pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On July 07 via api (July 7th 2023, 2:24:38 am UTC) from TR — Scanned from DE

Summary HTTP 349 Redirects Behaviour Indicators

Summary

This website contacted 49 IPs in 11 countries across 57 domains to perform 349 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
3	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
21	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
22	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
41	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
32	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:205... 2600:9000:2057:6a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	52.58.72.45 52.58.72.45	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	18.203.168.4 18.203.168.4	16509 (AMAZON-02) (AMAZON-02)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3 3	3.122.44.22 3.122.44.22	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	185.29.132.241 185.29.132.241	() ()
1	98.98.134.242 98.98.134.242	() ()
1 1	35.186.193.173 35.186.193.173	() ()
3	2606:4700:20:... 2606:4700:20::ac43:444e	() ()
6	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
2 4	104.102.45.165 104.102.45.165	() ()
2	2606:4700::68... 2606:4700::6812:7f05	() ()
8 8	142.250.181.230 142.250.181.230	() ()
8 8	84.200.5.215 84.200.5.215	() ()
4	167.233.13.224 167.233.13.224	() ()
1	18.169.161.72 18.169.161.72	() ()
1	18.66.147.52 18.66.147.52	() ()
1	99.86.4.36 99.86.4.36	() ()
2	3.11.66.180 3.11.66.180	() ()
349	49

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.72.45 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-72-45.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.39 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.168.4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-168-4.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.44.22 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-44-22.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.185 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, ) 1 redirects

ASN- ()

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:444e (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.45.165 (None, ) 2 redirects

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7f05 (None, )

ASN- ()

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.230 (None, ) 8 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.200.5.215 (None, ) 8 redirects

ASN- ()

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.233.13.224 (None, )

ASN- ()

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.161.72 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.66.180 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	928 KB
71	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 ad.doubleclick.net	411 KB
43	ye-mek.net ye-mek.net cdn.ye-mek.net	645 KB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30069 ad4m.at — Cisco Umbrella Rank: 9754 assets.ad4m.at	1 MB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 81866 ng.virgul.com — Cisco Umbrella Rank: 65490 ng2.virgul.com	233 KB
18	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10 mts0.google.com — Cisco Umbrella Rank: 4234	19 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	204 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	504 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433 imasdk.googleapis.com — Cisco Umbrella Rank: 500 fonts.googleapis.com — Cisco Umbrella Rank: 88	216 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 148578 static-de.ad4mat.net	11 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
4	lead-alliance.net 4 redirects www.lead-alliance.net	1 KB
4	telefonica-partner.de 4 redirects www.telefonica-partner.de	1 KB
4	awin1.com 2 redirects www.awin1.com	3 KB
4	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438	62 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	webgains.io analytics.webgains.io api.webgains.io	31 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	925 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	3 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 422	1 KB
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 782	2 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 469	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 812	1 KB
2	blau.de partner.blau.de	3 KB
2	o2online.de partner.o2online.de	3 KB
2	conrad.de www.conrad.de	789 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 613	2 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	140 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2409	811 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485	2 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 922	150 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8041	907 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	207 B
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 136022	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 2090 feed.pghub.io — Cisco Umbrella Rank: 2360	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	88 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13228	6 KB
2	cloakan.co www.cloakan.co	1 KB
1	webgains.team cdn.track.production.webgains.team	15 KB
1	webgains.com track.webgains.com	2 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	613 B
1	sitescout.com pixel-sync.sitescout.com	187 B
1	mathtag.com 1 redirects sync.mathtag.com	733 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	576 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 982	245 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	464 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374	460 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	543 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	440 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	173 B
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2484	361 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	81 KB
349	57

	Domain	Requested by
41	tpc.googlesyndication.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com ye-mek.net googleads.g.doubleclick.net pcloak.blob.core.windows.net tpc.googlesyndication.com pagead2.googlesyndication.com
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
32	cm.g.doubleclick.net	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com googleads.g.doubleclick.net
32	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com googleads.g.doubleclick.net pcloak.blob.core.windows.net ye-mek.net tpc.googlesyndication.com www.googletagservices.com
22	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com pcloak.blob.core.windows.net ye-mek.net www.googletagservices.com
18	assets.ad4m.at	as.ad4m.at
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com googleads.g.doubleclick.net as.ad4m.at ad4m.at
11	www.google.com	1 redirects a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com ye-mek.net googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.googletagservices.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	ng.virgul.com	static.virgul.com ye-mek.net
8	ad.doubleclick.net	8 redirects
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	fonts.googleapis.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	www.lead-alliance.net	4 redirects
4	www.telefonica-partner.de	4 redirects
4	www.awin1.com	2 redirects as.ad4m.at
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	ng2.virgul.com	ye-mek.net
3	static-de.ad4mat.net	as.ad4m.at
3	d5p.de17a.com	3 redirects
3	pm.w55c.net	3 redirects
3	eb2.3lift.com	3 redirects
3	ap.lijit.com	3 redirects
3	a.tribalfusion.com	1 redirects a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
3	prod-rtb.ad4mat.net	pcloak.blob.core.windows.net googleads.g.doubleclick.net
3	secure.adnxs.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	www.gstatic.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	ye-mek.net	www.cloakan.co ye-mek.net
2	api.webgains.io	analytics.webgains.io
2	partner.blau.de	as.ad4m.at
2	partner.o2online.de	as.ad4m.at
2	www.conrad.de	as.ad4m.at
2	sync.1rx.io	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	ups.analytics.yahoo.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
2	match.360yield.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	ssbsync.smartadserver.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
2	x.bidswitch.net	2 redirects
2	c1.adform.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	dclk-match.dotomi.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
2	mts0.google.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	gcm.ctnsnet.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	rtb.openx.net	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
1	cms.quantserve.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	dis.criteo.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
1	imasdk.googleapis.com	c1.imgiz.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	s7.addthis.com	ye-mek.net
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
349	77

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-07-03` - `2023-10-01`	3 months	crt.sh
www.ye-mek.net RapidSSL TLS RSA CA G1	`2023-07-04` - `2024-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-15` - `2023-07-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 46 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: E8DF221106B3EC80C8AC362606EA7B81
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 636F09649AEF732F128D230C0CD7533B
Requests: 95 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 945F841429BADCB4E24FAB1198A1DDE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html
Frame ID: A9054C48C8CC8C432DA4B05C8E53788A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696674337&bpp=3&bdt=720&idt=117&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&nras=1&correlator=8202452768800&frm=24&ife=1&pv=2&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31075816%2C44788442&oid=2&pvsid=1511131752530672&tmod=1165983658&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.bci643v8r1mr&fsb=1&dtd=133
Frame ID: 9865C45C262E291466EFB5404425E13F
Requests: 1 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 28EBDAC63DA823085F2A4FF8C8764E8E
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 9FFC9BDA967DAB71363BB47E50365115
Requests: 1 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6B160ABC16E353A8000EC4CB5BDD449A
Requests: 12 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4907026F7A1D0BEEBC0ED2DA471550B2
Requests: 13 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7DD09CC578D65C88D199C216A8E44D9F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675061&bpp=9&bdt=127&idt=198&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&nras=1&correlator=5080265833044&frm=8&ife=1&pv=2&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.z9eyv86oycdu&fsb=1&dtd=213
Frame ID: 480DEBFACB0D970448B6572FB37B4FE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675082&bpp=3&bdt=157&idt=199&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=4484533912113&frm=8&ife=1&pv=2&ga_vid=678825474.1688696675&ga_sid=1688696675&ga_hid=898738081&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=131074735&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C42532278%2C42532280%2C44759837%2C44759876%2C31075780%2C31075824%2C44788441%2C21065724&oid=2&pvsid=2487041221584005&tmod=1801550151&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.jcyiivk4zojk&fsb=1&dtd=215
Frame ID: E6170FFAA85ABBD321C4614A84EFB358
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 572B1D8C1EBEED4666F6B43F7634C462
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791085&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675070&bpp=1&bdt=136&idt=264&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5080265833044&frm=8&ife=1&pv=1&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.lo53mt6aocdy&fsb=1&dtd=272
Frame ID: 285964B456EF04B0E8C3F7734CF01F25
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675085&bpp=1&bdt=160&idt=266&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4484533912113&frm=8&ife=1&pv=1&ga_vid=678825474.1688696675&ga_sid=1688696675&ga_hid=898738081&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=131074735&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C42532278%2C42532280%2C44759837%2C44759876%2C31075780%2C31075824%2C44788441%2C21065724&oid=2&pvsid=2487041221584005&tmod=1801550151&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8meddbmt6yin&fsb=1&dtd=280
Frame ID: 9FAE44C6B25F381B313859887DD65D2E
Requests: 1 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E949EC5F97364D999555F12EBE9C141A
Requests: 17 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6359048522549078B9BA4769D8AFAB1D
Requests: 10 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0007ED158909A374B0B3AE00DF37E30E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB6079349145EDE6B6D6DDCF16F79BAD
Requests: 9 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4829D1BBEE6BD362EC39D48F5D991DA0
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 7321C12B5A36D08AB10329B612595A74
Requests: 17 HTTP requests in this frame

Frame: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BCD091317FFD3F3184FD9605D221BD8A
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kbpz1kkqks41ka7e8gh1m9jk63vh8pxrh96aksxd59646sy65ymg54s7f9y3e19de3ptpp9nevecc9cs75xtzsezjhxfj90td0s0a6ppy8dzqvqcp5cftv6j50bbxhpxw05ztfb228wjwvkkm77xnwex8z4gb75dfhwkqfphwkegn93rd6s556g8x3sxc0vk1xgctpyyekfsagpyca3t6j2thr4f90y7eh6vbg915yv2wwc7vxm3f215z0d7nrx59nw2dt9e7w7cdzp0g492w1hx96p6sy2sndgfd6jc92t5thjr15n8dp54zrah50fjk7yt6sy6nghmch3re2gz2trvzf88gbwe0qb0qy0c1brtgj01k7wzbzf7cwxghxtafgch301chp465p75v9d1pmmar31wr8gbaksw7qtb2qfavkne77q4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: B02A64F39841436AA4B39F17E350EE33
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3348F56A619DE41D444AB80372125F18
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1knbsar9m31zq0584kpr746pf1v1scswsqr8sxvzh86hvm6vvfb2nw0zggb8vr7smaz279qfsv2q99hebqddfbxkbf7s5p60hh7yrtv62w66wse5rte7dk11gj5pyqss4ys5efahya3pvg3fprg8rr2xsfxty6wfzdycf5d79fbc1zbp2t83hkcgw4qeq9h1yjvradgstcydfbxgpthqbxctm2zddfhbnt96njc2qhnfh74j95nkqzmrm9b561ntvwtatern83n5ms40b49zpzq240gj4hw5vby1vyccy6yt0j1f8k6wpjr42sanm01spzsj86dqvxtry8mc41x77mzdrzf0jyjx52rdvdzb7829yq9f0rrbtycp1ahnzf0fyh62szsqtx2q43zrtbckd97jwxyvx4ezpc2qx3hd5xzyda7hq0ww7dc0v17zgpbj7ffvmh0s18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: D65C09E45F3F1F3825A0274DAEBED181
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 112757A578BF008418F3E572A992DEC6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html
Frame ID: 6DC0A7B1CFEFEA538C4010FD0DF3DB63
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE1693FCE68880598EA0232723B96A22
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k567q4fzn0g5n88dx6e3agyk577k8kjhqrh361a18ygg59bjb8jj1nxs0egqd5h3gh39kmkbmpgk2pbz03q93qgwmkcv3n2e2b23pt24h1aad0rf3d9k4hkxmttg9s2e7xykskqye6kegthkphptkpv0e43wc7pygr9nr6am9y84yp6h5fjpas42yk4yq88n84d0d4cvqf9djzgscmx2p9ex04hfh6vdn9jt62mwt5vaen8gvkjpy5y82n6t9ma083w7aamath442dp0vd46h9dtfm6bnztnqtbrpfaw4czz1e98cq8fcn9ayk3k4k28p5ze5pvnwkfbbq8ene06tafqqscp0n2cw7newv13b41q11j552echtd9xs9sw2qtfcr084a0x2zzars2mjdmz2jstzsy6rvn9nknv8mpgm2rjkyzesyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 928C4E1E9938D798CC8496CA54B4CDE3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD73B728EDEF854D178346CEE2171975
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA9ECA03E7B809418F1EABF7140AB202
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 6291F7447BF88E0456E9281AC5A3B847
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A4FDDDBB8F4752153F4BBDAA4BE6113
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6909527F84F71EFE4955EFC00110B935
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 6DA7FF903AF3D8F836A751873135C361
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 24C8187434D5A73FE65603C6F5B76925
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FF12971D2A4C947895C5274329BBB593
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D0240DD43D9ED59E726285421953CF3E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 3B783AEB85E945B661B9931B206B78F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 830BF741D056DAD43C44440288F739A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69C12B9B794D1A9AAF220B51C400E8D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 231061DC4DB857A03DF05BCB0FA72384
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B21C5A36BDF4FD529889C86D41DDD6B
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: 434A1677E95B4F497871AA114115624E
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: 1B77C2860D4D8428E246A6F9181BD738
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 069C0BCC6B4D02A385AF201095FF3327
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

349
Requests

91 %
HTTPS

38 %
IPv6

57
Domains

77
Subdomains

49
IPs

11
Countries

5007 kB
Transfer

11305 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBZPWVnOKCoORJ5wy_GoZx0&google_cver=1&google_push=AaAOQGHxt5a3UhRRC68y8e1TaS-lA81gxKLJ4Ky4aayR6Vwd2lUfnJipeKeOVJVIDA8g-NUtD08fhlf9lWfkWjY6aGuFEw00v8M HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHxt5a3UhRRC68y8e1TaS-lA81gxKLJ4Ky4aayR6Vwd2lUfnJipeKeOVJVIDA8g-NUtD08fhlf9lWfkWjY6aGuFEw00v8M

Request Chain 134

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKpwssvkGjnB23rxZNPK7dc&google_cver=1&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA4WIJNAa_rshV-TWZUA9xRTW8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKpwssvkGjnB23rxZNPK7dc&google_cver=1&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA4WIJNAa_rshV-TWZUA9xRTW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxMDEyNzgyMjg0Mjg0NDQzOQ&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA4WIJNAa_rshV-TWZUA9xRTW8

Request Chain 135

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEATIvRD9BR-NMOlWrKwHroM&google_cver=1&google_push=AaAOQGEMp-ZkdECms8I0zyyZcpKsvvldL75dSt7MItk2fU8shm6irvjb4v45PtoTkXBupWhHB7QP64jD3cwSqk7ByzpVXYfnJA0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEATIvRD9BR-NMOlWrKwHroM&google_cver=1&google_push=AaAOQGEMp-ZkdECms8I0zyyZcpKsvvldL75dSt7MItk2fU8shm6irvjb4v45PtoTkXBupWhHB7QP64jD3cwSqk7ByzpVXYfnJA0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEMp-ZkdECms8I0zyyZcpKsvvldL75dSt7MItk2fU8shm6irvjb4v45PtoTkXBupWhHB7QP64jD3cwSqk7ByzpVXYfnJA0

