBxUAMDLI9zw80AxAMvZYV8&google_cver=1&google_push=ATf1kGOVFASEEomdcXuUgVoG4I25l8yXb9D2X-O4zyIy15wfYPw_MnHuEX_1MJptnv...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOVFASEEomdcXuUgVoG4I25l8yXb9D2X-O4zyIy15wfYPw_MnHuEX_1MJptnvjdNTlVyLaejlYgE9VwBOeSqKKYJ8P2KaHVUw&google_hm=K...

170 B
188 B

57ms
57ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOVFASEEomdcXuUgVoG4I25l8yXb9D2X-O4zyIy15wfYPw_MnHuEX_1MJptnvjdNTlVyLaejlYgE9VwBOeSqKKYJ8P2KaHVUw&google_hm=K6yT4Gr5Qw-CKUQ39c7j5qY

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOVFASEEomdcXuUgVoG4I25l8yXb9D2X-O4zyIy15wfYPw_MnHuEX_1MJptnvjdNTlVyLaejlYgE9VwBOeSqKKYJ8P2KaHVUw&google_hm=K6yT4Gr5Qw-CKUQ39c7j5qY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2CAF 0
40 B 58ms
52ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMX8MSBr6XwYCErmXbECW7JcnjN63qhiRDElqSWgZ0PdNizQozLsWeBdAOYrX8z0AHlkW09w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame F6D7 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BFE 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBjcyOHg5MAoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAIBJQDAECg0QAyEAAACYmUlpQDAECg0QCiEAAAAAmJnxPzAECg0QDSEAAAAAgJm5PzAECgwQHioGNzI4eDkwMAQKDBAZKgY3Mjh4OTAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAMDNzaUAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAS0AwBAoNEAUhAAAAaGZ2aUAwBAoNEBAhAAAAAAASp0AwBAoNEBEhAAAAAOCe8UAwBAoNEBIhAAAAAAAAGEAwBAoNEBMhAAAAAAAAAEAwBAoNEBchAAAAaGYucUAwBAoNEBQhAAAAAEAz9EAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAANDNLdEAwBBIaQ042aDQ1aWo4XzRDRmMzS3V3Z2Q2WG9EMnciFXRleHQvamVhbl9ncmV5X3YyX29jaCgE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame B4D1 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame E42E 2 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5c37bbcf4d384515025a17b54788595400c937f94fa3b59a40bf8a73b632d2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0FEez0YimgoevGh1xgVWweo9eXdP33O3UD1X4EbwHm8zcPtIP%2FnL46tbnlV5IwOjDuvdP2m1YPZ5zJ61Y5mse%2BtNh1OTyncQwZBKcrG6mXdj5MzHJAPT%2BXPv1uYWM6aaCFmGCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7c6e1cf5584b9bec-FRA
x-backend-server: aa-reachservice-group-europe-west1-n6pb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 56ms
38ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c6e1cf518069bec-FRA
content-length: 24
content-type: text/plain
date: Sat, 13 May 2023 21:49:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfN68X2x4j%2BBcWWy4pa0IM9GtRsrvAAWjKwuYDdTMIXGx7oWRKWGdOZwaKNJGXPb40p9VTYRmoxdqYeVioBKFj%2FvJTzehbSAlyhM858n0vxzWxAsMmfVdcsnK%2FpPcjaoAQip%2BQ4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n6pb

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01A5 0
20 B 77ms
75ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBjcyOHg5MAoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAQDP0QDAECg0QFSEAAAAAAAAqQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAABoZh51QDAECg0QMiEAAAAAMDPjPzAECg0QMyEAAAAAMDPjPzAECg0QNCEAAAAAMDPjPzAECg0QNSEAAAAAMDPjPzAECg0QNiEAAAAAMDPjPzAECg0QNyEAAAAAMDPjPzAECg0QOCEAAAAAaGb2PzAECg0QOSEAAABAM7NEQDAECg0QOiEAAADAzExFQDAECg0QOyEAAAAAANhyQDAECg0QPCEAAAAAANhyQDAECg0QPSEAAADMzNxyQDAECg0QPiEAAAAAALB0QDAECg0QPyEAAAAAALB0QDAECg0QQCEAAADMzER1QDAEEhpDTWllNDVpajhfNENGZVdRX1FjZC1lMFBEUSIVdGV4dC9qZWFuX2dyZXlfdjJfb2NoKAQ=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BFE 0
20 B 78ms
75ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBjcyOHg5MAoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QMiEAAAAAmJnpPzAECg0QMyEAAAAAmJnpPzAECg0QNCEAAAAAmJnpPzAECg0QNSEAAAAAmJnpPzAECg0QNiEAAAAAmJnpPzAECg0QNyEAAAAAmJnpPzAECg0QOCEAAAAAmJn5PzAECg0QOSEAAABAMzNGQDAECg0QOiEAAACgmZlGQDAECg0QOyEAAACYmSlxQDAECg0QPCEAAACYmSlxQDAECg0QPSEAAABoZi5xQDAECg0QPiEAAADMzMxzQDAECg0QPyEAAADMzMxzQDAECg0QQCEAAACYmZl0QDAEEhpDTjZoNDVpajhfNENGYzNLdXdnZDZYb0QydyIVdGV4dC9qZWFuX2dyZXlfdjJfb2NoKAQ=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame A0D3 2 KB
1 KB 18ms
16ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2025835
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7c6e1cf52f919bfa-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 13 May 2023 21:49:45 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p18QG%2FYB4%2F6Yer4xTL%2FkSyVT7Q%2BM4fHcSr%2BU%2BiOefJa1ja6J15qmE2gofriMpRSRtXKwvmfRqdEccKj2VFH7cmxLVfpCyf0M8k5%2Bj5t6Y%2FPQszjjMf2HyAZekTle6tAbf6VmGFQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame EE9B 11 KB
5 KB 29ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5012d926f7e232f5779eceece6dff5fc6061d45e5c1fa23042d4a1bb837f47f6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g09mtzf1cta6pbw3ez997fr33c1v5rh47c1w8813deyhcjavk88k5b96k3vez5tkqa4s4x6wpa26yf21gp1ab40648gcqnwjshkwa1k737cp92fkfcdngghqbqtrxzs3acm5ckxb9za11fw52rvxk9q5je7yeq30ac874e7j2w3r2nwq6nj2vswygexfhqqt5y55kc860z1bpnvnhngscmxfywy365jhwxxpycdtxe4dmf1dr8sn2sj8fr89dsk5nvyd0xzt4rkq8gdjj64t95t1vzwkxjb3817apm1tsx5z4nvjzpdxfvr3zbzmz42pcj9mqgphse4szzxng59tg0yab58sjq6gmsmnbmr40jw8zzpg1yw3925yxbqzcj35zrvp9eq85mxpw8g6xq79hbp841qzz5z91g2dez1s3js8zsyypvc05s5arbb0a8e1ygvanycd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c6e1cf5a81f9bfa-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 57ms
56ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?oz_pl=1&ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&psv=2.92.0&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:44 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7EF8 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuVwsKCsNykZLbmLd5f2t5sG4kxDjOLHWGIOyRD7tuk2gFNXr8CRQuHkn-nRbp8sGQL5_kC2K82Eao55_upsZFy5-_13Y5z-H7rxaEatH_cpXIOSElZic0kULxOKrx4f5W1VViL3f5TTXLi5UxmNjOjJ4-45I2g-Oma2JRgyIc1CGlnLsperyLvBrPir9L4x1U4tx2pFJ5n9n9eBDpVZrNRApsTgmMyNj7JoXTvZ5uDNX0UI7g-5xPR-v6A3cJXw64uQz2_AeXuJsx4tQljXd0xJiVqbOSbzLjLJC5OAsHt45AN53Vh7xhXlPPdeYOdG82noBxXBjDGDWOkQIqJXvBjX7C40AUtuBp&sai=AMfl-YSezylcTaO_4eW9Fpsn6Ak2V_3QqOG_yNqNC-L5Gy2XVD3rGiyndEaCS1MBCbckh9Z0wJuzTPahAo7gkZR_sST8WaLL-mPk4Zh1FqsWbt6M-8cgLkojIV4actC3Jh_e9ExAPegZW_3GNi94T-Y0GF3cNgnCyhVpdlhEQIeTTgIOgEIRMnLu2mPcZuu5WgRx&sig=Cg0ArKJSzGszMdJAAqsEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 May 2023 21:49:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7EF8 14 KB
11 KB 91ms
90ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