Request Chain 136

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDYvCsVIMPp0cOh2G0MfynY&google_cver=1&google_push=AaAOQGHu6ox5Hs_pVbywwHn_0lrd1XbbndjiyKRDteruOrpSXcozHFkGqwJDjSr0PwSaDY1XasRWRVedGfrjP3ZxgRcZ4GXIvGU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHu6ox5Hs_pVbywwHn_0lrd1XbbndjiyKRDteruOrpSXcozHFkGqwJDjSr0PwSaDY1XasRWRVedGfrjP3ZxgRcZ4GXIvGU

Request Chain 137

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI1eUSkQJL16BMuiarZ7AzU&google_cver=1&google_push=AaAOQGGcru3IKqNXseQKxkClH2stnhURCd6WyxzVpDbdxwBteXkYnOVuygp2DwNZUEUpgBpOfhr_lOg46GR-TCnHo8KisXMYGCc HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEI1eUSkQJL16BMuiarZ7AzU%26google_cver%3D1%26google_push%3DAaAOQGGcru3IKqNXseQKxkClH2stnhURCd6WyxzVpDbdxwBteXkYnOVuygp2DwNZUEUpgBpOfhr_lOg46GR-TCnHo8KisXMYGCc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESEI1eUSkQJL16BMuiarZ7AzU&google_cver=1&google_push=AaAOQGGcru3IKqNXseQKxkClH2stnhURCd6WyxzVpDbdxwBteXkYnOVuygp2DwNZUEUpgBpOfhr_lOg46GR-TCnHo8KisXMYGCc

Request Chain 215

https://a.tribalfusion.com/i.match?p=b6&u=CAESECczweLzzqGODqCw_MDmSlE&google_cver=1&google_push=AaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECczweLzzqGODqCw_MDmSlE&google_cver=1&google_push=AaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEP7T04_0mxV14RBIzowwFsQ&google_cver=1&google_push=AaAOQGFtdvmHTqyxEvTPxy5HTZsDxTl1HArzUP7zE6MVY7t4IeNP-unqkJLB7pfYFkuak1llL0hZ_QCX0GuKtIwO4Mbshba68SIx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP7T04_0mxV14RBIzowwFsQ&google_push=AaAOQGFtdvmHTqyxEvTPxy5HTZsDxTl1HArzUP7zE6MVY7t4IeNP-unqkJLB7pfYFkuak1llL0hZ_QCX0GuKtIwO4Mbshba68SIx

Request Chain 217

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELUTHC4MExgVKW0xiAVXLi4&google_cver=1&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hruQNTEoq0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELUTHC4MExgVKW0xiAVXLi4&google_cver=1&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hruQNTEoq0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hruQNTEoq0&google_hm=NdZVXyiNR8WC4LKw2KNDNQ==

Request Chain 219

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA2_T0eaYSre04XKKnuTC9s&google_cver=1&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG7IL8hkGmWm6 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA2_T0eaYSre04XKKnuTC9s&google_cver=1&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG7IL8hkGmWm6&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG7IL8hkGmWm6&google_hm=G8DwvGZHrDc6H5viQSKZhRir

Request Chain 221

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELYVsiCOlBr3s1XjwoJ4HD8&google_cver=1&google_push=AaAOQGGhoN-Hs2hU55N3PQzxT63BGKnIZsbWWNSCZNrGE3wUdWVMf9F_MlhFCL9-5lZE4c3btfL7JYEa6K-ZkFxHjNZv3l7dm3n7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESELYVsiCOlBr3s1XjwoJ4HD8&google_cver=1&google_push=AaAOQGGhoN-Hs2hU55N3PQzxT63BGKnIZsbWWNSCZNrGE3wUdWVMf9F_MlhFCL9-5lZE4c3btfL7JYEa6K-ZkFxHjNZv3l7dm3n7

Request Chain 240

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_cver=1&google_push=AaAOQGG4DWuWDcVVjrpiOi6gJPf4LJRkUSZRLfBvqqAKKIo4EqpNSJ8L8FhZoY8AfCZ6D1xUXqVL2xP8EqwX_jhVlCgcUm7awN_R HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_push=AaAOQGG4DWuWDcVVjrpiOi6gJPf4LJRkUSZRLfBvqqAKKIo4EqpNSJ8L8FhZoY8AfCZ6D1xUXqVL2xP8EqwX_jhVlCgcUm7awN_R&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_hm=ZKd3ZOTCXvMVU2ndYK_64QAAFGYAAAIB&google_nid=index&google_push=AaAOQGG4DWuWDcVVjrpiOi6gJPf4LJRkUSZRLfBvqqAKKIo4EqpNSJ8L8FhZoY8AfCZ6D1xUXqVL2xP8EqwX_jhVlCgcUm7awN_R

Request Chain 241

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECP9nx2bAX8w1QihrOSClC0&google_cver=1&google_push=AaAOQGFProfwAv1Eu1zxrXdjSq8ihyqxb13GIYnCrzYetoebKGGh29Qw80wGV93nmscgwKE5uUvelJ9U69k2x93sHbrRL2O4JBEV HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFProfwAv1Eu1zxrXdjSq8ihyqxb13GIYnCrzYetoebKGGh29Qw80wGV93nmscgwKE5uUvelJ9U69k2x93sHbrRL2O4JBEV&google_hm=G8DwvGZHrDc6H5viQSKZhRir

Request Chain 242

https://match.360yield.com/match/ebda?google_gid=CAESEJ6WkqQkzhH855cZfjFaA14&google_cver=1&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQHyHoN_NkUoRsC2 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ6WkqQkzhH855cZfjFaA14&google_cver=1&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQHyHoN_NkUoRsC2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FG0gb1HrRkuMF_fnmk18pw&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQHyHoN_NkUoRsC2

Request Chain 243

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECoE7rEyoFhMehDSq6Ky00w&google_cver=1&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh-XKzOQvlX9j3rSAm92MbLohKC-NAUR2jTqGpjADPaYSP HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh-XKzOQvlX9j3rSAm92MbLohKC-NAUR2jTqGpjADPaYSP&google_gid=CAESECoE7rEyoFhMehDSq6Ky00w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh-XKzOQvlX9j3rSAm92MbLohKC-NAUR2jTqGpjADPaYSP

Request Chain 249

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&google_cver=1&google_push=AaAOQGHfTz5sW01rZFNK1kq3g0QMDvstM6PJxjN2kw3pdg1k67h4Qb1cuE4P6dCMvcQ5kkbQf33KQG0YBLU58dG0-B5hxyu719lJ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&google_cver=1&google_push=AaAOQGHfTz5sW01rZFNK1kq3g0QMDvstM6PJxjN2kw3pdg1k67h4Qb1cuE4P6dCMvcQ5kkbQf33KQG0YBLU58dG0-B5hxyu719lJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&google_cver=1&google_push=AaAOQGHfTz5sW01rZFNK1kq3g0QMDvstM6PJxjN2kw3pdg1k67h4Qb1cuE4P6dCMvcQ5kkbQf33KQG0YBLU58dG0-B5hxyu719lJ

Request Chain 251

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHZYtc8hdNzo1Pu1u4mdVgI&google_cver=1&google_push=AaAOQGF_ygdQwpv8l7WrLCYKwPJzblNvx0vcp2GFFU5VpybSklkym9KdaKhz4GoF9Ls5lAyj0aTeBKaXG3yqid-o4_J2JMykkYAn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGF_ygdQwpv8l7WrLCYKwPJzblNvx0vcp2GFFU5VpybSklkym9KdaKhz4GoF9Ls5lAyj0aTeBKaXG3yqid-o4_J2JMykkYAn

Request Chain 252

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ61WQAiLZ8wVc6u9TON7_g&google_cver=1&google_push=AaAOQGHsXOW_qlatl1EyShwhceqznC2XFL-z_WeMF77Cj0zZDrrsADZTZrLS3_PGpI2CG570G6rDREygXvPrnlb_QLiwAeCV53_8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHsXOW_qlatl1EyShwhceqznC2XFL-z_WeMF77Cj0zZDrrsADZTZrLS3_PGpI2CG570G6rDREygXvPrnlb_QLiwAeCV53_8

Request Chain 253

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMKwyvrt5PjsDCZyyK9p9D0&google_cver=1&google_push=AaAOQGFAfPau761MGQRo3MHKmLsY5kMwLWVigFmhqEHCFGMYyKVsxvqH8weh_uw4GKS8X71UTLgZKVS5b7TgmnPuHx8vlzAi44g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSWUVFS0otMVMtMURUOA==&google_push=AaAOQGFAfPau761MGQRo3MHKmLsY5kMwLWVigFmhqEHCFGMYyKVsxvqH8weh_uw4GKS8X71UTLgZKVS5b7TgmnPuHx8vlzAi44g

Request Chain 257

https://d5p.de17a.com/cookies/google?google_gid=CAESEEU8ipa5eF2Gaj8GbntN7ss&google_cver=1&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXdciepGRUPA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEU8ipa5eF2Gaj8GbntN7ss&google_cver=1&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXdciepGRUPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXdciepGRUPA

Request Chain 259

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOVLg6Vu50CSjJtcraax_Qw&google_cver=1&google_push=AaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1688696676197 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2f4cc179-1fec-4152-9699-d41e10a80168-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw%26google_hm%3DAy9MwXkf7EFSlpnUHhCoAWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw&google_hm=Ay9MwXkf7EFSlpnUHhCoAWg

Request Chain 260

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECoE7rEyoFhMehDSq6Ky00w&google_cver=1&google_push=AaAOQGGUqEe29oartYY9vDv2un-jrtSlQ0sD57TeLN-zAXmACC6Rbcy6g8dgrEcunosN_lmeVySomXIHSp2grthcFfn-vPsvbeYxYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGGUqEe29oartYY9vDv2un-jrtSlQ0sD57TeLN-zAXmACC6Rbcy6g8dgrEcunosN_lmeVySomXIHSp2grthcFfn-vPsvbeYxYQ

Request Chain 264

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 272

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGTgzNwOp9Eo0ZD0lRs3Q_c&google_cver=1&google_push=AaAOQGEvj1r6QVvOpqrhL43VONHZnBV6wS6O3yRftq9Qgl-3MP4ag8OI8wrHWjoutkas7gZjLY5qV-Q4WKQ-qzSWoEnXF2wTNBk_H7Od HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEGTgzNwOp9Eo0ZD0lRs3Q_c&google_cver=1&google_push=AaAOQGEvj1r6QVvOpqrhL43VONHZnBV6wS6O3yRftq9Qgl-3MP4ag8OI8wrHWjoutkas7gZjLY5qV-Q4WKQ-qzSWoEnXF2wTNBk_H7Od

Request Chain 273

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECD-WkH5uMuaVYiAsVDTnPg&google_cver=1&google_push=AaAOQGF5myzZwHRZdJf81cH3gY-l9ngJTZspMqyrJnGEFgGrp-xENU6EWxW3YgXTiytt0qj5ki7GBhvoCPjbrzyT-YEmnQJORwu3Yqne HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGF5myzZwHRZdJf81cH3gY-l9ngJTZspMqyrJnGEFgGrp-xENU6EWxW3YgXTiytt0qj5ki7GBhvoCPjbrzyT-YEmnQJORwu3Yqne

Request Chain 275

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECtWKUV2Tt9u9mpiX9ZBLKE&google_cver=1&google_push=AaAOQGEnIzL6x6xpNDF1BeXMEDr77-uyts_ivwN-Bb95Zn-juTmQ8sC2WVHo4hfoEqttk1dmeNQyZCwRHkiMzwSYvzUSPXp47a62_EXS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEnIzL6x6xpNDF1BeXMEDr77-uyts_ivwN-Bb95Zn-juTmQ8sC2WVHo4hfoEqttk1dmeNQyZCwRHkiMzwSYvzUSPXp47a62_EXS&google_hm=vp_Nz8-pSDGyR1BAcVHwbSo

Request Chain 276

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO-AwLlowVZAdWcbmhlbLjk&google_cver=1&google_push=AaAOQGFkG8z7EUNOLv7hdOO9Mi6WnbvBK7kctqne2MutYhBQfldgW2V-iBMc8bVT_lbrE-WMoFc0fTj5cdPzxBF09Rg7_rS_r57_aXkY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGFkG8z7EUNOLv7hdOO9Mi6WnbvBK7kctqne2MutYhBQfldgW2V-iBMc8bVT_lbrE-WMoFc0fTj5cdPzxBF09Rg7_rS_r57_aXkY

Request Chain 277

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBZPWVnOKCoORJ5wy_GoZx0&google_cver=1&google_push=AaAOQGHo_dIfZW-N5PyKsWTGE9yLFg7cfdahGiLRILmMvAa3aKH-5aqZiB4mqXGu2F9kfSi1RwV-XjulDOAHQ6PJbNvTLEdewgQi19Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHo_dIfZW-N5PyKsWTGE9yLFg7cfdahGiLRILmMvAa3aKH-5aqZiB4mqXGu2F9kfSi1RwV-XjulDOAHQ6PJbNvTLEdewgQi19Q

Request Chain 278

https://d5p.de17a.com/cookies/google?google_gid=CAESEEYcyApRLH9BVHI6i0LUlIc&google_cver=1&google_push=AaAOQGEnw42JngS5cx6qASj4hr-wj9k3LGzUDFmun3czEJLdwxhkWM3jWGeHb5WOW691kPLG3HAJ3Fc4gXW06XTQTJIgd7dLefDnSVII HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEnw42JngS5cx6qASj4hr-wj9k3LGzUDFmun3czEJLdwxhkWM3jWGeHb5WOW691kPLG3HAJ3Fc4gXW06XTQTJIgd7dLefDnSVII

Request Chain 328

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5e01c0-1c6d-11ee-9c19-223148ce0464&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 331

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COa91KzF-_8CFYzhuwgd0WYH2A;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194675X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023070704243786595194675X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 334

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLrA1KzF-_8CFbmJgwcdSesAHQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023070704243786595194677X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

Request Chain 338

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5ddab0-1c6d-11ee-909a-2265c0ea454e&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 341

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPL71KzF-_8CFRPluwgdxJEMYQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194673X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023070704243786595194673X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 344

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COj61KzF-_8CFYDiuwgd2iYEMw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023070704243786595194679X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