267e24c6f0375918a6373dd89665b7fc044f3890a589d2b0b5c53b6b7bdda315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10994
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DBE 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8AuyTb55v04O8GbTSC-_3z-SxMEQRkYm_SXSkVfeapb3TlO8Vmop3m44IPrsVt4zkNu7cVfVF0sdw_qGS57zkWVL6qEmU39TsI0lSxR1t1e6qsw69Gm0LAWr_93FM6qUPFUHEPQHLIhB_RIxCL9dPmL7XVQj982xUQXKDSdI9I4T8VS3P7luqmtvitMoqBWayfWicb3xcmo4hufPkfN4138HBGZ7I-PIuDFAJHelek2pQ0g0VSwe_Bgwpwwx4dEK35vRAqS-rKY6rDoEQ-LknYmHPgN4I-IutJ3o_9yIeu3PLeVb0kJhZ3shoawue1yGlCtd1QDzoB6c40soUbP9bljmTtB97vRn3Q44eALE7KvyPDIoZHA&sai=AMfl-YQmgT0hI51fGvkT5Tw4OS0ojuoLeS0Zx-1kFhmnf8fdXdmqo-Vtjmz2xs5HHyIPLLHoFOa9MOKpUGv84s9osN4Kki8TtWmmq-_g0o3xqmE&sig=Cg0ArKJSzBDTViGNAYOUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 May 2023 21:49:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4DBE 14 KB
11 KB 92ms
91ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42daa728355b86a973c01b68e6a6a92cbfebf8cf1dccd834822af79f3d84c556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11165
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame EE9B 103 KB
13 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 454229
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sRkmdiyUGrpdD5t1dRhZKuxHaCbvKBG%2Fj8NhzZXtr96tb39hHSpNlTdK4eoPMr6qFZ0hDx2TbsNC6buEfW60SL0qFJKyEIu6m3A240k6FLQWen2Ta9%2Fc1LbJOrwQ07xozOn0KN68Q4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c6e1cf648b79bfa-FRA
expires: Sat, 13 May 2023 22:49:45 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame EE9B 5 KB
5 KB 26ms
16ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5716
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3VvQdExIMM8RHx3Ytr%2FvIY1iFreWetfvN6VlGwOfodc7Caqa1N%2B0kg4wIkdCbLOkPDV5ZXzxrrYy2ZKySKSJM4qV5HpTLvblOu3ENwM3%2Fe7k%2FM%2BPdxG29xWmYOpGdyMTkJb1hLTVRMGD%2Bcm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf6588e2c71-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame EE9B 54 KB
55 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1328465
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSWXtbMTLNVdGLD1BqcZUtIjuiJCpXoM04NTPnf3ae0IbDWyoRtIkqrqF%2BD1m2cbGkp50ioH6emuHpoaU8Ltuf7G1U5G%2F2gY%2FRKUFJOSRsJ6tQKJG4RLYNFuOJJB6Z4tm747B45xDhade%2Bmu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf668ab2c71-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame EE9B 2 KB
3 KB 30ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257709
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDYbQiQcdKbKs08Pk3D9L67Ny2dKHZQKcZsSmoy8GYz7iyQjNuf%2BaRuO1zpd2%2BfkgANZZPbY%2B5szVAcNeQZGTZBJc2UEH04fbEEG1uDGxfh%2FgugH9oysGoJbgVqYcvLZF9QAFko1qEhnafgA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf668af2c71-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame EE9B 339 KB
340 KB 30ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 498537
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlIUQBKgargHvWgebOLVQ8LNaggFhThyWa8QnZ%2Fh2HWq%2FD1RGzxP3csNamU6ZcjJRu%2BTLIHPVDHozTk8jrhvYOb%2FoJNaei8SYkjY4RtweYzCuQBSn0HZwjWXuk6FYLN8RpZl2vzjXD3AiSH9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf668b12c71-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EE9B 43 B
702 B 94ms
63ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame EE9B 36 KB
36 KB 29ms
28ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502162
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ke6%2F2EGg6mVKfuXefKMrwz%2F2Otd1DXNw2KYTK8wv6KMjolc4t9eBHeQFP1sro21%2FvPMzdVNB3uFoJLe4DeHclOCs4%2BYhsDGphxUGpJUHGzYvgl8k1hKz79%2BvCDYAOCaURL7dfxfS5y%2B9khPM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf668b52c71-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame EE9B 38 KB
38 KB 25ms
24ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1057077
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJGBbWEjx5%2BBYbe5bfmohsBz6G9RDIZ0kuSo4M6nW1x1Z1n0iKTz9I%2BhH0zst0zazX3nOcmmnd3QdNu7bQJeOPXUV46rSI6NLD1fcmag4SAxZTvp77vhhIO%2B3tW62seRGWP5waxH%2FF2Knhlq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf668b72c71-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EE9B 43 B
702 B 75ms
45ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 28ms
28ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&sid=Af9VKUMKEAV919Ao&oz_sc=32005395af4765f6e8a13cfd&oz_df=1684014585261&oz_l=1226&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:44 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame CADC 93 KB
30 KB 395ms
195ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

12ecb0e55747b4449fbdaf5e5e91a9023844eb4ea6131773d457675019ac6251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 May 2023 09:44:47 GMT
server: nginx
etag: W/"645cb90f-17429"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame EE9B 2 KB
2 KB 124ms
71ms Script
text/html 18.133.36.104

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grkn75ch9jyj7j90mcgavv7nx5qkp9882hk560gyz0na0sy6gt257f9hcyeeb7kt7w3vpmcq4fs216amcstrw85kq39dbh819mfe3f2wy9w3n1k70cayhvggxk58prth04cagzaqtycfjekw20ag4qa5y0gzz5vs33eykn127eg6d559g6x0b6y6ksnmmqb72zfncsfr8mme5mj5p4pspceysyx4dd0892npxvye9m8w60mc9dbw2w5jmp01y3jv1kg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 7b39c20824e748a8315989032c934627f3eb7f8be39717db7282f21d3bc1ec8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
last-modified: Sat, 13 May 2023 21:49:45 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 13 May 2023 21:50:45 GMT

GET
BLOB 200
OK cf7851c9-3263-4bce-8f91-9a5861a569af
https://googleads.g.doubleclick.net/ Frame A4C6 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/cf7851c9-3263-4bce-8f91-9a5861a569af
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H3 200 rs Show response
ad4m.at/ Frame E153 1 KB
2 KB 40ms
40ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2701043b696fd5d6402c4d1f822094fa76147dcf0abc4157faa81e32bf34aaa2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8Mw7cqwor6o1hWvZyNGJKYlCgf28e9g9cQhu%2BSLJAeaLYygh0%2BHSbtGlq58qL2FE4WLxDy7bXSck%2BS0T7ZGlNtTVwmJmTXyiIdfp9Phg4Ell2831m7RTNF06Twfj%2BuTwRGvIPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7c6e1cf6da109bec-FRA
x-backend-server: aa-reachservice-group-europe-west1-n6pb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 29ms
29ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c6e1cf6a9ce9bec-FRA
content-length: 24
content-type: text/plain
date: Sat, 13 May 2023 21:49:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpxjbcrwG2c3ULfKXmfQo18OuAEyMK8hMahy8QCLehMm2eWS0WmvnnJBli89Cdwmg8dp8XCXC1NolVNpbDs9Qjzgm2aUSOur3jkp2DwR0h1%2BtiGrpNY8U0C6nyxvZP4NnWE4xzk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n6pb

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7EF8 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 21:49:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4DBE 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 21:49:45 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 29ms
29ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&sid=Af9VKUMKEAV919Ao&oz_sc=32005395af4765f6e8a13cfd&oz_df=1684014585428&oz_l=5750&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:44 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame EAE7 14 KB
4 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b37b176ee99b8f80b61a2e3b839f87e9dccbdfe799077b67f5e3698bd40a07f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kbvbcwg5gqey3nzwy7hhkjrz04x4vq7rhxp0xay54nqq4zs92qfyaxtdb531cpd010s0qp7h46g1adybx560b7hgq8m1yxayexgzdmygb6yh4t7vkynwg5ctd2x284cy8y1nh9c79x3hnrwnyc23eq7w9qxf5na7hx31khre8mwxk07rr07ehv6jj1dyjjneg4wn1rjvnnqypd9jdza5qyww7bp9382r9e21mc9pkxmd8xjbcy3px5ate59qt7srjxaskzvwm12bae1bjf30t5gb51r8aenpxz8nbvtxv1d5xgy7dem81cjq4kgt619g5p78j9gps7nzsaqk65y7p5ezdbxfhqhenkj1gmqmr8tmv7d2jygzdjcqm23jjb5xcpx5menpb7236v6akyzvxb51g75bwc8kyfxche8m0ag9dje1m3xfebe0j461h5tyc8a2sgvcz10&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c6e1cf71a009bfa-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9EAE 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 18:20:28 GMT
expires: Sun, 12 May 2024 18:20:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3634 783 B
1001 B 52ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

795ba9bf641463c20040cbdf9012ecf9ec13eef75b2a942872578b82b305b7b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-doPAGyG9GW1qrKvWzqbpFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-doPAGyG9GW1qrKvWzqbpFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:45 GMT
expires: Sat, 13 May 2023 21:49:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B390 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 18:20:28 GMT
expires: Sun, 12 May 2024 18:20:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED48 783 B
740 B 52ms
52ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a27d43361ca15679e2b0b5911036b21cfb767cf73efa866329e53815b064c1f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EtnR3WbdjwTrDKsifBhikA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-EtnR3WbdjwTrDKsifBhikA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:45 GMT
expires: Sat, 13 May 2023 21:49:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame EAE7 103 KB
13 KB 58ms
58ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 454229
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JwYGcd%2FFF5oXOqXTx9P%2FcztRvfsTbGQffhrMqN4Q7hqnkMVp%2FAF1vB5HvLfivlDiuibHYisXJv3%2Fjgdp1bY1pd%2Fnp11hgeG89ZxU%2Fl2JWKOevo6Cz6nUyULHHrAtcRTqfLZJeiIEEY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c6e1cf74a439bfa-FRA
expires: Sat, 13 May 2023 22:49:45 GMT

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame EAE7 219 KB
220 KB 17ms
17ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 175394
cf-polished: origSize=233620, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224653
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijmBQuwVV9uEUGeFR769TOKm4QJHwdOsY08AdMLplVWunr8qn0UAUzEGyDexSlavjWbWv4v2pFb78aym%2FlibjG8vXCjiTkW255gHwVJeW2kL%2B7Y3xbyD5ggWIDAOTXJcf35GMEpEhoIxLu9R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf74a449bfa-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame EAE7 637 KB
637 KB 23ms
23ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274563
cf-polished: origSize=731561, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 651990
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vS2tatr3Jy3FEeqmHsjqlmf%2FIMGAfzKqR06a4mcd4r9Ii0Yz%2FAymTXp0oLQ3tDv5hca2WfJyvKJ7E7v%2Bvsmf0NsRi7Nn4xE%2Fj6OzoUYBiu75JahF0JcqyaBmHWJj1Xz6o15VvWJFYtm93YvT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf74a459bfa-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EE9B 85 KB
31 KB 100ms
21ms Script
text/javascript 65.9.95.127

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grkn75ch9jyj7j90mcgavv7nx5qkp9882hk560gyz0na0sy6gt257f9hcyeeb7kt7w3vpmcq4fs216amcstrw85kq39dbh819mfe3f2wy9w3n1k70cayhvggxk58prth04cagzaqtycfjekw20ag4qa5y0gzz5vs33eykn127eg6d559g6x0b6y6ksnmmqb72zfncsfr8mme5mj5p4pspceysyx4dd0892npxvye9m8w60mc9dbw2w5jmp01y3jv1kg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:27:59 GMT
content-encoding: gzip
via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 76907
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 4gAkYGBue5pOnEMVoKMRMY__BYKcyfiw6-Ua9YZ3-rnsWwF9S7rGxg==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame EE9B 15 KB
15 KB 80ms
19ms Image
image/png 65.9.95.123

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1684014885&Signature=gHfv6~Ik8Udd2LqYi2luUsAlS2atn7a0q3rq8CK1hY2sffXHS8v0cPi6QR20uGWhSZmdbG8ufR8A6ZhAzZzbUDoPrSo8tYjV14ixRUM5UoSo9QTfn7JUE2Rf5564hNBklXrLzFpg8QWABfLLnaq~L13LawgfPF2j6pPqwP~7-L90y24x9x~qIId5VxAHtL59bQcVaZ2nVZSCE1Z-LDhr7NBysb-~-7CyOfAyHuQXBBOHV4y35YyqGUInX0ncZ6A3-mIfUES6wGvOZNtBd2biYiKpyWt7awEj7IhihWgyg8WREA4mTEZKYKCVEs~44PgmUgfmTMta2-hqJowQW13Liw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.123 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 13 May 2023 14:34:39 GMT
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 29542
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: iWLwIGLs4ig78AAyXbl3NfLHhqusERa9CDkle8dLA_gYZQsBV4lw7w==

GET
H3 200 A533E7F607EF62FE4723E8DFFC0713F0C73B1B2D9CE8A1C3EC9B01CFC3E94E0E60300B8201CEC78FF7CFB2870EBC0F2255A36A642116E896F244C9C3B760671D
assets.ad4m.at/logo/ Frame EAE7 7 KB
8 KB 30ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A533E7F607EF62FE4723E8DFFC0713F0C73B1B2D9CE8A1C3EC9B01CFC3E94E0E60300B8201CEC78FF7CFB2870EBC0F2255A36A642116E896F244C9C3B760671D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b9f05936fe32fe96636c2d8143a0b759b1e4af43743a205e429bc64625710b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1294024
cf-polished: origFmt=png, origSize=24038
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7566
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 09:02:58 GMT
server: cloudflare
etag: "42fdf98ab75c036923270a333e2d19d9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQDMss7xZJZTUCIhLRTdAh%2Bw7P5Yr2MynbfUGq3zwIO6GzqWytWqfXVut9HCiASRTNsNmC67azJdnp6ibCTxyoX%2FqlAnZf12wJv27SgbiqHuiDO3lpsV7TS68bSHfltZOUe8M8uoBWbs%2BKIy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf75a5e9bfa-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H3 200 6CE771B21A8636F5C2024451E91C2D0F265D574A33091414717D7A9AD2DD6D650E6B7475ED8B65D4B666B69AB302F6ADFACD07EE68874124BBF350D45D9BAD1D
assets.ad4m.at/product_image/ Frame EAE7 545 KB
546 KB 54ms
53ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/6CE771B21A8636F5C2024451E91C2D0F265D574A33091414717D7A9AD2DD6D650E6B7475ED8B65D4B666B69AB302F6ADFACD07EE68874124BBF350D45D9BAD1D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002f1235c6484b5b45d65e285ac9623a469f9428889d6b7baa1b698593679321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 275254
cf-polished: origSize=633427, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 558334
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 08:58:33 GMT
server: cloudflare
etag: "873e08540c475526df27feecfd1eaf3f"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7lbqxMdDN%2FeQJppZDfbjPFW549OEe6b7O6mXPZYVs3o7245GWB2lkdjAPE5tQxK1TmUihJfE78zcdRjcPn7%2F43EqfWvRUzqzjzzdb%2B3eRL2z3R7pSwKQ1lXx7p0YX%2FfU3zCr8FJ8xyCkeCT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf75a609bfa-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H3 200 DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
assets.ad4m.at/logo/ Frame EAE7 17 KB
17 KB 59ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7a8cf463d8af865cc28bd6d81d41134e809375632eef8823768b460ce8e6e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2434069
cf-polished: origFmt=png, origSize=29332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17118
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 May 2020 13:33:22 GMT
server: cloudflare
etag: "122e7322a58f4a1954c70b4a17dfafb3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3fze0JeqChbRfNIIP4TXyko2Kr5gnXTMPrxnAJPG7NB3rmemTltgCXEH0Zj51IvePQJKKEz3NwYzA6n911piLaJ39a72BGexFe6B5RU9btFnFxm7fsyvO5s%2Bj0%2BflqPTU00p8cMoRTi5kpW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf75a629bfa-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H3 200 0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
assets.ad4m.at/product_image/ Frame EAE7 237 KB
238 KB 28ms
28ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44524ce857ed39215d384600ade5aa4bc605ac8b8951398beae0ffca3f3cc659

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1359740
cf-polished: origSize=270249, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 243189
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Oct 2020 11:03:48 GMT
server: cloudflare
etag: "e93e5f11efcf3516506c022b6dda411d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsC50yQ5LdnvwxCigjdnJeyCzR1WPyL%2FCndGUvu7y16Du9%2BDlZPDeesX70EpmN%2BXxeS3MZISwsuMNQ%2BBo%2BDca1JQUIrNwASAOqdxoAmIn9JV2T4x61raFBt3x%2B3L0BMqOecJVf5zXTStyowh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c6e1cf75a659bfa-FRA
expires: Sun, 14 May 2023 21:49:45 GMT

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EAE 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3634 0
0 74ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=3912391652140771&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame B390 37 KB
14 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame EAE7 1 KB
2 KB 73ms
73ms Script
text/html 18.133.36.104

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gxeetp1v6gvstt09tz77d5gdb1qmcewzdk073a2v1pydkj6skpqsek6azaqvpzj2kkag04t0pcdfsfq7esc2qh9hb7jqpj6ex3whdksm02bdwy3qy2f4r68dw620q0wbgc69sy35dak3apn59hsrjv7xddyvw31ynhxfzmrvt9tfpqpbjcgh8rg2hfgvchqmc36eg9zd6t02phahvvc94e5r3ge921evb6rm90p2ewnaa4qpr3f513ttgdmsfds9m5st%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 388ad953d1a2fbbdee2a7467bef61f7c1d2aecbeedbc7d04dd171570a20e74fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
last-modified: Sat, 13 May 2023 21:49:45 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 13 May 2023 21:50:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED48 0
0 73ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=3610766118061132&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 link.html Show response
track.webgains.com/ Frame EAE7 1 KB
2 KB 104ms
103ms Script
text/html 18.133.36.104

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4452068&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kdskmp6njfww85cdy9xykp4krfga2r9dt06d73r5t3j8cz2b3wvqx3twe1aekk9n9f3b22xpzw0r9hbb1bt4favd7nsg2apy6xfsh9vdeagn047sa9k3ga7p96qrxnkehdsksg7xw8fcf1hbzntvm1mka9tysx0qafw2dsrhh5mv9kjszhdb89svktybw5r5njmp6981f05074csmn1fqtp933am8v3fbjd8xaj05qyb2xdpffgbhk9c51qjk0qdyq74zr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4Eoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 47ec9f426b681d7b2dc866f34d4dc6b2c0c558a3b162994bbbf20d46daf878db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
last-modified: Sat, 13 May 2023 21:49:45 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 13 May 2023 21:50:45 GMT

GET
H2 429 link.html
track.webgains.com/ Frame EAE7 0
0 29ms
28ms Script
text/html 18.133.36.104

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g33759a0j4thfchssy02frzya14nxe84f6w6apqk62p2d1znjwm8859btnam4b4zpdfqrhj2nc276xakjt9mdt1kh23x8tjfc5qt0np0y8f2gr7wtdyngq5pa8gp8ptne785b51x2e6z0a4av2dzje9nfs23jb32ymxqs1jhr9e3adrn80f4nyjcbycejav5gdw8dhrjkktcwsz5eb35qfmnx8ngsk4d3p9632j3p63c5h8pzev8da4jrr2k6zqg3qg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 28ms
28ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&sid=Af9VKUMKEAV919Ao&oz_sc=32005395af4765f6e8a13cfd&oz_df=1684014585599&oz_l=2923&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:44 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EAE7 85 KB
31 KB 23ms
23ms Script
text/javascript 65.9.95.127

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gxeetp1v6gvstt09tz77d5gdb1qmcewzdk073a2v1pydkj6skpqsek6azaqvpzj2kkag04t0pcdfsfq7esc2qh9hb7jqpj6ex3whdksm02bdwy3qy2f4r68dw620q0wbgc69sy35dak3apn59hsrjv7xddyvw31ynhxfzmrvt9tfpqpbjcgh8rg2hfgvchqmc36eg9zd6t02phahvvc94e5r3ge921evb6rm90p2ewnaa4qpr3f513ttgdmsfds9m5st%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:27:59 GMT
content-encoding: gzip
via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 76907
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: JOP9dGLsIFJi-pWu8T-1K46m55j2u8Ou1aSUzBgoVK8c47tHvzzL7g==

GET
H2 429 link.html
track.webgains.com/ Frame EAE7 45 B
45 B 24ms
24ms Image
text/html 18.133.36.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 88400ece0824eb5322a437984edfb5b0c752a92af7efa7d5970fcb161c8721eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 link.html
track.webgains.com/ Frame EAE7 24 KB
24 KB 56ms
56ms Image
image/gif 18.133.36.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4Eoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=4452068
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: c7bc8098c1b013492c04c1f333e56d3980945b0882c7f57441bf0688362eef29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
last-modified: Sat, 13 May 2023 21:49:45 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 13 May 2023 21:50:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9EAE 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n6qGzA
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B390 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0_BYaQ
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame CADC 0
209 B 43ms
43ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684014582891&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:45 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
BLOB 200
OK 137c391e-dca4-491d-8405-dcbb405578bd
https://googleads.g.doubleclick.net/ Frame 4DC9 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/137c391e-dca4-491d-8405-dcbb405578bd
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 802
Content-Type

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-51c60ec002340f16/ Frame CADC 6 KB
1 KB 101ms
93ms Script
application/javascript 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-51c60ec002340f16/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
content-encoding: gzip
etag: 2086319854--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=50, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1267

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ Frame CADC 90 B
250 B 217ms
190ms Script
application/javascript 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=646005f69261fe15&bkl=0&bl=1&pdt=292&sid=646005f69261fe15&pub=ra-51c60ec002340f16&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=ye-mek.net&dr=pcloak.blob.core.windows.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1684014586072&jsl=129&skipb=1&callback=addthis.cbs.jsonp__325881355178521570
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c2042415315e2e6c83d432dfc7861a479c465ca33e4ae92ee72da92c1766fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7A5A 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 510A 71 KB
26 KB 24ms
23ms Document
text/html 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sat, 13 May 2023 21:49:46 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.tr.min.json Show response
s7.addthis.com/l10n/ Frame CADC 3 KB
2 KB 32ms
12ms XHR
application/json 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.tr.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 13 May 2023 21:49:46 GMT
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-d99"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1685