349 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x69807j0b5.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 822ms
99ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1318
Content-MD5: +Dz/d7Mp2GQfilgWrAkqiw==
Content-Type: text/html
Date: Fri, 07 Jul 2023 02:24:32 GMT
ETag: 0x8DB5ED0599CC10C
Last-Modified: Sat, 27 May 2023 16:35:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 9b054a05-001e-0011-037a-b0d8b9000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 94ms
94ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-request-id: 9b054a4c-001e-0011-407a-b0d8b9000000
Date: Fri, 07 Jul 2023 02:24:32 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 100ms
100ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Jul 2023 02:24:32 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: a5561ac9-401e-0062-137a-b0802a000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 190ms
95ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 07 Jul 2023 02:24:32 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 9b054a85-001e-0011-727a-b0d8b9000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 496ms
202ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:32 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 327ms
220ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:32 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 636F 77 KB
77 KB 372ms
54ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a1dea6d243134ae61584a76dcf439cad55e5737729e79d1f5edcfe20bca425b

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 78879
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 02:24:32 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 636F 90 KB
91 KB 70ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:27:17 GMT
x-content-type-options: nosniff
age: 57436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92629
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 10:27:17 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 636F 10 KB
2 KB 84ms
84ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 07 Jul 2023 02:24:33 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 636F 40 KB
12 KB 205ms
9ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 6887221
x-accel-date: 1681809452
x-77-nzt: AZySIYt3Uef/NRdpAA
x-accel-expires: @1713345452
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: cf878727f7d8c92f6177a764d7877e30
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 636F 232 KB
81 KB 50ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6B70JBQEWN

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3bd44024f95e59ed30e46d4e3eb04ae50a1bae373074f8a4879387637fb4249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jul 2023 02:24:33 GMT

GET
H2 200 WebResource.axd Show response
ye-mek.net/ Frame 636F 23 KB
23 KB 45ms
45ms Script
application/x-javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/WebResource.axd?d=quNrEj16z1J8Pv0td_1VVe4QHVLV2bnNkWjzrNVjNmTOy-7yY1QfhAtZDvBj9qfehK6dgZsj3HQCsD7Tnydn_PxHIwXF9z2CnGZcgb9g1Rw1&t=637811837229275428
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 07 Jul 2023 02:24:33 GMT
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
cache-control: public
content-length: 23063
expires: Fri, 05 Jul 2024 18:26:48 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 636F 542 B
897 B 29ms
10ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887288
x-accel-date: 1681809385
content-length: 542
x-77-nzt: AZySIYt8vYz/eBdpAA
x-accel-expires: @1713345385
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: cf878727f7d8c92f6177a764b9b28f30
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 636F 2 KB
2 KB 8ms
7ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887216
x-accel-date: 1681809457
content-length: 1651
x-77-nzt: AZySIYvOAlL/MBdpAA
x-accel-expires: @1713345457
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: cf878727f7d8c92f6177a764b5d13e31
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mayasiz-pizza-hamuru-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame 636F 9 KB
10 KB 9ms
8ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/mayasiz-pizza-hamuru-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79fa5da711b1944ddaad083cc2e6977520e4a1a6ecf655f76b2564af8893a601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 13803
x-accel-date: 1688682870
content-length: 9528
x-77-nzt: AZySIYs5gAb/6zUAAA
x-accel-expires: @1720218870
last-modified: Thu, 06 Jul 2023 22:13:27 GMT
server: CDN77-Turbo
etag: "64a73c87-2538"
x-77-nzt-ray: cf878727f7d8c92f6177a76445be4231
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 visneli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame 636F 11 KB
12 KB 9ms
9ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/visneli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 54d132fb58287602c5cd91cb07939980debaf99f46395ac5bf5992aab2c6b8d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 100576
x-accel-date: 1688596097
content-length: 11738
x-77-nzt: AZySIYu9wMH/4IgBAA
x-accel-expires: @1720132097
last-modified: Wed, 05 Jul 2023 22:03:58 GMT
server: CDN77-Turbo
etag: "64a5e8ce-2dda"
x-77-nzt-ray: cf878727f7d8c92f6177a764581dd632
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 lokanta-usulu-taze-fasulye-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame 636F 13 KB
14 KB 11ms
11ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/lokanta-usulu-taze-fasulye-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dc63503c3f3c59f9996f4ceee5ed9bfeff55f0714094188f7a9174e6a15a2a47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 187581
x-accel-date: 1688509092
content-length: 13770
x-77-nzt: AZySIYtI1Kr/vdwCAA
x-accel-expires: @1720045092
last-modified: Tue, 04 Jul 2023 21:39:20 GMT
server: CDN77-Turbo
etag: "64a49188-35ca"
x-77-nzt-ray: cf878727f7d8c92f6177a7647f30db32
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-taze-fasulye-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame 636F 14 KB
15 KB 14ms
8ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/firinda-taze-fasulye-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2180f29f86c7567e451861d1c1db1df4e665191dbc790c421a2b168138336f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 267011
x-accel-date: 1688429662
content-length: 14484
x-77-nzt: AZySIYu/8WX/AxMEAA
x-accel-expires: @1719965662
last-modified: Mon, 03 Jul 2023 23:14:30 GMT
server: CDN77-Turbo
etag: "64a35656-3894"
x-77-nzt-ray: cf878727f7d8c92f6177a764f4a64533
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-kroket-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 636F 14 KB
15 KB 16ms
10ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/tavuk-kroket-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886774
x-accel-date: 1681809899
content-length: 14613
x-77-nzt: AZySIYu1I07/dhVpAA
x-accel-expires: @1713345899
last-modified: Thu, 26 May 2022 23:00:23 GMT
server: CDN77-Turbo
etag: "62900687-3915"
x-77-nzt-ray: cf878727f7d8c92f6177a76444904c33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pilic-topkapi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 636F 15 KB
15 KB 19ms
13ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/pilic-topkapi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887235
x-accel-date: 1681809438
content-length: 15292
x-77-nzt: AZySIYuPRA3/QxdpAA
x-accel-expires: @1713345438
last-modified: Mon, 26 Apr 2021 22:52:38 GMT
server: CDN77-Turbo
etag: "60874436-3bbc"
x-77-nzt-ray: cf878727f7d8c92f6177a764546b5033
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/08/ Frame 636F 13 KB
13 KB 20ms
15ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/08/tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886470
x-accel-date: 1681810203
content-length: 13086
x-77-nzt: AZySIYs7gkr/RhRpAA
x-accel-expires: @1713346203
last-modified: Wed, 01 May 2019 23:03:11 GMT
server: CDN77-Turbo
etag: "5cca25af-331e"
x-77-nzt-ray: cf878727f7d8c92f6177a76486445a33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 636F 14 KB
15 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887184
x-accel-date: 1681809489
content-length: 14751
x-77-nzt: AZySIYua1GT/EBdpAA
x-accel-expires: @1713345489
last-modified: Wed, 05 May 2021 00:03:16 GMT
server: CDN77-Turbo
etag: "6091e0c4-399f"
x-77-nzt-ray: cf878727f7d8c92f6177a76484945d33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 fasulye-diblesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 636F 15 KB
15 KB 24ms
17ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/fasulye-diblesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3d1be7afb3606c1dbff0d3410acf5f2d6423c7732967e605668d4ec1f30db333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887089
x-accel-date: 1681809584
content-length: 15144
x-77-nzt: AZySIYu5d2H/sRZpAA
x-accel-expires: @1713345584
last-modified: Thu, 25 Jun 2020 22:28:52 GMT
server: CDN77-Turbo
etag: "5ef52524-3b28"
x-77-nzt-ray: cf878727f7d8c92f6177a7649f6c6233
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 perde-pilavi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/07/ Frame 636F 12 KB
12 KB 24ms
17ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/07/perde-pilavi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7aff74b268cf9960c0f6482276773d0a8f2555672bf59f56ff37e309af485303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6880112
x-accel-date: 1681816561
content-length: 12276
x-77-nzt: AZySIYt4epL/cPtoAA
x-accel-expires: @1713352561
last-modified: Wed, 01 May 2019 22:44:45 GMT
server: CDN77-Turbo
etag: "5cca215d-2ff4"
x-77-nzt-ray: cf878727f7d8c92f6177a764dfa66433
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sikicik-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 636F 16 KB
16 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/sikicik-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887109
x-accel-date: 1681809564
content-length: 16008
x-77-nzt: AZySIYtbwiz/xRZpAA
x-accel-expires: @1713345564
last-modified: Thu, 04 Nov 2021 21:22:00 GMT
server: CDN77-Turbo
etag: "61844ef8-3e88"
x-77-nzt-ray: cf878727f7d8c92f6177a7647a7d6633
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-lebeniye-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/03/ Frame 636F 16 KB
16 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/03/tavuklu-lebeniye-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bfdd52bd476486ec1e766b590b0249780df4ac4015a8c8db99e1ed59a1c23539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887216
x-accel-date: 1681809457
content-length: 16258
x-77-nzt: AZySIYspw4r/MBdpAA
x-accel-expires: @1713345457
last-modified: Wed, 09 Mar 2022 23:08:34 GMT
server: CDN77-Turbo
etag: "62293372-3f82"
x-77-nzt-ray: cf878727f7d8c92f6177a764652f6833
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ramazan-pidesinden-yalanci-iskender-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame 636F 17 KB
17 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ramazan-pidesinden-yalanci-iskender-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3002b527e1cb5e6d8601854825ff1a291b37dfe3e190c02eb7ac1ad76cb12898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886433
x-accel-date: 1681810240
content-length: 17200
x-77-nzt: AZySIYvOaUb/IRRpAA
x-accel-expires: @1713346240
last-modified: Wed, 01 May 2019 22:16:10 GMT
server: CDN77-Turbo
etag: "5cca1aaa-4330"
x-77-nzt-ray: cf878727f7d8c92f6177a764c3996933
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/02/ Frame 636F 11 KB
11 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/02/dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886335
x-accel-date: 1681810338
content-length: 11371
x-77-nzt: AZySIYvMoVj/vxNpAA
x-accel-expires: @1713346338
last-modified: Wed, 01 May 2019 22:37:27 GMT
server: CDN77-Turbo
etag: "5cca1fa7-2c6b"
x-77-nzt-ray: cf878727f7d8c92f6177a7641643b333
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sebzeli-tencere-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 636F 16 KB
16 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/sebzeli-tencere-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5e28786e68ee9365dbc5f4b39fa49358367e4371322c7bfc70f7b016e7cfed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887184
x-accel-date: 1681809489
content-length: 16006
x-77-nzt: AZySIYsU/VT/EBdpAA
x-accel-expires: @1713345489
last-modified: Wed, 13 Apr 2022 23:53:28 GMT
server: CDN77-Turbo
etag: "62576278-3e86"
x-77-nzt-ray: cf878727f7d8c92f6177a76429ceb533
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 636F 16 KB
16 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886832
x-accel-date: 1681809841
content-length: 16315
x-77-nzt: AZySIYsPpXz/sBVpAA
x-accel-expires: @1713345841
last-modified: Fri, 22 May 2020 22:51:08 GMT
server: CDN77-Turbo
etag: "5ec8575c-3fbb"
x-77-nzt-ray: cf878727f7d8c92f6177a764eeceb733
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-midye-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/07/ Frame 636F 11 KB
12 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/07/tavuk-midye-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 30bf458f10efd6425384a778db3797a4a3e045d9062684d32dd854e55af146b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886729
x-accel-date: 1681809944
content-length: 11515
x-77-nzt: AZySIYvMw6H/SRVpAA
x-accel-expires: @1713345944
last-modified: Wed, 01 May 2019 23:01:48 GMT
server: CDN77-Turbo
etag: "5cca255c-2cfb"
x-77-nzt-ray: cf878727f7d8c92f6177a764c0c9b933
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame 636F 12 KB
12 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886908
x-accel-date: 1681809765
content-length: 11963
x-77-nzt: AZySIYvBXlf//BVpAA
x-accel-expires: @1713345765
last-modified: Wed, 01 May 2019 22:58:17 GMT
server: CDN77-Turbo
etag: "5cca2489-2ebb"
x-77-nzt-ray: cf878727f7d8c92f6177a764c68bbb33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 636F 14 KB
14 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6885183
x-accel-date: 1681811490
content-length: 14314
x-77-nzt: AZySIYs4w+//Pw9pAA
x-accel-expires: @1713347490
last-modified: Sat, 26 Feb 2022 22:43:44 GMT
server: CDN77-Turbo
etag: "621aad20-37ea"
x-77-nzt-ray: cf878727f7d8c92f6177a764aaa5bd33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-tavuk-pirzola-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 636F 14 KB
14 KB 25ms
19ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/tavada-tavuk-pirzola-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3a55a81ee41fb052562bfb3751492caf7ce85c5c029a7a7b03fa55797707b85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886829
x-accel-date: 1681809844
content-length: 14203
x-77-nzt: AZySIYv49u7/rRVpAA
x-accel-expires: @1713345844
last-modified: Sun, 28 Feb 2021 23:53:10 GMT
server: CDN77-Turbo
etag: "603c2ce6-377b"
x-77-nzt-ray: cf878727f7d8c92f6177a764bf9bbf33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patlican-cigirtma-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 636F 12 KB
12 KB 25ms
19ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/patlican-cigirtma-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9ca119586f3ba8e6a4a1dacf83852d3275071d2501de033ba04673b4efde1ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886199
x-accel-date: 1681810474
content-length: 12336
x-77-nzt: AZySIYuTJ1L/NxNpAA
x-accel-expires: @1713346474
last-modified: Sat, 07 Dec 2019 20:51:53 GMT
server: CDN77-Turbo
etag: "5dec10e9-3030"
x-77-nzt-ray: cf878727f7d8c92f6177a7645d66c133
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pirasa-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 636F 14 KB
14 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/pirasa-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 16b4b8473e400ff9857859df9a39214cff498615062d4fd7655adbb9443cdd27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 49447
x-accel-date: 1688647226
content-length: 14107
x-77-nzt: AZySIYtm2Wn/J8EAAA
x-accel-expires: @1720183226
last-modified: Mon, 14 Dec 2020 23:54:24 GMT
server: CDN77-Turbo
etag: "5fd7fb30-371b"
x-77-nzt-ray: cf878727f7d8c92f6177a76495bec233
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantar-dolmasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame 636F 13 KB
13 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/mantar-dolmasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a7095308f3bf41143463d9b7d23dff61d8177f1fe2ba70068a8a47ad693ef1db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886419
x-accel-date: 1681810254
content-length: 13208
x-77-nzt: AZySIYuF2AT/ExRpAA
x-accel-expires: @1713346254
last-modified: Sun, 26 Jun 2022 22:35:13 GMT
server: CDN77-Turbo
etag: "62b8df21-3398"
x-77-nzt-ray: cf878727f7d8c92f6177a764073bc433
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mualla-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 636F 18 KB
18 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/mualla-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 61214aab21dcbc611abaa12903d9469d219196cfc5623c28f13d7c2409033b62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886449
x-accel-date: 1681810224
content-length: 18519
x-77-nzt: AZySIYtZDMn/MRRpAA
x-accel-expires: @1713346224
last-modified: Sat, 25 Sep 2021 21:11:32 GMT
server: CDN77-Turbo
etag: "614f9084-4857"
x-77-nzt-ray: cf878727f7d8c92f6177a7645addc533
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bruksel-lahanasi-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 636F 9 KB
10 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/bruksel-lahanasi-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 22fb5b0df795b4084882ef226c87823477476927bd5e3462db1db36f30bdcaf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 397008
x-accel-date: 1688299665
content-length: 9690
x-77-nzt: AZySIYvJ6fH/0A4GAA
x-accel-expires: @1719835665
last-modified: Thu, 09 Feb 2023 22:21:57 GMT
server: CDN77-Turbo
etag: "63e57205-25da"
x-77-nzt-ray: cf878727f7d8c92f6177a7649d9bc733
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 anadolu-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 636F 14 KB
14 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/anadolu-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886502
x-accel-date: 1681810171
content-length: 14404
x-77-nzt: AZySIYu9+D//ZhRpAA
x-accel-expires: @1713346171
last-modified: Tue, 01 Dec 2020 00:12:50 GMT
server: CDN77-Turbo
etag: "5fc58a82-3844"
x-77-nzt-ray: cf878727f7d8c92f6177a764e954c933
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 imaret-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 636F 14 KB
14 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/imaret-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: aece4ef61cd8a8dbf436abb83f94c8d35af814f41607595e82cf5e9a5a29b147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6885138
x-accel-date: 1681811535
content-length: 14254
x-77-nzt: AZySIYtQH1X/Eg9pAA
x-accel-expires: @1713347535
last-modified: Tue, 28 Feb 2023 22:07:21 GMT
server: CDN77-Turbo
etag: "63fe7b19-37ae"
x-77-nzt-ray: cf878727f7d8c92f6177a76455edcd33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 eristeli-barbunya-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame 636F 13 KB
13 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/eristeli-barbunya-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e9f4eb06811b8f2c55fe2837c64b600feb5da3ce8f747707a9aa7a4e9ddc5346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6885519
x-accel-date: 1681811154
content-length: 13079
x-77-nzt: AZySIYtVufX/jxBpAA
x-accel-expires: @1713347154
last-modified: Sat, 11 Jun 2022 21:39:47 GMT
server: CDN77-Turbo
etag: "62a50ba3-3317"
x-77-nzt-ray: cf878727f7d8c92f6177a764839ccf33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bal-kabagi-pastasi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 636F 17 KB
17 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/bal-kabagi-pastasi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 196e3a68bba2b559f5a35bf6a55e6aeb4cd164df122e23e5bfaa96a4e3272e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886863
x-accel-date: 1681809810
content-length: 17284
x-77-nzt: AZySIYsGYbX/zxVpAA
x-accel-expires: @1713345810
last-modified: Wed, 01 Apr 2020 23:24:20 GMT
server: CDN77-Turbo
etag: "5e8522a4-4384"
x-77-nzt-ray: cf878727f7d8c92f6177a764f3e8d133
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mereng-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/02/ Frame 636F 10 KB
11 KB 26ms
21ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/02/mereng-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d33c84fffbe54086cb4fb2d283fc474a6667dd0f45a72ddade7e77885aca3fd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 68742
x-accel-date: 1688627931
content-length: 10505
x-77-nzt: AZySIYvjpCT/hgwBAA
x-accel-expires: @1720163931
last-modified: Wed, 01 May 2019 23:30:26 GMT
server: CDN77-Turbo
etag: "5cca2c12-2909"
x-77-nzt-ray: cf878727f7d8c92f6177a7640eeed333
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bulamac-tatlisi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/10/ Frame 636F 9 KB
10 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/10/bulamac-tatlisi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fff9ddf1c7f2c7a06936d2d11a415dc5d2e885fb925a3bfbb5b0823f0a6eeafb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 63119
x-accel-date: 1688633554
content-length: 9607
x-77-nzt: AZySIYvYsOr/j/YAAA
x-accel-expires: @1720169554
last-modified: Wed, 16 Oct 2019 22:15:45 GMT
server: CDN77-Turbo
etag: "5da79691-2587"
x-77-nzt-ray: cf878727f7d8c92f6177a764a117d633
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 helvali-muhallebi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 636F 15 KB
16 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/helvali-muhallebi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f80288d218412c1a0d2f3c79fe7439f84ac41a1395b54a58d2de5a88327636a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5720511
x-accel-date: 1682976162
content-length: 15618
x-77-nzt: AZySIYsSVEj/v0lXAA
x-accel-expires: @1714512162
last-modified: Mon, 01 May 2023 21:11:57 GMT
server: CDN77-Turbo
etag: "64502b1d-3d02"
x-77-nzt-ray: cf878727f7d8c92f6177a76479edd733
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mayali-akitma-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 636F 17 KB
17 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/mayali-akitma-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c98d521f6e84c225d7f5fb21cf0a73fec15bc090f04b049beb34b3c1e422df3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886418
x-accel-date: 1681810255
content-length: 16992
x-77-nzt: AZySIYsonCH/EhRpAA
x-accel-expires: @1713346255
last-modified: Fri, 24 Sep 2021 21:42:58 GMT
server: CDN77-Turbo
etag: "614e4662-4260"
x-77-nzt-ray: cf878727f7d8c92f6177a764b6dad933
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kasarli-pogaca-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/08/ Frame 636F 14 KB
14 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/08/kasarli-pogaca-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 20d0b7a9cd806629f41d149dce5cc1ef08fbea6e365e1a64aea2269b35353e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 29574
x-accel-date: 1688667099
content-length: 14268
x-77-nzt: AZySIYsstp3/hnMAAA
x-accel-expires: @1720203099
last-modified: Wed, 01 May 2019 23:22:44 GMT
server: CDN77-Turbo
etag: "5cca2a44-37bc"
x-77-nzt-ray: cf878727f7d8c92f6177a764aef3db33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 peynirli-yumak-pogaca-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/01/ Frame 636F 17 KB
18 KB 26ms
23ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/01/peynirli-yumak-pogaca-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 041dd21623a05d2e4ce118419b17051ab2d5aada214bc7a99a9ecf1091a22d52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 676421
x-accel-date: 1688020252
content-length: 17551
x-77-nzt: AZySIYsFgzr/RVIKAA
x-accel-expires: @1719556252
last-modified: Wed, 01 May 2019 22:52:37 GMT
server: CDN77-Turbo
etag: "5cca2335-448f"
x-77-nzt-ray: cf878727f7d8c92f6177a764f3a5dd33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bohca-boregi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/09/ Frame 636F 14 KB
14 KB 27ms
23ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/09/bohca-boregi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 59c0af76ee929f64ff78f095611cafb8a168437b58b4bda40b5ab4150cffcca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6886853
x-accel-date: 1681809820
content-length: 13890
x-77-nzt: AZySIYuX8uP/xRVpAA
x-accel-expires: @1713345820
last-modified: Wed, 07 Sep 2022 22:28:41 GMT
server: CDN77-Turbo
etag: "63191b19-3642"
x-77-nzt-ray: cf878727f7d8c92f6177a764dd38df33
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 636F 5 KB
6 KB 78ms
11ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:33 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1688696673.cds203.fr8.hn,1688696673.cds153.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 636F 56 B
361 B 609ms
13ms Script
text/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 02:24:34 GMT
server: Oracle API Gateway
opc-request-id: /6E0BEA367A07B50C67E54D14C5FA2FE0/E9EB47372C6CD5FAE89967507324C3A3
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 636F 465 B
585 B 81ms
14ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:33 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1688696673.cds203.fr8.hn,1688696673.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 636F 75 KB
26 KB 345ms
52ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 06:55:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 636F 3 KB
2 KB 62ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