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CADC 14 KB
11 KB 90ms
90ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a04711f67d0c286ce57f421c4372cc30c91e9b57dcbcce61e2d6d56eb991ba16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11203
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3C2A 15 KB
6 KB 304ms
102ms Document
text/html 2620:100:a001::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 849741
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 28ms
28ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&sid=Af9VKUMKEAV919Ao&oz_sc=32005395af4765f6e8a13cfd&oz_df=1684014586059&oz_l=1022&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:45 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 01A5 42 B
64 B 84ms
83ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9xy1h5KKf9hiBUOMP06g1OSjTS-KGxLBipnin2kWL_GhphVw1iZ2OjV0dRIzOKQfbR1nLkVMSbSBHHs3S2WMZvKOPrOwEalWyA6ciTAK0JXYr0wRUjGr3C8m7Om4zLqjz9aRNPVBShLllit2C0V2_pZgyd3en56AsSMPBOHXuov7NqhySS5nny-ZT5a2fz4oPkbOQQXRYrkRPlEREHBkkw_eIv3a6ukhiH6-35rsbBNQLfAtW-1lja98yQtHSySWThTOSTNdBGSG_VvEmuy2iPvke7Kc1utcmKN9KkIfARBjn5_DbDs6Nmd9RzEklIWkjkQPLlI-UzABN6U0g3zR5HZduLeoRPH7T929VfutinaeLRFOacpSHkuiBIZYKja-jwLm235IjfjuaP9eZSSSfNmQIwofSPErcER4RznQcFTfj0uo5p7EwvPM2rE8Zl54K8_8-JfSJ_IZN7u_iRBffZohZuKKmswZT9LfgCmBkTkPLoweq4YCJwUFJRwDZFFje4HiL7G0Z-xXpcsbdZ9Z9qQo2XsWCUermVyGczDm6Tzma1wj9amHK7jm2kYp4D3YNokTUKEoqrMtHCnZlo7_WBQ6T26gjD8sD5s9S4bRFD1PCS5h-HrYF7t7MuhsB4J0Tv3vixy6UlBunPyvQfKxJ73LCY6wt1Vl-gRmKh5m2OQmErGw2dY-R0HGLJtuvR4q1JKrKEA2BFeDOexniSntoqbUaDmq99GHPxsShfdDwAc26t7ribZrBoNv6fd8Fcj0OLjT2HX3HzFVgrfXZPzKK4IlpNeVxY2xAwKJR34_9qsmUyswhwZYCBCFOnmUBR3U1LmdVn7Mnx4Amn_VLGhynLmk7v3lT1KF6oNwqeq0t1Ddoo9tc2-h36PEr-ZS6lR1hPV9VH_UIKRkBQmeak5cguNOaBdD9dQHwWXoFc1tG8-CHamjyx9UNiMp75q-J0W8EQjLlU3jPsiDMZoIR027ZzCsCHAudTFIX1vEwXRFqZp73o0p03nDT1trUA01FODh-u7lr1GkINTkizyNe1WkCgvxIPEWvvQ0Qhp3I3XG42QVZCziLFdt7yYxBImONBlP1wodZOJ9u2nC5Ca5NqJ9vkfvZMw&sai=AMfl-YSBXfZE3lE57mJLY4P0ivK9bsp-KnN5uieDjqLJ1fxjaSuI91AoQ2amucMRLcFrBF3Jj4emm9p8TepiLRkU9u976TBh6DtwQSi9vj0ti9iA-IVAeTxGrCQ4hdzogD8QCwVKIF6VGObY&sig=Cg0ArKJSzLYBeVh5RoXKEAE&cid=CAQSOwBygQiD8bFxL0bF7LJCT2m76rnvsyOvWxDO8Lt7_qaZJhdh_g0pAllFdKddY2Dzs6FW6LqD2Yn7i5dqGAE&id=lidar2&mcvt=1014&p=0,0,90,728&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684014584731&rpt=338&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame CADC 0
209 B 44ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1684014586155&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:46 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 60b91f99e4b0b65b3ce7bc5b
ng.virgul.com/tck/i_vb2/ Frame CADC 0
209 B 44ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/60b91f99e4b0b65b3ce7bc5b?l=&r=153493@site_geneli@yemek_net:site_geneli&cs=1684014586155&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:46 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CADC 17 KB
6 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 21:49:46 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 29ms
29ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&sid=Af9VKUMKEAV919Ao&oz_sc=32005395af4765f6e8a13cfd&oz_df=1684014586267&oz_l=8961&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:45 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame CADC 263 KB
76 KB 13ms
13ms Script
application/javascript 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 13 May 2023 21:49:46 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7EF8 0
0 75ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=3912391652140771&bg=!-_il-KzNAAYldGN0BXQ7ADkAdvg8WvXhYEdZSBWVl7t_lWDCE3Af6L89YWEOtQsG93TnNhfgwl-Mgls0H2v7tqw5T3yZsmX0FxACAAAAh1IAAAACaAEHCgBBNiVNk6FV-gWFzGrqyN093EZPzSCP4sPOTZ2bJKQ2YdhPU8BQUZhr_VC28FHxOhKk1KeYoOVYwyg2o0HcRwuYvN-ZAwvXgsktNI6p7cZP9vpVNzLcecR3T9KZlJ0qri3IxLvcNp9uG3mCY2K8sZiOho26y_34md8XRCw8Hzm_OiHxY-ajD6t_usuwWZhIIhwS7yKS4q6qIC0f9mDEh1zHZEQvZwkd4k8sxORa9slRHtzBsuFTRLNK5kBwtsl8zkJPM-sS37erNlwf64YwPfmpxQkmNDYi4knxCpgh2QFdnFUfSF0IJtx3jBSQ9jBgmkSIRw2X0ubHgjhJ_zAcUxSTcjBH5TFGqz8e7Lc5OIikukhEwVXitYxlMzQhWe6KFt4KWOim_1G2IiEFc7JA9rZJTPSplKbMImcixLUUVnPrwN0cscKsVbMhfEVhse16PS5di655lzaIGEfLYAzi_8eKDZH4Xhoa11RIhBQ7StzohnDdXge_A-ESfdu593Pl4aNLVv-6feCV_cryllydD7woTQV0U4WPwLAkHqxiY0vpbGSW0l7idoxURiamsGGXIrQhRBSSk1XUUOS4-i8rRKTwaMz1jFNP5J2Y8PTcdcVdpueCn-DnTR8lfmevB-MjMCDUaaSGUjqhlxdN5pEBk48X-ta-erp4lNbsvGhzUUO8twclC66cEpMMCRDkKCoCl7ocml2L2ov1VA4NEz40zdZnRZ3UbDOwudN9Hu3KoanvufFqAwskcCZdl5dLe9HMwvWDUHO5oL7K_iUqgEaBBpZdMhi_csdyU_S9bGLK1vUgp7M1JRP-KY0cihofuHK4mW32KX9J_LXdcoQTxfwhAy5e0q3orbwvm7_-LKjzt0Ji9r8kt3Nm-YgoakOnsGUXREALIAsZmctDSwx09sxTfKhqL--2DgTBwvb22n7Ywtb3sCAQA7OqzxnnSMGhh9nyAacKRss9uLC11clyOFyjRkrPLUk1CPexN66-P9UJ41gDquPqJHUtV2jF7n7OP24zNYs4pN88x7q3IJKAT4VK4j-bBx5mO0qJCGnEK4Hg04iR-kWxe__O1gsXg4f1SY_O3Nt1w2O85_wAvbWOizMw5sJsStaX7GPpYQAq76r1LbPXsg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4DBE 0
0 76ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=3610766118061132&bg=!v7ylvOjNAAYldGN0BXQ7ADkAdvg8WiZQYQqk-oDfY1usZmxcIi2CRD4zGf-9GCenn0rsTXVeMVUOa-Y8oFEz0nwK2iU98qkubF0CAAAAdFIAAAACaAEHCgBx1WK8jyYBV-FezT1rVtflEcKJoSuops4V4M6wTLyfdXlKuhcOneP56XZNhbsXDEopBlT2RWfMpP7dfsZjfOsENRqFvyQYUmkY9Yh9roPgHeVt1PnLZd5HbDw6TOO9SZ8QhrrOf-wXh6jDDAI4NhL94smZAxVqiCWBHPDXGbRb1Azi5fJJRB81JwnMsZQgofbfHpmYtjVIrkaQ0-AjWkJvzBvWe0Iaq57HZXtQxBY9biHmopzUx9FsIF734dYoCERhg9uRE9ilugSTYiKSx5-EoBFF4cA64DeAvjhHP2dJGI9oVAY3eCBu_HlIh8Y1PHpxcCZfaCSBnydrFV9szV_NvOfLvvwiDb76wD5-Dlu1sjNVzPrysxgSa0pC7RTDVj0JaD_4sEwQtqVfCXBPokWBTsjf8k-pul0U0yaPD8llFTjiU-_WFSqVqViAgMmXwr7HglNXG0Fq5qDaagvmlclxd3cVo157UoDzE318mvKKphOnrgD1B6ov8rxth2sgJXleVXnGhiqjkYGKrEKly1Lg6qTX6oBWTD6tSaVqRkpJxNReeH42tCncFpiwQSeFaAPXA2vFJbyhosLUxdlsBj0Z4-dnNrb0eXwO8skqEe5JHQLsdKiEoogDBhoUSTvaea77puWGUdNM5kFK08LWClNPKQ_xWR7wRElbmodWEG2_IYrjZ3CCkstFwVqFdMENLhc9N4AVEYJ7vNtH4K_WkIxraMFYPVd0RnnWBKVrTmNmiqq6cqP1QjADqI7vJkZtf1_JwipzaShasL7ZzLEv4hyyFWTsSEPPrmbmQ2uT0DKLbc5tuBA7RhZdQAeznn2vt28Yv6Fwei3-1Syes87n8oPVYftciArFx8tBd-UNqYMd-Baq3bAu_4OXQFtaB-b0K3sPpvY7HR8xWXGflpfDS5Vb0W15f-cx3UDbtmYM_JpIC2N9gIPkVEcA2XYt8lwcKRO12IGrRquNOkGwgZCJo6ZVG135TWd3M37nBO_zgT6PqRG2iKiXQHKyoIrn27UduhFn88H-Oihy4av8LVsco4dKnqe4n6GwDsp7pzj3FZjqDcemfcQiRMyNnQ1g7MqjEy1MY2aLsAZYzLYoa32GJG6kQOqgvd1F4DrgJ2EZO_HSSucr3IZWOImzgHAu_Ki6K2qogiZhg0n2xHZMy00RJfGyvQGqr7hw7XlMccxoVvxy0BNZknyXQD1ALnU
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EE9B 16 B
232 B 70ms
69ms Fetch
application/json 18.135.126.181

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.126.181 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 86ms
20ms Preflight 18.135.126.181

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.126.181 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 13 May 2023 21:49:46 GMT
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FC2 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 18:20:28 GMT
expires: Sun, 12 May 2024 18:20:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81F4 783 B
536 B 51ms
50ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c4c77712c179af887e4be389f1d5a4407a5da937f296ecff64f0a391c15c319

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bUOxVSoUUH3ERK-zNVm4lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-bUOxVSoUUH3ERK-zNVm4lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:46 GMT
expires: Sat, 13 May 2023 21:49:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame CADC 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ Frame CADC 2 KB
1009 B 13ms
13ms Script
application/javascript 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 13 May 2023 21:49:46 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-688"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

GET
H2 200 143.3d8bb49f121080f7c65c.js Show response
s7.addthis.com/static/ Frame CADC 625 B
644 B 12ms
12ms Script
application/javascript 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 13 May 2023 21:49:46 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-271"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 404

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3C2A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Jh4RInxDd3NpNE0xRE9QMlNtNHE1Q2UzRFVCYjgvU1JJbEw1S0hEdmxpN3plWHhEdHBEZXJITlZGa0ZxWkw4V2IxcThZSlNtR2k3Q2ZObEJNWVI5MkpXaWhPL3AxVjQ4eTJqMW5henFSTVNDQ1NjNzdqL0dMZXlGLzJPS0...

446 B
661 B

225ms
18ms

Fetch
application/json

178.250.7.13

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Jh4RInxDd3NpNE0xRE9QMlNtNHE1Q2UzRFVCYjgvU1JJbEw1S0hEdmxpN3plWHhEdHBEZXJITlZGa0ZxWkw4V2IxcThZSlNtR2k3Q2ZObEJNWVI5MkpXaWhPL3AxVjQ4eTJqMW5henFSTVNDQ1NjNzdqL0dMZXlGLzJPS0w2Y054RDlMRGNZOFJLNUI1dVlxdGp0a3pFTnhuWDFoR0tmVjF1Q2pLK0xqNExtL3R3TkJlS1JKcTZycTBGQktrc3FPMzlWWGVCS2l3RmExazRycEFmRTBvcjFjQ1VnSmJSMmEwVis2alBRdUlFbWRhNnhybkxrQU90cGJ2bDVjWHJhcUJDRUpXRXplZnlBeHNuZk01Vm1OeWxJWUNIem03NFB5MU1URTJaMDhFaUkwNWNFZz18&cppv=2

Protocol

Server

178.250.7.13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

b0074d1b033dabc05703c91e43fd908c56513285440be1883ac9e850e2318dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1572870
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Jh4RInxDd3NpNE0xRE9QMlNtNHE1Q2UzRFVCYjgvU1JJbEw1S0hEdmxpN3plWHhEdHBEZXJITlZGa0ZxWkw4V2IxcThZSlNtR2k3Q2ZObEJNWVI5MkpXaWhPL3AxVjQ4eTJqMW5henFSTVNDQ1NjNzdqL0dMZXlGLzJPS0w2Y054RDlMRGNZOFJLNUI1dVlxdGp0a3pFTnhuWDFoR0tmVjF1Q2pLK0xqNExtL3R3TkJlS1JKcTZycTBGQktrc3FPMzlWWGVCS2l3RmExazRycEFmRTBvcjFjQ1VnSmJSMmEwVis2alBRdUlFbWRhNnhybkxrQU90cGJ2bDVjWHJhcUJDRUpXRXplZnlBeHNuZk01Vm1OeWxJWUNIem03NFB5MU1URTJaMDhFaUkwNWNFZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 654139
content-length: 0
expires: 0

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 28ms
28ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&sid=Af9VKUMKEAV919Ao&oz_sc=32005395af4765f6e8a13cfd&oz_df=1684014586443&oz_l=309&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:45 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81F4 0
0 72ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305100101&jk=367862464275285&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FC2 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 16:40:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3FC2 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?U4AeYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame CADC 0
209 B 43ms
42ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684014582891&userId=vnet6c1fd289-0279-4aa9-817c-0014b89f0a83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 13 May 2023 21:49:46 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 21ms
21ms Preflight 18.135.126.181

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.126.181 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 13 May 2023 21:49:46 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EAE7 16 B
232 B 79ms
79ms Fetch
application/json 18.135.126.181

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.126.181 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/ Frame 4DC9 0
145 B 28ms
28ms XHR
text/plain 52.31.191.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.92.0/948461/Af9VKUMKEAV919Ao/postback?ap=&pp=ye-mek.net&to=3&md=1&pd=avt&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&pv=53ed5c35-a6b1-4d21-b6ae-869ab775c68a&de=2&dm=728x90&pi=XRzobPsLhV&gt=DE&ci=948461&dt=9484611597092707615000&ui=&ti=&si=&ac=Xmwo1n97Q8&sid=Af9VKUMKEAV919Ao&oz_sc=32005395af4765f6e8a13cfd&oz_df=1684014586811&oz_l=371&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-191-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 May 2023 21:49:45 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EAE7 16 B
232 B 79ms
79ms Fetch
application/json 18.135.126.181

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.126.181 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 20ms
20ms Preflight 18.135.126.181

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.126.181 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 13 May 2023 21:49:46 GMT
server: nginx

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame CADC 63 B
385 B 32ms
32ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e604a884a3145d5f555ba8d0a20ad7abd015724232dfbbbf749ddc23445df746

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 21:49:46 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ye-mek.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 12 Jun 2023 21:49:46 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E0D8 281 B
554 B 29ms
7ms Document
text/html 23.56.202.187

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 May 2023 21:49:46 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET check.html
biddr.brealtime.com/ Frame 99B8 0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7E2A 52 KB
17 KB 34ms
7ms Document
text/html 23.32.184.180

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 13 May 2023 21:49:46 GMT
ETag: "623de86a-cf34"
Expires: Sun, 14 May 2023 21:49:48 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C445 16 KB
6 KB 30ms
7ms Document
text/html 23.32.184.192

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=37923
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 13 May 2023 21:49:46 GMT
expires: Sun, 14 May 2023 08:21:49 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E0D8 34 KB
10 KB 7ms
7ms Script
text/html 23.56.202.187

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: de96f4dbfb1b82ecf8429d07b7b24d93d2c64414c51b1ee54d42acdee2653c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 21:49:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 May 2023 09:35:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=42397
Connection: keep-alive
Content-Length: 10021
Expires: Sun, 14 May 2023 09:36:23 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C445 3 KB
3 KB 14ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19398997&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 58a1d9e6c7fb6ee7e473df96e2c87cf8cf0d85cfa8e829463100f2e791cc6a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 13 May 2023 21:49:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7E2A 0
863 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 21:49:46 GMT
AN-X-Request-Uuid: baff478c-bd84-45a3-a1fa-859457a70d31
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7632
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74726460-05f9-4d00-8655-a00aa42a999b&gdpr=0&gdpr_consent=

42 B
325 B

56ms
17ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74726460-05f9-4d00-8655-a00aa42a999b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 13 May 2023 21:49:46 GMT
Expires: Sat, 13 May 2023 21:49:45 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master zrh-pixel-x15 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74726460-05f9-4d00-8655-a00aa42a999b&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3A1D
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827860448095

42 B
424 B

31ms
14ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827860448095
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Sat, 13 May 2023 21:49:47 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827860448095
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6CFF
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

18ms
16ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 21:49:46 GMT
expires: Sat, 13 May 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1058548
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E228
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7974488385232500322

42 B
195 B

15ms
14ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7974488385232500322
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7974488385232500322
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E408
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4710005064773880771&gdpr=0&gdpr_consent=

42 B
297 B

50ms
16ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4710005064773880771&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: ba4ea70f-c43d-4d10-bf44-f70b262c5520
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 13 May 2023 21:49:46 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4710005064773880771&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C445
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U6n4x5P_R4yASno-3ESG6A%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

7ms
7ms

Image
text/html

23.32.184.192

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 23.32.184.192 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:47 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=37922
accept-ranges: bytes
content-length: 5554
expires: Sun, 14 May 2023 08:21:49 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame C445 49 B
266 B 101ms
28ms Image
image/gif 34.250.212.34

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53A9F8C7-93FF-478C-804A-7A3EDC4486E8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.212.34 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.106
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame C445
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2073744397
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53A9F8C7-93FF-478C-804A-7A3EDC4486E8

0
284 B

56ms
20ms

Image
text/plain

34.111.131.239

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53A9F8C7-93FF-478C-804A-7A3EDC4486E8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 34.111.131.239 -, , ASN (),
Reverse DNS
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
via: 1.1 google
last-modified: Sat, 13 May 2023 21:49:47 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53A9F8C7-93FF-478C-804A-7A3EDC4486E8
date: Sat, 13 May 2023 21:49:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame C445
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=53A9F8C7-93FF-478C-804A-7A3EDC4486E8
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aGg0a25iMlotTWJTNHk0M3N5VWxLT2ZCdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C445
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTNBOUY4QzctOTNGRi00NzhDLTgwNEEtN0EzRURDNDQ4NkU4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

50ms
15ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:46 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C445
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFXmjx2EfJUpTRUdd39FrXE&google_cver=1

42 B
380 B

50ms
16ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFXmjx2EfJUpTRUdd39FrXE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFXmjx2EfJUpTRUdd39FrXE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C445 43 B
612 B 62ms
18ms Image
image/gif 34.91.62.186

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 12 May 2023 21:49:47 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C445
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1379965003804439536

42 B
244 B

16ms
16ms

Image
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1379965003804439536
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 13 May 2023 21:49:47 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1379965003804439536
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C445 70 B
264 B 33ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 May 2023 21:49:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHMISWPG-9-4I2H

0
651 B

173ms
152ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHMISWPG-9-4I2H
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:49:47 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B396E3A7702D400E94C16B4C0B02C4FF Ref B: FRAEDGE1907 Ref C: 2023-05-13T21:49:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7mjNESOBjq52IAmK2UA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHMISWPG-9-4I2H
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E0D8 70 B
264 B 34ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 May 2023 21:49:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/mtD_8R2N3Y-Z5Wh33J4KSQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-60jb1zNE2oJ67ZFSD4vx7X6Dj33F3kTYTe8txw--~A