050e11be4354d91e937d0ec8e1209915ed7f96017c6903f2c42ef05975d183d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 02:24:33 GMT
content-md5: u2/wvm2/wN9CpLphT4zXKQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: d71fV5wCuW02/VdR46ku5U+IGK/zv2/uw53NfYShcVBNdd5rnQlEE5bmK07COYz8QnqDW1CTEyOZXMIHQMt+Vw==
x-fb-content-md5: 5fd90b4ab905f0f9de104a1048db0ada
cross-origin-opener-policy: same-origin-allow-popups
etag: "dff45c595a264cd99de878df00abbc29"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:36:58 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 636F 21 KB
21 KB 20ms
20ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 07 Jul 2023 02:24:33 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6887216
x-accel-date: 1681809457
content-length: 21525
x-77-nzt: AZySIYusBLX/MBdpAA
x-accel-expires: @1713345457
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: cf878727f7d8c92f6177a764d9cae033
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 636F 302 KB
85 KB 32ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=a0e4202fb68a80a9581ae0d5db83482b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ea0227e598415569d2ae39c3ca6ffd8225611cd3e8df65fb3fb620e8a1464ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 02:24:33 GMT
content-md5: W482AEs2oAOOVsFYjE2hJA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87386
x-fb-debug: 3yy7AEU9ti20jRKEZnpwYLSI3T+dNjKjP6JRbAKV+2VzDrs3uSEuoYnokMPtgGxkVBF15MeOU3JjKihrXa6wVw==
x-fb-content-md5: b3c42f63f3597e49d78cfd23d4de4eeb
cross-origin-opener-policy: same-origin-allow-popups
etag: "9491d784609db4030c2ec22af733d7da"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 06 Jul 2024 02:16:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 636F 76 KB
26 KB 81ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7808396ba1e6a15c45c10dc2a7ccd98f7d936d0befce1a536c51c067b8a8608d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26079
x-xss-protection: 0
server: cafe
etag: 413 / 19545 / m202306280101 / config-hash: 154671031251390638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:34 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 636F 120 B
306 B 49ms
49ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 945F 891 B
1 KB 49ms
49ms Document
text/html 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Fri, 07 Jul 2023 02:24:34 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 636F 140 KB
48 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59e399be1610fd5e4dacad6129afa457a57e068a9255d705c717a26ced9cf4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48957
x-xss-protection: 0
server: cafe
etag: 4869422226585892849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:34 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 636F 489 KB
182 KB 54ms
53ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 636F 236 KB
58 KB 64ms
8ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 01:56:35 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1679
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: CEenwfKARsxiSEinJR1ZkRW6nmuCAYbuiDB-lzvgPp1axuEpr4zVJQ==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 636F 36 KB
7 KB 300ms
77ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1688696674261&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.28932992569463467
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 4be9624caae3b35eaab23f3145f1bf80807dcf5d0743b645af4274b59b6bc709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 636F 12 KB
2 KB 49ms
49ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19545
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 21:45:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 636F 50 KB
5 KB 281ms
64ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=469082
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: c96d560d0fb90d4edeedc0f54cb94b7fb9a3aa25cb8a4ad3fa52b95e63212a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/ Frame 636F 344 KB
118 KB 63ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c674563ebba8e98b68405f097d0bbb1ab2a4fdf80da65de2e43cce0c3ae25c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121033
x-xss-protection: 0
server: cafe
etag: 15111299343575884055
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/ Frame A905 10 KB
5 KB 55ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:40:25 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 20:40:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 636F 0
307 B 18ms
7ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:28:56 GMT
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 14137
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: CCrEc50Lf44GdBa_a2vy9Pod4-oRP7jeYYmVkyGMzM88kzoj0nfSKQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 636F 6 KB
3 KB 32ms
10ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 07:01:19 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 69796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6qbimFbo84RCSjmXYblW-wx5S9ZoZAVGYko9qcZ8ecvWs59cRtEguw==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ Frame 636F 392 KB
125 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11554
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 23:12:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 636F 107 B
456 B 56ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9865 603 B
218 B 29ms
27ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696674337&bpp=3&bdt=720&idt=117&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&nras=1&correlator=8202452768800&frm=24&ife=1&pv=2&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31075816%2C44788442&oid=2&pvsid=1511131752530672&tmod=1165983658&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.bci643v8r1mr&fsb=1&dtd=133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 636F 10 KB
3 KB 50ms
49ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 13:36:40 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 636F 23 B
459 B 494ms
342ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=KU5zNl2zWAPuI&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: FJ8B22FEA3AGTZFK5X51
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XVcaUgan6itMR7VsvI7Vbr9z5OuS6CdfE-LXLvpC943xwDoYTN7kkQ==