0
239 B

14ms
8ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-60jb1zNE2oJ67ZFSD4vx7X6Dj33F3kTYTe8txw--~A
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 13 May 2023 21:49:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-60jb1zNE2oJ67ZFSD4vx7X6Dj33F3kTYTe8txw--~A
content-length: 0

GET

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E0D8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QqZTisKcRL6zC8g2eZiHIg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QqZTisKcRL6zC8g2eZiHIg

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhNSVNXUEctOS00STJI
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGJkLBnEuOkAk17jnkH8A3Q&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNSVNXUEctOS00STJI&google_push=

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNSVNXUEctOS00STJI&google_push=

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNSVNXUEctOS00STJI&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0D8
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzI5ODQ1OGJiZDg0ZDM2MjZmODg0ZjBlNDUzZjMwNDkwNTYwNDVkZQ

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzI5ODQ1OGJiZDg0ZDM2MjZmODg0ZjBlNDUzZjMwNDkwNTYwNDVkZQ

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzI5ODQ1OGJiZDg0ZDM2MjZmODg0ZjBlNDUzZjMwNDkwNTYwNDVkZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E0D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEcYI6vpAf3Hd1u1shWeF88&google_cver=1

0
239 B

33ms
9ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEcYI6vpAf3Hd1u1shWeF88&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 21:49:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEcYI6vpAf3Hd1u1shWeF88&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dcm
s.amazon-adsystem.com/ Frame E0D8 0
0

GET
H/1.1

200
OK

firstevent
unilever.demdex.net/ Frame CADC
Redirect Chain

https://unilever.demdex.net/event?d_sid=25453995&cs=1684014587180
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1684014587180

42 B
952 B

38ms
38ms

Image
image/gif

52.215.85.23

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1684014587180

Protocol

HTTP/1.1

Server

52.215.85.23 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0f9a952db.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0xbZ38HVSdE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-0e656d7cf.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3+wHif6tSwk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1684014587180
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CADC 0
0 76ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305100101&jk=367862464275285&bg=!ra6lrvrNAAYldGN0BXQ7ADkAdvg8Wh0otcT9xK8PvsCiu3cw0cVca000Q6aeqxsJeyfnyld_lx8ZZQH7ujRHjsMWnx-arGQzczICAAAA-lIAAAACaAEHCgAw2m9FDHYbDye-GYsqLIr7twga4-rwEyCqV94vIvXs3q_QK2bfDYlysvJZ4vFvvhLGmQK7mIwjNzmyD2mLhxVc-3TQY254iE4S81599qaTBFBxjyWqNEdYy-KIJ0CuW5IL26kvirezjh3UW9JZ1UoNlYj3c9kAWTMG5ox88NTcO8C9EgWv0CvXBx2zN0q2iQ-oOTKFxCXXNO9KaDYUlOI5MiCBKVMo5QvBtssl1R8paQZHONzLLpyPZI8IICV0CLn_xLpd8ZkaW2wqi2MxsJ36DlyqxbdWnea6-YBf3RxaHT9aYwY4laMp9PhOloEJyG_ZZR8s6b3bpPLyuHMrr27Ub-WHqp5mXcOtY2nrPKEeR9ZCQEnixsAWg7r6YhnhNxAn1DWgbVparvc2U3PrtYi-A6oJsqXT0pymhs9EEghqHCT-kr0jcddXVIT16PGQgKoerBJbLdpg3bk428PCB4O3QUerO7e6As8nXNmahnVHi0-pmXeZa4LaGvnieqN0WMfVvpEt4qfjGCWzbiB5Cm32S-0WbHAw2SjsaAzeu6yAdknbGKviDbl4ETtAS911uVx94yHPaZrP4aHX7CW3JZ22KnPRjLZUjpkQ0hW_CMAH9UT93BnLe_ShTM6xxjNxK3HvIVzCMGHIzGYz8JN4Qln7bDHYGHNDtLhMgdrEnRWRLWx7HUnauVxG_F1JYGpt56JyblAjOsrhQ_fBTp8oB8qBxmDNulDGOt0CNeFQizQqRbwq4UCJJMSoEZ5KmjWpJGciYcvhFmS7d45fpRiMpkR8aahmpNLbZUaKjWFKVCGzJc0PNjjsZX4glxplL62EDxLeNwe-fI-XI1LsJKo9Seu7OVuDZpWfAYXjNK914ITM78Cri-6F61Qw5KXok1toxUqYLISuMlpyxaJ_D0zk-qqLqDtH5LG8aWlw1krUzY6v1M2Kla0n6fVH1QCT8ZHPQi_DCv7Lzj3m5sl2SbQGJfLOGkg2jchRUpFEG32Xhys0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1684014583369&src=pbjs

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.html

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aGg0a25iMlotTWJTNHk0M3N5VWxLT2ZCdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QqZTisKcRL6zC8g2eZiHIg

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 20:32:30	Name: khaos Value: LHMISWPG-9-4I2H
.rubiconproject.com/	1970-01-20 20:32:30	Name: audit Value: 1\|naVuGyos1qrGVLjSiwZJHj5APvdogVCbaTd6KyMQnau+SmvwaNDOnqeZvuQ58OHEDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.adnxs.com/	1970-01-20 13:56:30	Name: icu Value: ChgIlrpzEAoYASABKAEw94uAowY4AUABSAEQ94uAowYYAA..
.adnxs.com/	1970-01-20 13:56:30	Name: uuid2 Value: 4710005064773880771
.doubleclick.net/	1970-01-20 21:08:30	Name: IDE Value: AHWqTUnjjji-iZGXxM79D8uenhk7xIP8_K33Lr31JTxce6zYPWOZO5h0Jg5X7-eIo-k
.doubleclick.net/	1970-01-20 11:46:55	Name: test_cookie Value: CheckForPermission
.w55c.net/	1970-01-20 21:18:35	Name: wfivefivec Value: eKvFdNyX1PXX7y5
.adfarm1.adition.com/	1970-01-20 13:56:30	Name: UserID1 Value: 7232787564286245008
.pubmatic.com/	1970-01-20 11:48:20	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 20:32:30	Name: KADUSERCOOKIE Value: 53A9F8C7-93FF-478C-804A-7A3EDC4486E8
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1684014583%2C%22utid%22%3A%227e785c1f89f212c24aac3f7c810017e9%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.bidswitch.net/	1970-01-20 20:32:30	Name: tuuid Value: c2f0f786-d413-4d32-978f-7dcad1e420a7
.bidswitch.net/	1970-01-20 20:32:30	Name: c Value: 1684014585
.bidswitch.net/	1970-01-20 20:32:30	Name: tuuid_lu Value: 1684014585
.casalemedia.com/	1970-01-20 13:56:30	Name: CMPS Value: 1209
.casalemedia.com/	1970-01-20 13:56:30	Name: CMPRO Value: 1209
.agkn.com/	1970-01-20 20:32:30	Name: ab Value: 0001%3Awrhmv6Jwb7GJ0GE3etiMPFV%2FzOobfS2s
.agkn.com/	1970-01-20 20:32:30	Name: u Value: C\|0CEAr8sJ5K_LCeQAAAAAAAQ13AQCAAQpAAAAAAA
.analytics.yahoo.com/	1970-01-20 20:32:30	Name: IDSYNC Value: 18yx~2bml
.mathtag.com/	1970-01-20 21:12:49	Name: uuid Value: 74726460-05f9-4d00-8655-a00aa42a999b
.mathtag.com/	1970-01-20 12:30:06	Name: mt_mop Value: 4:1684014585
.casalemedia.com/	1970-01-20 20:32:30	Name: CMID Value: ZGAF.UnxWjJJaUmDRkn0OwAA
.1rx.io/	1970-01-20 20:32:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-24af462b-e7e6-472b-a16d-d04536375f51-003%22%7D
.turn.com/	1970-01-20 16:06:06	Name: uid Value: 9150048427861829916
.yahoo.com/	1970-01-20 20:32:52	Name: A3 Value: d=AQABBPkFYGQCEJVZUWnN8fZFjW2Ii1sNtCkFEgEBAQFXYWRpZAAAAAAA_eMAAA&S=AQAAAivcDDlEHk2H2e7UYwiaSx0
.id5-sync.com/	1970-01-20 11:46:54	Name: cf Value:
.id5-sync.com/	1970-01-20 11:46:54	Name: cip Value:
.id5-sync.com/	1970-01-20 11:46:54	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:46:54	Name: car Value:
.id5-sync.com/	1970-01-20 11:46:54	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:46:54	Name: callback Value:
.ctnsnet.com/	1970-01-20 20:32:30	Name: cid_2bac93e06af9430f82294437f5cee3e6 Value: 1
.ctnsnet.com/	1970-01-20 20:32:30	Name: gid_CAESEBxUAMDLI9zw80AxAMvZYV8 Value: 1
.everesttech.net/	1970-01-20 20:32:30	Name: everest_g_v2 Value: g_surferid~ZGAF_QAJ30w2_wBa
.targeting.unrulymedia.com/	1970-01-20 20:32:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-24af462b-e7e6-472b-a16d-d04536375f51-003%22%7D
.e.dlx.addthis.com/	1970-01-20 21:17:08	Name: na_tc Value: Y
.awin1.com/	1970-01-20 11:49:47	Name: awpv14702 Value: 412871\|1684014585\|13195290-f1d8-11ed-89a2-223974343f8d
.awin1.com/	1970-01-20 11:49:47	Name: awpv20044 Value: 412871\|1684014585\|131b0040-f1d8-11ed-9d45-2261c3620022
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.addthis.com/	1970-01-20 21:17:08	Name: na_id Value: 2023051321494500082638842250
.addthis.com/	1970-01-20 21:17:08	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:17:08	Name: uid Value: 646005f9fac4b8e5
.addthis.com/	1970-01-20 21:17:08	Name: ouid Value: 646005f9000151db8b775322224af4c0c90c602f26023c71cb98
.dlx.addthis.com/	1970-01-20 12:30:06	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 12:30:06	Name: na_sr Value: 20230513
.dlx.addthis.com/	1970-01-20 11:46:54	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 12:30:06	Name: na_sc_e Value: 0
.tribalfusion.com/	1970-01-20 13:56:30	Name: ANON_ID Value: a8nseFw5EGiAaINQeEcZdhg1EJauGVnhyI62VbSMtwU2XQSPEM5kdCRBOaZdxOChmZchPi5UlNu3BS5f057WUWJ