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 636F 11 KB
5 KB 50ms
49ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=469082
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 636F 17 KB
5 KB 85ms
11ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:08:23 GMT
content-encoding: gzip
age: 971
x-guploader-uploadid: ADPycdsLboKauQeh93WgJNAdKXfdHtmCsJl-ty2qCYN2N6M-1jhbPpTWU1eKDrJGgohzrA4RSzVR879_FB5pBm1hrUfCSA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 636F 0
209 B 50ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688696674577&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6262758206168508
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:34 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 636F 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 28 KB
12 KB 257ms
256ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=847611160744856&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=2&adks=973936160&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696674617&lmt=1688696674&dlt=1688696673617&idt=870&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=83rqhbvzfkg1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a729787d797f5fc274541d1f8233b0f63d87a6924da0effd635ac98f5d1c04a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11851
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583966
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 143 KB
44 KB 723ms
722ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=847611160744856&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=3&adks=163841978&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696674625&lmt=1688696674&dlt=1688696673617&idt=870&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jo00el8kroo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32b0f27c10ae5d28deb7b4e8895190d9e6e70e7735282d93154f62d534281d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44740
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 148 KB
45 KB 507ms
506ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=847611160744856&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=1089002077&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696674629&lmt=1688696674&dlt=1688696673617&idt=870&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=vgcvg2ooxtlg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50b60e567db6d954a6853a1a8ed0e688077a806f89197fe4b7cc77b9b131b74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46278
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 28 KB
12 KB 239ms
239ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=4273598159977333&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=5&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696674633&lmt=1688696674&dlt=1688696673617&idt=870&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=rf4kp6551923&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21a64749c26a288c526eb39a1b246f11b148ab4c365ffeed74de457d73f06b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11896
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425219174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 28EB 6 KB
3 KB 79ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 636F 7 KB
3 KB 385ms
51ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19545
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 14 Jul 2023 02:24:35 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame 636F 0
209 B 50ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688696674658&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.8474781979043342
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:34 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 9FFC 13 B
257 B 88ms
20ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Fri, 07 Jul 2023 02:24:34 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B16 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4907 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6B16 24 KB
7 KB 62ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6B16 139 KB
48 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6929b02d4eddc57dfe47a42f581f68dd622abebfd0ce2d3f2c24665df0cd673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Origin: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48680
x-xss-protection: 0
server: cafe
etag: 2095377779081823168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B16 179 KB
57 KB 79ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4907 24 KB
6 KB 62ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4907 139 KB
48 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f84ac71d3431cace6f0c033cad4c9c9d5a5f44a94348e3016d336a1f0b06fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Origin: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48678
x-xss-protection: 0
server: cafe
etag: 8925563837290648027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4907 179 KB
56 KB 88ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4907 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqOE55A0O4NRY3oeG-CtveEm8Sqg5fBN7nzmQ_K5Ct2GVVDB1gofB5WplQDaftnr12EysIIP5yVeYSo5krnhMT5oZqLY54qYYTlJRTizEtmSE3GOfAZuaOl1IZoZXaIz5ErnYsz7KaErtw6_WJZ38xuJ2xStq6UMXQqovSsoaH5w2ilK3vDVYny-pGgLrNBMansdyF-DfZ27SzLDhaTEaX0jcFNt_lNKcgvoxwStCDhsGZRX30EMBg4ee7Z7jlOhQRnjGDj5McMu89ph2YpOwc5rt6uENZPsev2Zm3Z9II68UA89lUKZGvqr--WLpFwlnyKqhD3trl28fLjnYFZhBSO1sE9FM0ESCSvSMs&sai=AMfl-YToyymjZ40pLySrfidemJVIws9hhSS3vOKHVHC2-zwF4qLxYMr-5uCjBNT-LkcGbLqwCK04g6k_ySpfQOwgieunTlTx2s17k_87r7xfId2CFA4T9ClrDTe_wtQYYQ&sig=Cg0ArKJSzAET6EpzWAfGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B16 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQLrkCmNd3h7t6rhTLeVusg91a7qFRbEmbDc6x2RozPXrG-CRLDMERgrGEkPP53s5zb8lsuAovgEdCOT7PR4qwO2qIC9dURyNA9HALX9BHvcACSnPp4Cy9yD8C0KLuWA1hCUY-qUUBqRFoDnpgQT9sZTBlN9qqD1FlkKEJL_OssC2jUm4OV4acZ5eKevU3p0Qqt-xDOKxLFkr0htY5JX1PupBCv2EJ4SDKADEV2CoyxsyL2dpCjJlnjdmsAL-PA4OFITpqObgrTGdEwYJMeQLUh-XXFLZreiA2bDMQP5XPMTtDtXTRzxYf3ipubHWDaquGcSiyEM7Bj08mWUrN6Ki6siltft1w8swjJuIRjE3FnOzpcgx12qmmIQ&sai=AMfl-YR934cn11fhQfEMGH8OiMPulIaNrYGEy_v06zRb3we8WEkArVcqTrzOVFJ8q6e17pAJ29PSWIwuWytq_mDCyziUbEYhadk9LJbsP7nqvDU4mdq0wyEOcjbHpP8e3g&sig=Cg0ArKJSzLjTRH6XjDuDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/ Frame 4907 344 KB
118 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e5e1f3b36212be035e5a1c2fe828c28d1b6a791b021b5ede6eee13421077169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121033
x-xss-protection: 0
server: cafe
etag: 7938427327198465028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ Frame 6B16 344 KB
118 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com&bust=31075780

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7939b8cb427c1b1898f1d6a222b5eaa68229d7f22d829d4d6f20c5798d94a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121043
x-xss-protection: 0
server: cafe
etag: 347306996655007997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 636F 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 118 KB
39 KB 301ms
298ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=277348412033234&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696675120&lmt=1688696675&dlt=1688696673617&idt=870&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=fenhpvq2q2lp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfBF0bAw0vB8NjqS9bwnHfDHGeVGaaXI1le1BPxOQlLte34_ZzYGageGLnDhD_cG-fxnxTaZHT5_0AIGqcXVOA%2CABnkTfDKLkFVWVlD57y8zWC6rcVmSNwQ3kmtRo-j-V35KK6nUjyoKamy6_wVeNE_Kck4WblPG5SVoQR8K8fqgMuNgg&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c52e4a087c75da0cfff809c224ef59af8179f8a1f3b1cfbdc5d147e407a76b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPyw1avF-_8CFcQX4AodNHQNNw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10896490684634628096/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPyw1avF-_8CFcQX4AodNHQNNw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10896490684634628096/index.html
date: Fri, 07 Jul 2023 02:24:35 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40246
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 33 KB
14 KB 259ms
255ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=926014225931088&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=7&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696675126&lmt=1688696675&dlt=1688696673617&idt=870&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=wjhbaa1iwt4d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABnkTfBF0bAw0vB8NjqS9bwnHfDHGeVGaaXI1le1BPxOQlLte34_ZzYGageGLnDhD_cG-fxnxTaZHT5_0AIGqcXVOA%2CABnkTfDKLkFVWVlD57y8zWC6rcVmSNwQ3kmtRo-j-V35KK6nUjyoKamy6_wVeNE_Kck4WblPG5SVoQR8K8fqgMuNgg&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0777d9cebf4bdc5a6d92485313169e75f95e953ad6cdb53b70a68d6153312037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14150
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 34 KB
14 KB 290ms
286ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=2832416901969859&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696675129&lmt=1688696675&dlt=1688696673617&idt=870&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=mdlmggtlikt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfBF0bAw0vB8NjqS9bwnHfDHGeVGaaXI1le1BPxOQlLte34_ZzYGageGLnDhD_cG-fxnxTaZHT5_0AIGqcXVOA%2CABnkTfDKLkFVWVlD57y8zWC6rcVmSNwQ3kmtRo-j-V35KK6nUjyoKamy6_wVeNE_Kck4WblPG5SVoQR8K8fqgMuNgg&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

658dfe73a093c2fd46bfa95fc40eab39b5486c152db9ec4bf8458c829851a49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14151
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 135 KB
41 KB 346ms
343ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=4014565225541852&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696675132&lmt=1688696675&dlt=1688696673617&idt=870&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=k1yppt2igp8m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfBF0bAw0vB8NjqS9bwnHfDHGeVGaaXI1le1BPxOQlLte34_ZzYGageGLnDhD_cG-fxnxTaZHT5_0AIGqcXVOA%2CABnkTfDKLkFVWVlD57y8zWC6rcVmSNwQ3kmtRo-j-V35KK6nUjyoKamy6_wVeNE_Kck4WblPG5SVoQR8K8fqgMuNgg&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

158af2634cccf27d5f86778556cdddd7c5501e5286b3495d664ec6744f54c6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42263
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 636F 58 KB
13 KB 302ms
298ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511131752530672&correlator=3253489261632209&eid=31074650%2C31074947%2C31075760%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=10&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688696674261%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc95b9e47-d55c-4459-bc87-393aeaf3e463%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc95b9e47d55c4459bc87393aeaf3e463&sc=1&cdm=ye-mek.net&abxe=1&dt=1688696675137&lmt=1688696675&dlt=1688696673617&idt=870&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jyjfhtmjmh2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABnkTfBF0bAw0vB8NjqS9bwnHfDHGeVGaaXI1le1BPxOQlLte34_ZzYGageGLnDhD_cG-fxnxTaZHT5_0AIGqcXVOA%2CABnkTfDKLkFVWVlD57y8zWC6rcVmSNwQ3kmtRo-j-V35KK6nUjyoKamy6_wVeNE_Kck4WblPG5SVoQR8K8fqgMuNgg&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2d7a87d374579a58fe02fc4404a1ad3fc0e017df8be31ab56d30849bac98db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13771
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 636F 344 KB
119 KB 74ms
16ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121444
x-xss-protection: 0
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 636F 398 KB
128 KB 54ms
54ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/7/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 14 Jul 2023 02:24:35 GMT

GET
H3 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DD0 6 KB
3 KB 12ms
10ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4907 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d361bd3fbe8e2c43c177120bcd8788dbbd7d0d6b988e12a9e56efecba4cc1a93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6B16 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6f4970240af0435d4154cadccae8187ae03ddaaf41708d7c3b532241935e28b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4907 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 480D 0
16 B 89ms
88ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675061&bpp=9&bdt=127&idt=198&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&nras=1&correlator=5080265833044&frm=8&ife=1&pv=2&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.z9eyv86oycdu&fsb=1&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6B16 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com&bust=31075780

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E617 0
16 B 64ms
63ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675082&bpp=3&bdt=157&idt=199&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=4484533912113&frm=8&ife=1&pv=2&ga_vid=678825474.1688696675&ga_sid=1688696675&ga_hid=898738081&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=131074735&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C42532278%2C42532280%2C44759837%2C44759876%2C31075780%2C31075824%2C44788441%2C21065724&oid=2&pvsid=2487041221584005&tmod=1801550151&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.jcyiivk4zojk&fsb=1&dtd=215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 7DD0 14 KB
2 KB 49ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 00:54:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7DD0 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 7DD0 23 KB
9 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:18:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7DD0 3 KB
1 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 572B 1 KB
643 B 21ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7DD0 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7DD0 0
0 67ms
18ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYSGAaRZAvMgoTSgG9isrgkiouzyBKMRZVnmyxNOiGyT_7bP3sfMMAmYqmAbE7NcmJXjcTjeLfkBcLUcwiR3VDWe7Oyg
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DD0 179 KB
56 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame 7DD0 33 KB
14 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:38:10 GMT

GET
H2 200 data=5NsxjejzAch8RdF1zPkCR0IwxFIERtcerMhlNAVffKcd0EX-Sh9uZQ1Pqfjb52pNqLVqPvH0u5d9VXvJoaCTOw
mts0.google.com/vt/ Frame 7DD0 8 KB
8 KB 118ms
29ms Image
image/png 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=5NsxjejzAch8RdF1zPkCR0IwxFIERtcerMhlNAVffKcd0EX-Sh9uZQ1Pqfjb52pNqLVqPvH0u5d9VXvJoaCTOw

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0f936e87d85698dfb9376e5d95e40bd3f66b95825fc9b58785290498ebaa7c06

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Fri, 07 Jul 2023 02:24:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8112
x-xss-protection: 0
x-server-version-bin: CggIBBCjv5SlBg==
server: scaffolding on HTTPServer2
etag: 0dd6d13eee3eecf94
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Fri, 07 Jul 2023 03:24:35 GMT

GET
DATA 200
OK truncated
/ Frame 7DD0 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7DD0 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7DD0 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7DD0 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2859 32 KB
14 KB 285ms
275ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791085&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675070&bpp=1&bdt=136&idt=264&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5080265833044&frm=8&ife=1&pv=1&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.lo53mt6aocdy&fsb=1&dtd=272

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad7c822291d507feec76dfe7a79f3b57256841a8949bc9140fd3d76a0591101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FAE 436 B
233 B 125ms
117ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675085&bpp=1&bdt=160&idt=266&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4484533912113&frm=8&ife=1&pv=1&ga_vid=678825474.1688696675&ga_sid=1688696675&ga_hid=898738081&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=131074735&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C42532278%2C42532280%2C44759837%2C44759876%2C31075780%2C31075824%2C44788441%2C21065724&oid=2&pvsid=2487041221584005&tmod=1801550151&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8meddbmt6yin&fsb=1&dtd=280

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99fdb43a3f4a492e50f73375a49dcfc3ffa77f4044fbc107f288bb6b9ce1198f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E949 6 KB
3 KB 12ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6359 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 572B 0
104 B 118ms
23ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEH0-LBmVpsvlrLrtvg88X8g&google_cver=1&google_push=AaAOQGHuus_iseNXsjlE2oQazBWLdsZRqOsLEYockP4TANe7FDyRb173XTlv6GU4eZ_oGFryMq-_GA8mEEqCUTNx8rJFvhQQoPo
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 572B 0
173 B 111ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFu1bj5JQW0yxTS2JuNMR2o&google_cver=1&google_push=AaAOQGGfEYfgKr3-XSoiHbn1GGAR_GLbBovWlDolnXAk27Q12Nx3BrA8l5ekPZJsIwoK1v-4v0HCqOT2d2qceZn7WHOp7xQKqN0
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 572B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBZPWVnOKCoORJ5wy_GoZx0&google_cver=1&google_push=AaAOQGHxt5a3UhRRC68y8e1TaS-lA81gxKLJ4Ky4aayR6Vwd2lUfnJipeKeOVJVIDA8g-NUtD08fhlf9lWfkWjY6...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHxt5a3UhRRC68y8e1TaS-lA81gxKLJ4Ky4aayR6Vwd2lUfnJipeKeOVJVIDA8g-NUtD08fhlf9lWfkWjY6aGuFEw00v8M

170 B
232 B

49ms
48ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHxt5a3UhRRC68y8e1TaS-lA81gxKLJ4Ky4aayR6Vwd2lUfnJipeKeOVJVIDA8g-NUtD08fhlf9lWfkWjY6aGuFEw00v8M

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 07 Jul 2023 02:24:35 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHxt5a3UhRRC68y8e1TaS-lA81gxKLJ4Ky4aayR6Vwd2lUfnJipeKeOVJVIDA8g-NUtD08fhlf9lWfkWjY6aGuFEw00v8M
x-host: tde-deliveryengine-production-84d9bf65c-nmxjj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 572B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKpwssvkGjnB23rxZNPK7dc&google_cver=1&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA4WIJN...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKpwssvkGjnB23rxZNPK7dc&google_cver=1&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxMDEyNzgyMjg0Mjg0NDQzOQ&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA4WI...

170 B
188 B

23ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxMDEyNzgyMjg0Mjg0NDQzOQ&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA4WIJNAa_rshV-TWZUA9xRTW8

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxMDEyNzgyMjg0Mjg0NDQzOQ&google_push=AaAOQGGCMPTe4u_aRBIekrLyTwil_H1SLsnaybPNHyCGXNEBNGOITbLuiMw1M_jhqV1mF_mY-pA4WIJNAa_rshV-TWZUA9xRTW8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 572B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

22ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEMp-ZkdECms8I0zyyZcpKsvvldL75dSt7MItk2fU8shm6irvjb4v45PtoTkXBupWhHB7QP64jD3cwSqk7ByzpVXYfnJA0

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEMp-ZkdECms8I0zyyZcpKsvvldL75dSt7MItk2fU8shm6irvjb4v45PtoTkXBupWhHB7QP64jD3cwSqk7ByzpVXYfnJA0
date: Fri, 07 Jul 2023 02:24:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 572B
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDYvCsVIMPp0cOh2G0MfynY&google_cver=1&google_push=AaAOQGHu6ox5Hs_pVbywwHn_0lrd1XbbndjiyKRDteruOrpSXcozHFkGqwJDjSr0PwSaDY1XasRWRVedGfrjP3Zx...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHu6ox5Hs_pVbywwHn_0lrd1XbbndjiyKRDteruOrpSXcozHFkGqwJDjSr0PwSaDY1XasRWRVedGfrjP3ZxgRcZ4GXIvGU

170 B
329 B

21ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHu6ox5Hs_pVbywwHn_0lrd1XbbndjiyKRDteruOrpSXcozHFkGqwJDjSr0PwSaDY1XasRWRVedGfrjP3ZxgRcZ4GXIvGU

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 07 Jul 2023 02:24:35 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHu6ox5Hs_pVbywwHn_0lrd1XbbndjiyKRDteruOrpSXcozHFkGqwJDjSr0PwSaDY1XasRWRVedGfrjP3ZxgRcZ4GXIvGU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 6utLuONaaalTTpmBRqY7xflld9N4warYaRXc4IxRvRQUtEpn19LklA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 572B
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI1eUSkQJL16BMuiarZ7AzU&google_cver=1&google_push=AaAOQGGcru3IKqNXs...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEI1eUSkQJL16BMuiarZ7AzU%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESEI1eUSkQJL16BMuiarZ7AzU&google_cver=1&google_push=AaAOQGGcru3IKqNXseQKxkClH2stnhURCd...

170 B
188 B

34ms
23ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESEI1eUSkQJL16BMuiarZ7AzU&google_cver=1&google_push=AaAOQGGcru3IKqNXseQKxkClH2stnhURCd6WyxzVpDbdxwBteXkYnOVuygp2DwNZUEUpgBpOfhr_lOg46GR-TCnHo8KisXMYGCc

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
an-x-request-uuid: 9cbadbea-a7af-4419-be7e-374fce8f7537
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESEI1eUSkQJL16BMuiarZ7AzU&google_cver=1&google_push=AaAOQGGcru3IKqNXseQKxkClH2stnhURCd6WyxzVpDbdxwBteXkYnOVuygp2DwNZUEUpgBpOfhr_lOg46GR-TCnHo8KisXMYGCc
x-proxy-origin: 81.95.5.42; 81.95.5.42; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 572B 0
139 B 68ms
19ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JeHMKBREuPsgUhWtORvDUg7LdNQkvQEqXY5E0NDVgZjXAYaOMb35539yCAxtr6X8VGgNpIOw

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0007 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E949 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 02:21:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame E949 2 KB
892 B 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E949 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzRrVY3enZND6Bc-pgAf-6KK4CujF_6Juv8286asQiJT4h7MCEAEgwLKCa2CVopmCrAegAeqXycAoyAEJqQKUvokVEUSyPuACAKgDAcgDywSqBO0BT9CbVAl3VVdScSZREEuTTym1-p1ZjeMkO3KOrkOqPQava2CsdyNqGQhsiXBaBp1qHO2Vg_y4S-V8gaL3ofALp2K_gCeOB4bcKsap4608pOjcnZQZ9bunCX205W-oQqcFdgcyC9BGwHmlOVXeO3icE6Fbgwj4KTED3M7AXnueCbh2Otq7VmnVYRo0q2XaaKwMFqhfeGegPME_SJkgrha96g_BrIQTkit_HlBwgTYb92f73BKOsHVy59gmBMsvoNYV0SsO4L5X_nkpBfs5AMrWBlnWcDSfz55j2X9JYD_3PwvtEdlHx0lfOHjXCPhVwATG5YekjQTgBAGSBQQIBBgBkgUECAUYBKAGLoAH6s-ZoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDf_QPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBuBOIBNgTCtAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=koTv6U6-sKs&uach_m=[UACH]&cid=CAQSOwBpAlJWbljqKknqNp3zRHmGCX8cxymyKuDVu_nm2an0xdghoCH-6kGUNs0_CMn-ngg7uiD2RrL72EdVGAE&template_id=520
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame E949 23 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:18:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame E949 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EB60 1 KB
643 B 12ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame E949 20 KB
8 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E949 0
0 22ms
18ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUYq62EVERVbO81pu1OZclUSdbZRP9NVN9tG6korSkMI_T0McwhNf3BfQ7g-QFqFqPmKcYiS1laL0G48raUnHwrZeg4w
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E949 179 KB
56 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame E949 33 KB
14 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:38:10 GMT

GET
H3 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4829 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 7321 222 KB
61 KB 60ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 119624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7321 15 KB
5 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 22:13:03 GMT
age: 15092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jul 2024 22:13:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7321 94 KB
28 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 122740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7321 5 KB
2 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 122731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 7321 40 KB
13 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 122737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7321 6 KB
706 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 00:53:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7321 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:32:50 GMT
x-content-type-options: nosniff
server: cafe
age: 39105
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Fri, 07 Jul 2023 15:32:50 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7321 344 B
368 B 10ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 26446
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 07 Jul 2023 19:03:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7321 0
0 16ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgWGcvyCKiw4JnkVDPv6s7N1YJoNcSxplpDaY8RZ8WCxKlhu2r9TCyRewMoEKBtSF6A9WqVJ14khv6XAGGQxMgg3YHig
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7321 0
0 53ms
52ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRVdxY3enZPbyC-2J1PIPsNqzuArwkoSBcf3ZyaasEWQQASDAsoJrYJWimYKsB6AB8em_mSjIAQmpApS-iRURRLI-4AIAqAMByAMKqgSUAk_QUXFUyBiHo1Y6NvF_qemDT1VLf9DCAjfrHAGnjGLOBeuasuYy1xRQHndI6u2e9BErRTFtueJa87lwV-3l8Cceu5Xhb_Qg9Dp-XmqtPCNBJCWb-GyLsHmv-9hmdnGNlMrQoXbikhjm6_i1dfuy9KjhcNzjbd74MgG_J2RYbT1j6bWueiCuLuos7ISPQdpACPjF69DkeeB0RaI6J8swvn5Dtbr9yAJmas_lCnrU-08LNW6uTe0aT0DXOAfHeEuCNNRrrr5B_DsdOdBr8OU78If79zX9T8N817DrjxCYfO6PNx7d26PHMu1rn8cXayhhaftVQjcsB5lkNcDQo5kLSo4sp1Wb40i23hAWjS7b6SS-iyWHk8AEqqzZ57IE4AQBkgUECAQYAZIFBAgFGASgBi6AB_GhkPkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpucF0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAbgT5APYEw2IFALQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=teD173OHOzI&uach_m=[UACH]&cid=CAQSOwBygQiDkjYMOgh-nQqzCw-s-KbuEVYFozC94HhQTwQ1DmN8k8DOIAfOK8uzUEjgDk3VqK_CFrz9QqLxGAE&template_id=484
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 data=5NsxjejzAch8RdF1zPkCR0IwxFIERtcerMhlNAVffKcd0EX-Sh9uZQ1Pqfjb52pNqLVqPvH0u5d9VXvJoaCTOw
mts0.google.com/vt/ Frame E949 8 KB
8 KB 11ms
9ms Image
image/png 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=5NsxjejzAch8RdF1zPkCR0IwxFIERtcerMhlNAVffKcd0EX-Sh9uZQ1Pqfjb52pNqLVqPvH0u5d9VXvJoaCTOw

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0f936e87d85698dfb9376e5d95e40bd3f66b95825fc9b58785290498ebaa7c06

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Fri, 07 Jul 2023 02:24:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8112
x-xss-protection: 0
x-server-version-bin: CggIBBCjv5SlBg==
server: scaffolding on HTTPServer2
etag: 0dd6d13eee3eecf94
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Fri, 07 Jul 2023 03:24:35 GMT

GET
DATA 200
OK truncated
/ Frame E949 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E949 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E949 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E949 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/13485014619656700173/ Frame 7321 52 KB
52 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13485014619656700173/2076313506083323656

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ca9cd6e65b7bcecd7b0d51c5f3349b8d8da51bec102d2c9f31105776565189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 21:06:39 GMT
x-content-type-options: nosniff
age: 537476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53583
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 13:24:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jun 2024 21:06:39 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9978862834505020233/ Frame 7321 6 KB
6 KB 22ms
19ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9978862834505020233/14763004658117789537?w=100&h=100

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a53ed6b8a6464de13222ee31a6da76a6246ab98e6dbf0fae1832b54dc33eb287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 23:30:09 GMT
x-content-type-options: nosniff
age: 528866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5836
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 13:24:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jun 2024 23:30:09 GMT

GET
DATA 200
OK truncated
/ Frame 7321 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7321 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523a1fbc42dcd8bc45165d43642abd3d2f1a14d0aa059c835c915cc0e8495075

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BCD0 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:34 GMT
expires: Sat, 06 Jul 2024 02:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame 636F 0
209 B 52ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688696674261&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:35 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
DATA 200
OK truncated
/ Frame 7DD0 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14531170f1abbdaf7a727d0e838e01c39fe2030ab40400c02ad85bc2a25ecc43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6359 0
0 66ms
64ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEWCGY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSJAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_weUzdVwxVMh6wfbSKUqDhBhKgNfcbS53oNTJTkCCK4SNjePtrYfXgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=ZcWxLrjmVIA&uach_m=[UACH]&cid=CAQSOwBygQiDE7Q39FPTqdq5C4k1QT1d0OSy37VyE_duUMNtkE-GgiYBupdzNLeIJdSUQstcsv5kVH4lmYnFGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6359 0
0 85ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ggfkv9e9bx39kgwf5w3ehyjkpmkjqhassr5trm247qb6bj03kt36mwakqhvr2whw3e1v11anb3rvxj9ns63g02gs1fmfy51dt33j1wntjdj7fc46w4hfsm6x1m01ns2w3xw9t1bk85zgyfkjch13gz0rrx1tsnsxf938qja8mp79qbw4kdhbm98rzf51m85x23qm8f4bh8vwv47v49kjnhrs55fwwcy77ctacgq00rg6haf7tw5h7mmh7wn7d5pxrx51bn0z7h6pmr9fkr860193qqq15ngekq798dkp6d04hwf2mp2562a8ckynrm0v7jfrxbwsgdnmw2q52fhvdghaqjbt1gjyrq8e0mr7ysy08szh0d334qbvqk1fkspqc1g5c9nr8&b=ZKd3YwAC6goK4BMHAA9JeyXLBMx7xtPcOAkPVg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Jul 2023 02:24:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame B02A 2 KB
2 KB 100ms
33ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kbpz1kkqks41ka7e8gh1m9jk63vh8pxrh96aksxd59646sy65ymg54s7f9y3e19de3ptpp9nevecc9cs75xtzsezjhxfj90td0s0a6ppy8dzqvqcp5cftv6j50bbxhpxw05ztfb228wjwvkkm77xnwex8z4gb75dfhwkqfphwkegn93rd6s556g8x3sxc0vk1xgctpyyekfsagpyca3t6j2thr4f90y7eh6vbg915yv2wwc7vxm3f215z0d7nrx59nw2dt9e7w7cdzp0g492w1hx96p6sy2sndgfd6jc92t5thjr15n8dp54zrah50fjk7yt6sy6nghmch3re2gz2trvzf88gbwe0qb0qy0c1brtgj01k7wzbzf7cwxghxtafgch301chp465p75v9d1pmmar31wr8gbaksw7qtb2qfavkne77q4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59a7ac4dd24a605dc58987d7514a91137697421e6647ae8d3480bd84de4efce1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1cfa80890d6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:35 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 6359 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3348 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 6359 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6359 0
0 25ms
24ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR878B3tsVuOXRK7sMvqt2Y9zzvT7I5onoahhEDB7ESZsn4rtXGjGI-vRMAQwhwcMJJkHNMwvQMu44z8O3loD7bQ_FJkA
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6359 24 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6359 179 KB
56 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 2859 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791085&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675070&bpp=1&bdt=136&idt=264&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5080265833044&frm=8&ife=1&pv=1&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.lo53mt6aocdy&fsb=1&dtd=272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 2859 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2859 0
0 17ms
16ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJFEkhIbH28p4_gz6I9IroxE5K_12OK1FsNThXhRbWJ1zCtW_DDU9AmMUk9bESac7xOjDyVO7uOXH3KHcVgvuPunDSAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791085&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675070&bpp=1&bdt=136&idt=264&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5080265833044&frm=8&ife=1&pv=1&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.lo53mt6aocdy&fsb=1&dtd=272
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2859 179 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0007 0
0 64ms
50ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIOboY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgShAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21vstgg1xr9sTWkQ1hyhs8QQQQlVlZON-haSDCsoXPySYnz8mcc-0TgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=5hE6WSQQ79k&uach_m=[UACH]&cid=CAQSOwBygQiDOt3xwW1bj-LU0xpD64JJY-IbZcq2LntFQEJ0qIqGnuBDxM0vsPTlCm-pDABsArb5ZBpQO0WTGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0007 0
0 64ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j5eh7kqv5sj12ps532dzz0a245wg8pa3n4cgftb3thjbr5qt2es9pg92x214bm1zey4vfe6r7kpm2gcq6c6a5hxp298mh94c58y392kh25y2z9bhdh3agag246e67nt9avtpskxjdqgzm6kf6xmytgvjsy8ajaa3dnzwd1grmpn1bag5bq7d8nkh4z6ztfzrhc0tqh0a2sjzw3r7fmkdrx7kwg792f79q3k8mq55za9j3g7dwcseyqqx6ay8f4dtzzf39v6j1vbmcw9c6rjzr41knqg60afmj4ph77w55f2tde83kr6m40241a1vpka7z3nsyqsv7qrv0df1s6hf9deyeph96v3s18zvwavtqv1n13m6q4hpyam3n0rx9c08b1np6z51dp3k8wc&b=ZKd3YwAC910K3rkUAAT1A2Gq5c22U3vT63soVw
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Jul 2023 02:24:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame D65C 2 KB
3 KB 71ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1knbsar9m31zq0584kpr746pf1v1scswsqr8sxvzh86hvm6vvfb2nw0zggb8vr7smaz279qfsv2q99hebqddfbxkbf7s5p60hh7yrtv62w66wse5rte7dk11gj5pyqss4ys5efahya3pvg3fprg8rr2xsfxty6wfzdycf5d79fbc1zbp2t83hkcgw4qeq9h1yjvradgstcydfbxgpthqbxctm2zddfhbnt96njc2qhnfh74j95nkqzmrm9b561ntvwtatern83n5ms40b49zpzq240gj4hw5vby1vyccy6yt0j1f8k6wpjr42sanm01spzsj86dqvxtry8mc41x77mzdrzf0jyjx52rdvdzb7829yq9f0rrbtycp1ahnzf0fyh62szsqtx2q43zrtbckd97jwxyvx4ezpc2qx3hd5xzyda7hq0ww7dc0v17zgpbj7ffvmh0s18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e97e1496927056e5edc6354ee3af5c26be9acfffd72046a45592ba182227b77b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1cfa80990d6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:35 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 0007 3 KB
1 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1127 1 KB
643 B 37ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 0007 20 KB
8 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0007 24 KB
6 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0007 179 KB
56 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7321 15 KB
16 KB 40ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 421506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 05:19:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7321 15 KB
15 KB 39ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 16:31:22 GMT
x-content-type-options: nosniff
age: 35593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 16:31:22 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/ Frame 6DC0 358 KB
37 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0f743edd5f319581c7249d4de05809bfff91b910ec7547ed3787cdbff2e920