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://hb.emxdgt.com/?t=1500&ts=1684014583369&src=pbjs Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684014583144&bpp=4&bdt=727&idt=295&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&nras=1&correlator=5224461814654&frm=24&ife=1&pv=2&ga_vid=68563826.1684014583&ga_sid=1684014583&ga_hid=1415874299&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44773810%2C44759837%2C42532089%2C42532185%2C44759876%2C31074512%2C42531706%2C44785294%2C44788442%2C44790154&oid=2&pvsid=367862464275285&tmod=942239543&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.lg07cev6kelf&fsb=1&dtd=308 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1g09mtzf1cta6pbw3ez997fr33c1v5rh47c1w8813deyhcjavk88k5b96k3vez5tkqa4s4x6wpa26yf21gp1ab40648gcqnwjshkwa1k737cp92fkfcdngghqbqtrxzs3acm5ckxb9za11fw52rvxk9q5je7yeq30ac874e7j2w3r2nwq6nj2vswygexfhqqt5y55kc860z1bpnvnhngscmxfywy365jhwxxpycdtxe4dmf1dr8sn2sj8fr89dsk5nvyd0xzt4rkq8gdjj64t95t1vzwkxjb3817apm1tsx5z4nvjzpdxfvr3zbzmz42pcj9mqgphse4szzxng59tg0yab58sjq6gmsmnbmr40jw8zzpg1yw3925yxbqzcj35zrvp9eq85mxpw8g6xq79hbp841qzz5z91g2dez1s3js8zsyypvc05s5arbb0a8e1ygvanycd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kbvbcwg5gqey3nzwy7hhkjrz04x4vq7rhxp0xay54nqq4zs92qfyaxtdb531cpd010s0qp7h46g1adybx560b7hgq8m1yxayexgzdmygb6yh4t7vkynwg5ctd2x284cy8y1nh9c79x3hnrwnyc23eq7w9qxf5na7hx31khre8mwxk07rr07ehv6jj1dyjjneg4wn1rjvnnqypd9jdza5qyww7bp9382r9e21mc9pkxmd8xjbcy3px5ate59qt7srjxaskzvwm12bae1bjf30t5gb51r8aenpxz8nbvtxv1d5xgy7dem81cjq4kgt619g5p78j9gps7nzsaqk65y7p5ezdbxfhqhenkj1gmqmr8tmv7d2jygzdjcqm23jjb5xcpx5menpb7236v6akyzvxb51g75bwc8kyfxche8m0ag9dje1m3xfebe0j461h5tyc8a2sgvcz10&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=052d3228ad89aec4bd57a0812e1afcad%2F3176637530435809286&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585177&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm0vyw9h95vys60mkgqjw919t1df2a0gzebaednk40ydgv23bcf6bq2410vxgtq7qdcan455f7j0q553hv4tsx03ayeh3fxr31b4zckryjjfqnppb6s2wdc23jwhtseewhnqvfa1fe8cypc4f58zsyazk7656gp3kd9yq86pvhbyb5t4t93wqvxx8hkcftfszg0g7g59gbzke5hrwg2e3tnzedryd7xejwymseqhmx6c50x0423y3zw3sdkm204qfxrsefarsdfc9z7zh25cqyyzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXOv2-AVgZMK0FZGg9u8P8vyl2AqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEnAJP0O8vlvwPyxDVB6UOazFF7H0nfU8pctQUjibt3llPfNMaKfJhQEcQQcqkVq5BvHDrE4u_7aQ8lRYSXBd4mgW4xc75l9jcUOGHjVhmOOhLQdvNuZDy_5FZnI6ouQ_E8YnSbSeqNlf4Fxh4impRoTpPiG-p74wyqc8-W_UwK7t7_HqfhcZ-qnXHom2_25bOwefIlpLzyM0SWPKwWwd1ezz06Hp9h2QSbkLyPpvp9SuPOm_aIXSdQJuVcK30kIojTLvrneP10iM_nvi0j77SeyUtI5x_kuzPL36GDfeO6CLOoo3GKx4ZJmL_s--3M1p6S7QnBr_xndhypLpCfGqWD2v8vceUGsud4NS1Wjbf1Ae5EJc6m0S7FOX7Gr3A7OAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2m4bywos6An-s_p7SRb4P3_y7wgg%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker	error	URL: blob:https://googleads.g.doubleclick.net/cf7851c9-3263-4bce-8f91-9a5861a569af Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/cf7851c9-3263-4bce-8f91-9a5861a569af' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/cf7851c9-3263-4bce-8f91-9a5861a569af Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/cf7851c9-3263-4bce-8f91-9a5861a569af' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=300&d=250&e=&g=d9abfa7102a2360418437fa7359a2e81%2F12347032143117287939&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684014585424&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g33759a0j4thfchssy02frzya14nxe84f6w6apqk62p2d1znjwm8859btnam4b4zpdfqrhj2nc276xakjt9mdt1kh23x8tjfc5qt0np0y8f2gr7wtdyngq5pa8gp8ptne785b51x2e6z0a4av2dzje9nfs23jb32ymxqs1jhr9e3adrn80f4nyjcbycejav5gdw8dhrjkktcwsz5eb35qfmnx8ngsk4d3p9632j3p63c5h8pzev8da4jrr2k6zqg3qg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdpasxbgyes2jcej59p63a46b6bpfz4kzjhzez7cnzem3vw8yjrjwccet5f5j9fw07r79t17pr30whp93yg5x3g9z80qmkc05sfq68z3sap7x720htvpwhv65mqerrtt63hjj2vn60j899kf2pt6g1ks34wfdds294jbf515pkwtx97ayd3vccgxtk0fcveyqeaz6nnc56y6tp7g8jhv4c3dagf8dw5r8qvhxryq9rr6fcb3q6ghvr69jy3c6fw5seesxs54amqenmrrjrcbr0bzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXtU0-AVgZLe3IoKm7wLd_bugCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTWAU_QbHwp82ntYLiNzSy7k0tcGKGRypby05noDzqvd0OA5BTc-Ch7XcNnfOFMyAFbmatbDv7QiAwqKEZZkxxdNiauQiwlNIXE3vZCUjqKmLxLccIlWZL_z0v9_f4S9LDPC-xPlIRgv0bKwVOywwfjxKO1KdAhuHk00FWbehHouQmgcsBCz44Pzg1aQCWSl7_zVxYgFJBbMBPd1HaDE6uGLJdwMK98ICjmvAstTMHN153XEtB9jCsDawLqOo3WVHX_5AVUSsfm3-5N2Qy3SWGZvATiAKD1uwiABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qNSY48r5DBue_C-N8fMvmCd7oEg%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035 Message: Failed to load resource: the server responded with a status of 429 ()
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53A9F8C7-93FF-478C-804A-7A3EDC4486E8&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Message: The resource https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Message: The resource https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.w55c.net
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
connect.facebook.net
cpm.programattik.com
cr.frontend.weborama.fr
cti.w55c.net
d.agkn.com
d5p.de17a.com
d895f1381b8d8b875cd29c6921953566.safeframe.googlesyndication.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
ius.ctnsnet.com
m.addthis.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
r.turn.com
rek-n18.nktcdn.com
rek.izlesene.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.h.w55c.net
s.tribalfusion.com
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.inmobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.hspvst.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
unilever.demdex.net
ups.analytics.yahoo.com
v1.addthisedge.com
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ye-mek.net
z.moatads.com
aax-eu.amazon-adsystem.com
biddr.brealtime.com
cm.g.doubleclick.net
hb.emxdgt.com
s.amazon-adsystem.com
s7.addthis.com
104.111.216.120
13.224.192.181
142.250.186.98
151.101.2.49
151.139.128.10
154.58.197.185
162.19.138.120
178.250.1.9
178.250.7.13
18.133.36.104
18.135.126.181
18.196.211.71
18.64.140.4
185.29.132.245
185.64.189.110
185.64.189.112
185.64.189.115
185.64.191.210
185.7.176.218
185.7.176.221
185.7.176.223
185.80.39.216
185.86.138.152
185.89.210.90
192.229.233.53
193.0.160.130
2.23.197.190
20.127.253.7
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.169
213.19.147.44
23.210.125.176
23.32.184.180
23.32.184.192
23.35.237.151
23.56.202.187
2600:1901:0:76b9::
2600:9000:2127:3e00:1b:5138:8a40:93a1
2600:9000:218d:e200:1b:f040:3600:93a1
2602:803:c003:200::21
2606:4700:20::681a:9a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:19ad
2606:4700::6812:272
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a02:2638:3::7
2a02:6ea0:c700::19
2a02:fa8:8806:13::1400
2a03:2880:f083:9:face:b00c:0:3
2a05:d018:d29:3602:feb5:e693:bc09:7eaf
3.67.108.165
3.75.1.114
3.75.62.37
34.102.243.38
34.111.129.221
34.111.131.239
34.250.212.34
34.91.62.186
35.157.146.5
35.186.193.173
35.186.253.211
35.241.45.217
37.157.2.229
37.157.6.243
51.89.9.252
52.215.85.23
52.223.40.198
52.31.191.243
63.251.14.14
65.9.95.123
65.9.95.127
69.173.144.139
69.173.144.165
77.245.159.14
85.111.6.48
85.114.159.93
94.138.206.83
95.101.149.35
002f1235c6484b5b45d65e285ac9623a469f9428889d6b7baa1b698593679321
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0183f8a8f97586c18fffd7e1b6576aef66dadc086af955e25432c813d282a343
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4
0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05b9f05936fe32fe96636c2d8143a0b759b1e4af43743a205e429bc64625710b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
09e71a55b96e55227518f8a75ccfed95462bccae6d41a7e776691775f9687238
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2042415315e2e6c83d432dfc7861a479c465ca33e4ae92ee72da92c1766fb2
0c23f6a48bd83f8880c0b081d28bb96a001e5af3fab7edf77c9a79dc0d96e188
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
12ecb0e55747b4449fbdaf5e5e91a9023844eb4ea6131773d457675019ac6251
15bac7f67ec8659a6d8ca88792a5b63b0887ac54e5ea46c34d2832f029446acf
1805b1653dad550fbd03e2603d7642e0d00932b30c4bf990bacc5ff7077953f0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f
20018c09714ea0f3101b7fc7f1fc0f00125fc5998c0f4fe09272d90c904061e7
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2102803b8dcbeb86decf333ac756d87831eb7c764910e4beb7b83109bbb423dc
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
25b0fc18fa46dfcb28fdab9b486f78a11dc35790fdfc410b1af2c062410e14d9
265bef9dab46c2b5382aeccf89156ee653960894ceaef2b2973a351a598b8cce
267e24c6f0375918a6373dd89665b7fc044f3890a589d2b0b5c53b6b7bdda315
2701043b696fd5d6402c4d1f822094fa76147dcf0abc4157faa81e32bf34aaa2