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 274839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 37422
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 22:03:56 GMT
expires: Tue, 02 Jul 2024 22:03:56 GMT
last-modified: Mon, 22 May 2023 12:01:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4829 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CX8KiY3enZLzzC8SvgAe06LW4A6-r2r1xhaGfuL8R3NkeEAEgwLKCa2CVopmCrAegAcq9hsMCyAEJqQKUvokVEUSyPuACAKgDAcgDAqoEhgJP0KOvKQCmATdcpUS1W8TDZ-YxhYkpMbSA0BYi8kz8JeoAhyuenUwKb15C2xotEa-DtugA82_-GfAtSwOZad8J45AkmNc9TyqbCETuJCsSp0FS1nJglcIEts1kgKQETnZ5xMkIVLHv_5Ni7fCO6syCH13i9tCanz7QPG0AtY1qJPmK2i2xUzPdgpEel9jgGARCiw9Vtskw2iqn-1QeGXPQV2Ach8YhdcBjr_L2D7Rj9lFY2SD-rXNpbVhIaqLxYLjaaj-VJAjjuuX7va93DV9ozMEAq43NGCzBJqaw-pdkeImGFR7UU5oa5amtAa0XXWrOeaLgoRkwBFdVNWjUfFEmBM7OKoUswASo1ZTnjAPgBAGSBQQIBBgBkgUECAUYBKAGXYAHnsL5vAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDXpwHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=gRNMWQQHHWk&uach_m=[UACH]&cid=CAQSOwBygQiDJ7DHVdEfAXk-unVkeRbnFWFjPyY_K78b5_iMPoNJ7VJClhzcVcPgOiiWLLsY-__UkrEXyigaGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 4829 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:18:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE16 143 B
166 B 9ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 4829 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 4829 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2859 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COgX9Y3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSvAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkf8eVtMh7m-Ewts728reGzl7k7CosSpt1dNldvJnW4g6TNBaEQD2eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTkzNTIzMjEwMDEwMTU0GAA&sigh=Wx5qE_1brAA&uach_m=[UACH]&cid=CAQSKQBygQiDXiRnbXck0Tx-_9nh6p_soqrp5tgkLRsNkSNlE_kjCVTLfjAvGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791085&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675070&bpp=1&bdt=136&idt=264&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5080265833044&frm=8&ife=1&pv=1&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.lo53mt6aocdy&fsb=1&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Jul 2023 02:24:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2859 0
0 18ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gajwddazp0nm06sjmam0d3wbp8y89w2mh34c43795pp07fescfb4att3ehagaevrrtzj3cjbyb27cg6cm8xkwa2y6vpa8acfmg4fe20mj8e1ynn2tqdy5az0ag7s00z9rana9c51f29p9ms79cm4h56bpt468wk7tknnt4xgzk2jmpswat40b4m2vss2nbbxkbrg6mj0g5aj3nkwz435g1hrcwsscbzkn2eyks8j8m9fs86vxczb4bx8ps5hace3rndfy6wqxc8cpnjc9ra40nhyxq6p4p9dv1g5d4s7mc5xbgkztsc8s8hgde8dvep3m0cq0h6s42wss6y5r84thfb2nehc8pwcwfqr0k07zr78s6mzfps842gdr8d24pzh9dk4zhbn4&b=ZKd3YwAGCREKwkwLAAS4ebhKQemyLhLTaWR4Ow
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791085&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675070&bpp=1&bdt=136&idt=264&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5080265833044&frm=8&ife=1&pv=1&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.lo53mt6aocdy&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Jul 2023 02:24:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 928C 2 KB
1 KB 33ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k567q4fzn0g5n88dx6e3agyk577k8kjhqrh361a18ygg59bjb8jj1nxs0egqd5h3gh39kmkbmpgk2pbz03q93qgwmkcv3n2e2b23pt24h1aad0rf3d9k4hkxmttg9s2e7xykskqye6kegthkphptkpv0e43wc7pygr9nr6am9y84yp6h5fjpas42yk4yq88n84d0d4cvqf9djzgscmx2p9ex04hfh6vdn9jt62mwt5vaen8gvkjpy5y82n6t9ma083w7aamath442dp0vd46h9dtfm6bnztnqtbrpfaw4czz1e98cq8fcn9ayk3k4k28p5ze5pvnwkfbbq8ene06tafqqscp0n2cw7newv13b41q11j552echtd9xs9sw2qtfcr084a0x2zzars2mjdmz2jstzsy6rvn9nknv8mpgm2rjkyzesyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00543662dc76d7816ce80350c2bbf786202b389b550b4e09661350623e372c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1cfd82590d6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:35 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame BCD0 14 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 01:39:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame BCD0 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BCD0 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQlzMY3enZN7oC5bRgAeUsr3AAejF_6JuzMCK2b8QiJT4h7MCEAEgwLKCa2CVopmCrAegAeqXycAoyAEJqQKUvokVEUSyPuACAKgDAcgDywSqBJMCT9CF28oDEy95dSSRfHICUuLBnwDz00djmU0C51Hs0Sj1V3zT6T0S2Ny_kNjoyKDjQMNT1398kPnidCWWTfMsrEGHs5g3bPJrN_ErhSH6BgrZEQ3aEzeDPrSXkp1OsKhJ7_ooe2a3cCA43tbLmYXekB5JRR82-TVYCb6oztP86B7NsIi_duPEenqO9vtpbFM9j8ASloHga1SRmECAtN2EXhI0kzq6PJFBf1W58MjjSygMHj0bifsAXLaYkFMSNsVtM1bdxu2P-fUkWH9PKATISvxMO9QIMlTy3jDH-uDAj2ysFHZLuaGDyNk-cT07DaTLmUEziEA6WW5tZnYhROCFKjJI3l0f5Dv0EhiDg42V5Leq4PrABMblh6SNBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfqz5mgA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJfMA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwG4E4gE2BMK0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=On9lrvzGPyM&uach_m=[UACH]&cid=CAQSOwBygQiDDn6kUo-iBkpHsMyBj5sQdudZXlYXbEgHeknwrsNCR-HWPPZLggqpyh0ErvnB8pMnog-CNresGAE&template_id=520
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame BCD0 23 KB
9 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:18:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame BCD0 3 KB
1 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD73 1 KB
643 B 20ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame BCD0 20 KB
8 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BCD0 0
0 28ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuUB5bYBgjL3ocL1w_ST8CR8_g4lKCSdKN4tEdGf_Q_3QDLcIm3em3mkL4fgf1VZ3E_0Fn_E_U7QFuO9LZs-GzVbNhjg
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCD0 179 KB
56 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame BCD0 33 KB
14 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:38:10 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame EB60
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECczweLzzqGODqCw_MDmSlE&google_cver=1&google_push=AaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECczweLzzqGODqCw_MDmSlE&google_cver=1&google_push=AaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MN...

43 B
396 B

183ms
181ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECczweLzzqGODqCw_MDmSlE&google_cver=1&google_push=AaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e2ca1d1cabf9bfb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 461
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECczweLzzqGODqCw_MDmSlE&google_cver=1&google_push=AaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFWUhBm9X8HDitoE_wau7o9jltH5j6B-6DM1zTUfFxOkMj9Q4yP8y8vdYNScFDEWBr7YWcxFORY68iSXO8RM4PpBN1p5MNL%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e2ca1d0497e9bfb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB60
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP7T04_0mxV14RBIzowwFsQ&google_push=AaAOQGFtdvmHTqyxEvTPxy5HTZsDxTl1HArzUP7zE6MVY7t4IeNP-unqkJ...

170 B
188 B

24ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP7T04_0mxV14RBIzowwFsQ&google_push=AaAOQGFtdvmHTqyxEvTPxy5HTZsDxTl1HArzUP7zE6MVY7t4IeNP-unqkJLB7pfYFkuak1llL0hZ_QCX0GuKtIwO4Mbshba68SIx

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230099-FRA
pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688696676.914356,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP7T04_0mxV14RBIzowwFsQ&google_push=AaAOQGFtdvmHTqyxEvTPxy5HTZsDxTl1HArzUP7zE6MVY7t4IeNP-unqkJLB7pfYFkuak1llL0hZ_QCX0GuKtIwO4Mbshba68SIx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB60
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELUTHC4MExgVKW0xiAVXLi4&google_cver=1&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hr...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELUTHC4MExgVKW0xiAVXLi4&google_cver=1&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mS...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hruQNTEoq0&google_hm=NdZVXyiNR8WC4LKw2KNDNQ==

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hruQNTEoq0&google_hm=NdZVXyiNR8WC4LKw2KNDNQ==

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hruQNTEoq0&google_hm=NdZVXyiNR8WC4LKw2KNDNQ==
date: Fri, 07 Jul 2023 02:24:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame EB60 43 B
363 B 71ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEDFjFTa9YKM5-upaTy4Ftcg&google_cver=1&google_push=AaAOQGGGpqpmepbn0OlTzTgbF5vT563Y4XSJehRlbvT_KjXpcVDf2tLPTe1loemnB6RVe7q2n8I5WguhJEO-9198Wf0gV-Db4YBa

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 250139
expires: Fri, 07 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB60
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA2_T0eaYSre04XKKnuTC9s&google_cver=1&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA2_T0eaYSre04XKKnuTC9s&google_cver=1&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG7IL8hkGmWm6&google_hm=G8DwvGZHrDc6H5viQSKZhRir

170 B
188 B

23ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG7IL8hkGmWm6&google_hm=G8DwvGZHrDc6H5viQSKZhRir

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 07 Jul 2023 02:24:36 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEwFzEIJZTEmjot6XSrJoLDlqYMkUsRFEGJ56OTUsptwcaTvnOYSeq0LaZFbZKbuYH-3UPCFnNM4rr8WRVrG7IL8hkGmWm6&google_hm=G8DwvGZHrDc6H5viQSKZhRir
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame EB60 0
75 B 249ms
28ms Image
text/plain 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJMlB93N3wG_CZ8JLjAtMm0&google_cver=1&google_push=AaAOQGHMiuDyJIMblQkuxcIc7RGhGRzKT3cBH2be0r23vCktKmaBfZQlOlPpI7_nssJVj9899zteIk8kpG6LwhScw95lrh1cTOY
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB60
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELYVsiCOlBr3s1XjwoJ4HD8&google_cver=1&google_push=AaAOQGGhoN-Hs2hU5...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESELYVsiCOlBr3s1XjwoJ4HD8&google_cver=1&google_push=AaAOQGGhoN-Hs2hU55N3PQzxT63BGKnIZs...

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESELYVsiCOlBr3s1XjwoJ4HD8&google_cver=1&google_push=AaAOQGGhoN-Hs2hU55N3PQzxT63BGKnIZsbWWNSCZNrGE3wUdWVMf9F_MlhFCL9-5lZE4c3btfL7JYEa6K-ZkFxHjNZv3l7dm3n7

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
an-x-request-uuid: e9efbf19-f8dd-4a5b-97b6-4eacad45f7e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTcxMzEzNTg2MTUzNDQ2MTExOA%3D%3D&google_gid=CAESELYVsiCOlBr3s1XjwoJ4HD8&google_cver=1&google_push=AaAOQGGhoN-Hs2hU55N3PQzxT63BGKnIZsbWWNSCZNrGE3wUdWVMf9F_MlhFCL9-5lZE4c3btfL7JYEa6K-ZkFxHjNZv3l7dm3n7
x-proxy-origin: 81.95.5.42; 81.95.5.42; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EB60 0
12 B 24ms
15ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRUgRYn90rbIR_tKUuvQ5z4eqevAnDTC3_LW8ciU1VyAFUY6Vc8-xa7evCg24HvAzxDcNFmA

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7DD0 33 KB
33 KB 14ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 430836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 02:43:59 GMT