28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea
2901b2ca5b6d9b061f062dacc26083909055eb585bc49f9d623deaf2e900e89d
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee4854a38ad37b61a8727c71e98305037bc4711d65f4bac43420986b4c9455f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e62e0b092bc9ff94b2b8e841ae9305955b398a7cd80116a4d79bc9fe3b6e39
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
343cd6aa06aa2b77454dbfd568635c4d1a03a256b65bed38ca44e6ff0209d3e8
36e34de84ff3c4b14b5aff9c5072b9552b86918290dd3f5c39b616672f80437e
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
388ad953d1a2fbbdee2a7467bef61f7c1d2aecbeedbc7d04dd171570a20e74fe
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94
3c7873a1453ffd0b085f7df8994281282a598e338d399b7042d36ca17d4da357
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f8d629de1ee84c6373a4ef069114dde822abf3c8836734f623d3805a06b5e00
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42daa728355b86a973c01b68e6a6a92cbfebf8cf1dccd834822af79f3d84c556
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43204d58f6a24cdd36d594f28e4dc0f9ab0f5ad29b4a166bb6d5f3c16756636f
44524ce857ed39215d384600ade5aa4bc605ac8b8951398beae0ffca3f3cc659
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47ec9f426b681d7b2dc866f34d4dc6b2c0c558a3b162994bbbf20d46daf878db
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c510fd8c5c5ccbe9be63baa32332c3b276a2c59ab7a4978b93c2371e3258510
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3c9219acd9ca11fcb6f32daaa79fb50b46fc9592e12c4c6c41f8f9e5b0ac72
5012d926f7e232f5779eceece6dff5fc6061d45e5c1fa23042d4a1bb837f47f6
50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0
55551eddb075a142b33b1bf7b5cb65981a38aeabcc11a31c5fdca58efabd3e06
557005b07e3a4d87e41c8b32e1f26cb0266715f2c65d1d61502e461e2964c198
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a835c5d836b1cf5fa67347fc236c0f29253d86d07a7169204e7be865979f09
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
58a1d9e6c7fb6ee7e473df96e2c87cf8cf0d85cfa8e829463100f2e791cc6a73
5a5ca7849d87a28554ddc05be8ef1cc663d99a2aa40d7100e5ad1de683569188
5aa2370fd272d30acd5cb39f9b191a243d55a2adab6f0d7ff1950c39f028d331
5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491
5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738
5fcabddd145dec1fa28617362440eb2537774cfbd43e8a72b739446aebf689f1
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
6781c62e164b88da426379f11b224136e5c2304c6a31d652af03a33515a3a264
67c97c75fe9d3daa0e1c32ce6444440634c28048156b3d9719caaf143c3fa6c8
69a216b4db7e3a2b5f9c8e79270bad9e1b4224e0542f50ca2b0ed468444c08fe
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
782f9af14580affd41dce037f614897034dedf3124bd123ed471eb0c2f5a4f0d
78aa3d973a83de17d8b856934f19a2613483fbfd3cd2b6c5bc50865014924659
795ba9bf641463c20040cbdf9012ecf9ec13eef75b2a942872578b82b305b7b8
7b39c20824e748a8315989032c934627f3eb7f8be39717db7282f21d3bc1ec8a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ba27913161d377216951f272f6e07028fb541c374eedb19939dc564100ca021
7dbb38a1a8aa51e4a4ed0038e0f6adfb911858030fd726275b6c8a82b391b183
7e30b71313eb2d6aa00f3a94a8c96d3622df566e1095c1aa51ad014c9d5b56f1
80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
878de60769bec438439f67e4a6facea40f500e79c90118ab9137415159f0f003
879ae7bc7101bb41ed1115bdc0acddffcbab22d393dcfb0327f989ae728f0fea
88400ece0824eb5322a437984edfb5b0c752a92af7efa7d5970fcb161c8721eb
885b3db13c38792c0b9550a4953bd44c906df00f3fe4a2f0ad76ccd419e0f09c
8b37b176ee99b8f80b61a2e3b839f87e9dccbdfe799077b67f5e3698bd40a07f
8bb1f11b33513eeb6cecb02de3ad7a28953aec48e5cfc7145e7b53b4e576b046
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90dec89369d64e98c561b6eebf4c986b0e41f155b6524927779ea55ac632ba4e
9257f817594a290c2ca86da071f2e7052e01eab3989f99fe4daa47b9328fdd3c
95bd2395464ef8f12e83461e82515fc342ca683b0b82224c75859de8adadb132
9650a7e132b3eed7d44c3753d5734c276c859bb530a0633a81a50ed8c01942f5
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
983d5108c0a060b4e1fc208c4313015045fcbd65788c410f8c82871dbb7c2e70
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
99cb2e33917289977b17e739b5597e0dd95bd2d3230c987161689b6ae236bf3b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa75ddced4634afecb21268d1818d575393964de1e55bd0b3cd96c0ff5f7036
9b38d88b1023d2badd893cbb744210baf4a8f01a2c36f2efa8799dd86440cf2c
9c4c77712c179af887e4be389f1d5a4407a5da937f296ecff64f0a391c15c319
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad
a04711f67d0c286ce57f421c4372cc30c91e9b57dcbcce61e2d6d56eb991ba16
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a27d43361ca15679e2b0b5911036b21cfb767cf73efa866329e53815b064c1f4
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52a69704652f7261a3f3664cd687babce03765af948cf237a247e4e97b9e800
a56d653c8ebfbd05aa525e7b528407e9da019eebd47465af1114fd94233dae9e
a68c838373d2c5ccfde545f6b49b8cdc40af29a83f62e848a09bbb9d882e3f22
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a836d01527415c3297ded2d0ccd19692d8d16a8823261ec49ef03a6ec1f2cd03
a9baef98a9f2b4098a8e9e4c62b30f1d89054be3b7dbca5058a7f13fe95a1887
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
aa5c37bbcf4d384515025a17b54788595400c937f94fa3b59a40bf8a73b632d2
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acebe1d8f0f6e2238421115b044649a3fe25a49b2b60b7097be09dc3618d971c
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b0074d1b033dabc05703c91e43fd908c56513285440be1883ac9e850e2318dd7
b016bea34770f8247a6eea584435db123378042126b757749f934d3e66a4c11c
b2614739e5032eef7a58aa35faf7010861d20c62b93b0e8d42a1e8d0a2a7ffa2
b3487493fe130a7c5fd02e5d4568d85b5aea1b549db0799d87e088cda9b0da3d
b35f9d9addc149acaf7b5584296e9ba2786087b1af7661ad8290a171446df6bc
b5343e342183c9d48f9abe8eaf2cc0885268be08bd24bd3b8855a2b2ebf27180
b5de1b2430abd27f9db06143f6a4734c3f89e96de9fec7e0a658a738183b21f2
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c162654fd41397ba148ddb6c357b0659c843c1cd76bf366c1dbec08eaecc9bf9
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906
c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b
c7a8cf463d8af865cc28bd6d81d41134e809375632eef8823768b460ce8e6e7c
c7bc8098c1b013492c04c1f333e56d3980945b0882c7f57441bf0688362eef29
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1
cabcca2a301047fe044c52a4c75a169cd93827100011abbb89b9e7106dff21c3
cc293992814b485909a9e35df9fa4654590b6280c140f44b33fdb7ce089367c5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5d15aa91ac6d6ccd06ddcf375983be7283bd8bc7a441f82113deb7b41f2743
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d3b45b06882fe1aa9b47a8d88df978f19ce55a249840cc1b44eed3974a0fcd6a
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb
d417c17bfce3dfec57bdd3b2d008fb4c6b3080107b3176d8e96c7ed80544622e
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d823485c575eea7e16cd00971760cf2d287c1a323f8ef754e601872d2d7278e6
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
de96f4dbfb1b82ecf8429d07b7b24d93d2c64414c51b1ee54d42acdee2653c3e
df646ff35419e573335fbc000d6851e36e8cf171f0f4edb668fce4ca70cc06c1
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e3051062f96a1e43ca0288371519aeab5fde072e07a60ddf6e3082fae1ae3584
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cff69face0b2111b46bb2ebcee80a0c55ee03a9812561ca14fd3c4f24b3155
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e28786e68ee9365dbc5f4b39fa49358367e4371322c7bfc70f7b016e7cfed3
e604a884a3145d5f555ba8d0a20ad7abd015724232dfbbbf749ddc23445df746
e69c632bae2be4b1b6fb037092335684de67adc0f032c7a4e18553a8e7543ba8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8f206722d43879dc706b4270e95add2fb8ff20785b9ff7c2bf2bab8f4012435
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3119241b70c717a03d9b1fd22756103beca92c2d88a1e38e1dda588dbe28429
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5bde439f5e72e4ab133dbb3434e5d8705e60ae119ccc11d71eec5a386f5b700
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
f973d75ead19729433907ba993cee75784ac0ba25a5f229c3091e7f45966b1a3
fb9ee137734c9d4933d908d02325dc37c4dd86dd58614a2c7d9d5a01890aefd2
fcc58cc9d4be09fdd40a74ca3a453622a269f2bdd1c598a863f54d2bd07a2126
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fff874a7f8a3308b64a56752b45cc037f2cb2d8c5d465843e04ea65190158c72

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

403 Requests

87 %HTTPS

35 %IPv6

70 Domains

111 Subdomains

80 IPs

11 Countries

8952 kBTransfer

15426 kBSize

49 Cookies

0 Outgoing links

Redirected requests

403 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

403
Requests

87 %
HTTPS

35 %
IPv6

70
Domains

111
Subdomains

80
IPs

11
Countries

8952 kB
Transfer

15426 kB
Size

49
Cookies

403 HTTP transactions
9 data transactions