GET
DATA 200
OK truncated
/ Frame BCD0 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B16 0
0 64ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmmcvfteYIXyv_K6Dn26-x49LqRFkJW5lL3F-MDWboVhSSnAq7FJr9dA4oCEVwbELoGMaq6hKb2jS0vt5Gz8JcpDDsfCR5MJjHVM7InQs6v1_EDu6dBJaqhl-ptbMEb2hLJU727EWwBSAvjqIJLyq3yKpcbMUwc1tyLy_aJK2zCJYMbn-Pi-eizFgqcuEGSpaiCgcqoWXgTIiaTG_9M2J9D_13ZDgV8i73u9Sv8shc-oHmZPDx9FuJ6YcMkj185J1iXi2JwawsZ0bt4QN7FwFn6v3sFhyWdvOPgfuKmODNvUA-rSTYZlflTO8UKEJbZM5CAa23WsGQyVl8tj3PkkXL5IenHA2Ca_4lf5DKhXV9oSqznvKTG1JaRSeS&sai=AMfl-YTWiDiGzMkgmI93_wbpcGLzOttPbBm8atYHQ68_09ZqKhl8yFekJvYnXVpSKZ9vmxdOxnSXIZBRcyDc1hozT9Aq77sDOtZ11foI5etNtpBzHUyb48tSz925oUFP5Q&sig=Cg0ArKJSzE2AuUDy-8JCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6B16 16 KB
12 KB 24ms
24ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230705&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43797a0e1a6d676c96ec38776434f1f353b630f757f29acb43ebad6f1b3dc751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11994
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6DC0 3 KB
580 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:regular,800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39d963d1265b5da79cee9aa2ac480f152e900be382bd87b0d9e5e0fc6c53a8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 00:30:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6DC0 16 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 13:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 07 Jul 2023 13:38:42 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6DC0 34 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10896490684634628096/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 08 Jul 2023 01:47:45 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame D65C 114 KB
14 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1knbsar9m31zq0584kpr746pf1v1scswsqr8sxvzh86hvm6vvfb2nw0zggb8vr7smaz279qfsv2q99hebqddfbxkbf7s5p60hh7yrtv62w66wse5rte7dk11gj5pyqss4ys5efahya3pvg3fprg8rr2xsfxty6wfzdycf5d79fbc1zbp2t83hkcgw4qeq9h1yjvradgstcydfbxgpthqbxctm2zddfhbnt96njc2qhnfh74j95nkqzmrm9b561ntvwtatern83n5ms40b49zpzq240gj4hw5vby1vyccy6yt0j1f8k6wpjr42sanm01spzsj86dqvxtry8mc41x77mzdrzf0jyjx52rdvdzb7829yq9f0rrbtycp1ahnzf0fyh62szsqtx2q43zrtbckd97jwxyvx4ezpc2qx3hd5xzyda7hq0ww7dc0v17zgpbj7ffvmh0s18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1knbsar9m31zq0584kpr746pf1v1scswsqr8sxvzh86hvm6vvfb2nw0zggb8vr7smaz279qfsv2q99hebqddfbxkbf7s5p60hh7yrtv62w66wse5rte7dk11gj5pyqss4ys5efahya3pvg3fprg8rr2xsfxty6wfzdycf5d79fbc1zbp2t83hkcgw4qeq9h1yjvradgstcydfbxgpthqbxctm2zddfhbnt96njc2qhnfh74j95nkqzmrm9b561ntvwtatern83n5ms40b49zpzq240gj4hw5vby1vyccy6yt0j1f8k6wpjr42sanm01spzsj86dqvxtry8mc41x77mzdrzf0jyjx52rdvdzb7829yq9f0rrbtycp1ahnzf0fyh62szsqtx2q43zrtbckd97jwxyvx4ezpc2qx3hd5xzyda7hq0ww7dc0v17zgpbj7ffvmh0s18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 745886
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAAbf0uudyLKmAXGBUHdsAUd2YJC586BLzm%2BIRlZUjiG5S6Lpf9A4s9edR84N%2BXEB5OYJ%2Fb7pnseM3akRm33rqkc08vDIN5ZZeY2IHuiAxFFxLkvV2oujDVLjhV8Do74y1%2FRXuMgwBY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e2ca1d0cab42bbe-FRA
expires: Fri, 07 Jul 2023 03:24:35 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame D65C 25 KB
10 KB 35ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1knbsar9m31zq0584kpr746pf1v1scswsqr8sxvzh86hvm6vvfb2nw0zggb8vr7smaz279qfsv2q99hebqddfbxkbf7s5p60hh7yrtv62w66wse5rte7dk11gj5pyqss4ys5efahya3pvg3fprg8rr2xsfxty6wfzdycf5d79fbc1zbp2t83hkcgw4qeq9h1yjvradgstcydfbxgpthqbxctm2zddfhbnt96njc2qhnfh74j95nkqzmrm9b561ntvwtatern83n5ms40b49zpzq240gj4hw5vby1vyccy6yt0j1f8k6wpjr42sanm01spzsj86dqvxtry8mc41x77mzdrzf0jyjx52rdvdzb7829yq9f0rrbtycp1ahnzf0fyh62szsqtx2q43zrtbckd97jwxyvx4ezpc2qx3hd5xzyda7hq0ww7dc0v17zgpbj7ffvmh0s18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 291655
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02gaysGFEhdWwAGyRM0oENffVV7csbkFrEHcoCQj4SVEPYsoKxekR22tajU5hqrHwYqw7bebRGs%2FBpaVJMsoNAgt2HPPRBliq3Wqd6rnJ%2Bx1gmioybS6eUY9jmKvMSJCRcL1ypM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e2ca1d0e8e390d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Jun 2023 13:46:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AA9E 1 KB
643 B 14ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame B02A 114 KB
14 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbpz1kkqks41ka7e8gh1m9jk63vh8pxrh96aksxd59646sy65ymg54s7f9y3e19de3ptpp9nevecc9cs75xtzsezjhxfj90td0s0a6ppy8dzqvqcp5cftv6j50bbxhpxw05ztfb228wjwvkkm77xnwex8z4gb75dfhwkqfphwkegn93rd6s556g8x3sxc0vk1xgctpyyekfsagpyca3t6j2thr4f90y7eh6vbg915yv2wwc7vxm3f215z0d7nrx59nw2dt9e7w7cdzp0g492w1hx96p6sy2sndgfd6jc92t5thjr15n8dp54zrah50fjk7yt6sy6nghmch3re2gz2trvzf88gbwe0qb0qy0c1brtgj01k7wzbzf7cwxghxtafgch301chp465p75v9d1pmmar31wr8gbaksw7qtb2qfavkne77q4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kbpz1kkqks41ka7e8gh1m9jk63vh8pxrh96aksxd59646sy65ymg54s7f9y3e19de3ptpp9nevecc9cs75xtzsezjhxfj90td0s0a6ppy8dzqvqcp5cftv6j50bbxhpxw05ztfb228wjwvkkm77xnwex8z4gb75dfhwkqfphwkegn93rd6s556g8x3sxc0vk1xgctpyyekfsagpyca3t6j2thr4f90y7eh6vbg915yv2wwc7vxm3f215z0d7nrx59nw2dt9e7w7cdzp0g492w1hx96p6sy2sndgfd6jc92t5thjr15n8dp54zrah50fjk7yt6sy6nghmch3re2gz2trvzf88gbwe0qb0qy0c1brtgj01k7wzbzf7cwxghxtafgch301chp465p75v9d1pmmar31wr8gbaksw7qtb2qfavkne77q4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 745886
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgEzNeX7KQO86Jssi0EIfATnXe03Aws6cL7yZjYAuYVEyNxWzM9x1jWWUM1DUd4ckrTgxpC6SFlEvvwb0rUglbRcHZpAV56lMtrEQj4%2BfNjB7GQyMqrouFX21azZVb1Aw%2B7qE6p0Xbk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e2ca1d0cab72bbe-FRA
expires: Fri, 07 Jul 2023 03:24:35 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame B02A 25 KB
10 KB 30ms
17ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbpz1kkqks41ka7e8gh1m9jk63vh8pxrh96aksxd59646sy65ymg54s7f9y3e19de3ptpp9nevecc9cs75xtzsezjhxfj90td0s0a6ppy8dzqvqcp5cftv6j50bbxhpxw05ztfb228wjwvkkm77xnwex8z4gb75dfhwkqfphwkegn93rd6s556g8x3sxc0vk1xgctpyyekfsagpyca3t6j2thr4f90y7eh6vbg915yv2wwc7vxm3f215z0d7nrx59nw2dt9e7w7cdzp0g492w1hx96p6sy2sndgfd6jc92t5thjr15n8dp54zrah50fjk7yt6sy6nghmch3re2gz2trvzf88gbwe0qb0qy0c1brtgj01k7wzbzf7cwxghxtafgch301chp465p75v9d1pmmar31wr8gbaksw7qtb2qfavkne77q4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 291655
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpWO4PjScSUC8Oyd6L%2BgHjbZoYM5WAGzxb2UqQiSCOnwYqaJYp4OSyBWsu%2BqcgOpxZMzrofDJtg0RbITFtT8LvoMppCeYj4d6ZKd5zVdmLq5E9xn8Ko9aNrV2sd5jTyBEEWls%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e2ca1d0e8e290d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Jun 2023 13:46:21 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 928C 114 KB
14 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k567q4fzn0g5n88dx6e3agyk577k8kjhqrh361a18ygg59bjb8jj1nxs0egqd5h3gh39kmkbmpgk2pbz03q93qgwmkcv3n2e2b23pt24h1aad0rf3d9k4hkxmttg9s2e7xykskqye6kegthkphptkpv0e43wc7pygr9nr6am9y84yp6h5fjpas42yk4yq88n84d0d4cvqf9djzgscmx2p9ex04hfh6vdn9jt62mwt5vaen8gvkjpy5y82n6t9ma083w7aamath442dp0vd46h9dtfm6bnztnqtbrpfaw4czz1e98cq8fcn9ayk3k4k28p5ze5pvnwkfbbq8ene06tafqqscp0n2cw7newv13b41q11j552echtd9xs9sw2qtfcr084a0x2zzars2mjdmz2jstzsy6rvn9nknv8mpgm2rjkyzesyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k567q4fzn0g5n88dx6e3agyk577k8kjhqrh361a18ygg59bjb8jj1nxs0egqd5h3gh39kmkbmpgk2pbz03q93qgwmkcv3n2e2b23pt24h1aad0rf3d9k4hkxmttg9s2e7xykskqye6kegthkphptkpv0e43wc7pygr9nr6am9y84yp6h5fjpas42yk4yq88n84d0d4cvqf9djzgscmx2p9ex04hfh6vdn9jt62mwt5vaen8gvkjpy5y82n6t9ma083w7aamath442dp0vd46h9dtfm6bnztnqtbrpfaw4czz1e98cq8fcn9ayk3k4k28p5ze5pvnwkfbbq8ene06tafqqscp0n2cw7newv13b41q11j552echtd9xs9sw2qtfcr084a0x2zzars2mjdmz2jstzsy6rvn9nknv8mpgm2rjkyzesyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 745887
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tstwkSvR1ME7w%2FoTDtZpX8zDqWe5ppCJpr%2Fqf1R32kQ349TXs83hh%2FY4koiXIDZDAcCgQFunXNeCtejvTvrvFZE5H4G3EnYrR7OOIUw8YXuIoHcUg5fBWDv9bux5e453Llpo567Miw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e2ca1d11ae32bbe-FRA
expires: Fri, 07 Jul 2023 03:24:36 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 928C 25 KB
10 KB 17ms
17ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k567q4fzn0g5n88dx6e3agyk577k8kjhqrh361a18ygg59bjb8jj1nxs0egqd5h3gh39kmkbmpgk2pbz03q93qgwmkcv3n2e2b23pt24h1aad0rf3d9k4hkxmttg9s2e7xykskqye6kegthkphptkpv0e43wc7pygr9nr6am9y84yp6h5fjpas42yk4yq88n84d0d4cvqf9djzgscmx2p9ex04hfh6vdn9jt62mwt5vaen8gvkjpy5y82n6t9ma083w7aamath442dp0vd46h9dtfm6bnztnqtbrpfaw4czz1e98cq8fcn9ayk3k4k28p5ze5pvnwkfbbq8ene06tafqqscp0n2cw7newv13b41q11j552echtd9xs9sw2qtfcr084a0x2zzars2mjdmz2jstzsy6rvn9nknv8mpgm2rjkyzesyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34971
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2fOy0CE%2BMtZaIIuIvVgUeCGX4q9jLvc5vWTCparxYm1jGcAtouEVm%2Flv3bEx0VlnjtFw0opmMXcJJz0jfirPgZke%2FoDkU02RFfVSl%2FPCtzEJNqfhRsGLKchbXC2CaABqg9oyrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e2ca1d11ae42bbe-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 04 Jul 2023 13:46:27 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7DD0 0
0 68ms
67ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6_F8YnenZNvbNYzrgAfnw5zQCujF_6Ju9MCK2b8QiJT4h7MCEAEgwLKCa2CVopmCrAegAeqXycAoyAEJqQKUvokVEUSyPuACAKgDAcgDywSqBJcCT9BZ53Bdw9mmSbPkjPa2o2Avmav1o0wA3DeJApiY0y3uu1eK2lFCFY6iR0LreB5ZXDUr_R-8aF-XCg4r4iL7b2yosQqK2RdyLpOnlQMU0xmViJkKXOteKbhW5scyg-c__5Gv-boPu1jRwMAptZL58F-Ia5-rpbvjS2-fWglckhahE4m-nMxMdXbCnM7XS4UxgHpywmwjxVCmUXCZ77ukolJeQhqlvG7Z1f20KFUmcvby2ok5ygS10XHiBvx8mlIBtf82SIO17zBv--pUNjZ7dEppuspxd1ssh7zl_dWGQy7HFC1FY2kKgrsEKOhATMLPkrfXx-EcMAEHMGEpZfhmDnpdHD2TXViLqJdNdBYusWyNzNGgpNSdwATG5YekjQTgBAGSBQQIBBgBkgUECAUYBKAGLoAH6s-ZoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDytgfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBuBOIBNgTCtAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=oXCI1eHH84s&uach_m=[UACH]&cid=CAQSOwBpAlJWwguzdpZY04Io6umSvWa4ZzLqi7JQHRtHMgzgmE8gA0uQsBC7CCGofyK5-jViqCe5r3Y_F8r-GAE&template_id=520&cbvp=2&vis=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B16 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 02:24:36 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3348 0
103 B 17ms
15ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDniJoht6jfdZus2SiDUWtk&google_cver=1&google_push=AaAOQGHqwSKSbbod0aMK-RfIx6Ib1xZqs1wN53kdICqCgrIsHN-Exjx92a1_HlojY8hqgEkqOg-keawIMBtSryuHaY_e6QSJ4JwO
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3348
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_hm=ZKd3ZOTCXvMVU2ndYK_64QAAFGYAAAIB&google_nid=index&google_push=AaAOQGG4DWuWDcVVjrpiOi6gJPf4LJRkUSZRL...

170 B
188 B

29ms
29ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_hm=ZKd3ZOTCXvMVU2ndYK_64QAAFGYAAAIB&google_nid=index&google_push=AaAOQGG4DWuWDcVVjrpiOi6gJPf4LJRkUSZRLfBvqqAKKIo4EqpNSJ8L8FhZoY8AfCZ6D1xUXqVL2xP8EqwX_jhVlCgcUm7awN_R

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 02:24:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7qFeMG-Yae0dLNGGgieFM&google_hm=ZKd3ZOTCXvMVU2ndYK_64QAAFGYAAAIB&google_nid=index&google_push=AaAOQGG4DWuWDcVVjrpiOi6gJPf4LJRkUSZRLfBvqqAKKIo4EqpNSJ8L8FhZoY8AfCZ6D1xUXqVL2xP8EqwX_jhVlCgcUm7awN_R
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3348
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECP9nx2bAX8w1QihrOSClC0&google_cver=1&google_push=AaAOQGFProfwAv1Eu1zxrXdjSq8ihyqxb13GIYnCrzYetoebKGGh29Qw80wGV93nmscgwKE5uUvelJ9U69k2x93sH...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFProfwAv1Eu1zxrXdjSq8ihyqxb13GIYnCrzYetoebKGGh29Qw80wGV93nmscgwKE5uUvelJ9U69k2x93sHbrRL2O4JBEV&google_hm=G8DwvGZHrDc6H5viQSKZhRir

170 B
188 B

21ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFProfwAv1Eu1zxrXdjSq8ihyqxb13GIYnCrzYetoebKGGh29Qw80wGV93nmscgwKE5uUvelJ9U69k2x93sHbrRL2O4JBEV&google_hm=G8DwvGZHrDc6H5viQSKZhRir

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 07 Jul 2023 02:24:36 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFProfwAv1Eu1zxrXdjSq8ihyqxb13GIYnCrzYetoebKGGh29Qw80wGV93nmscgwKE5uUvelJ9U69k2x93sHbrRL2O4JBEV&google_hm=G8DwvGZHrDc6H5viQSKZhRir
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3348
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEJ6WkqQkzhH855cZfjFaA14&google_cver=1&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQHyHoN_Nk...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ6WkqQkzhH855cZfjFaA14&google_cver=1&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQHy...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FG0gb1HrRkuMF_fnmk18pw&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQH...

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FG0gb1HrRkuMF_fnmk18pw&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQHyHoN_NkUoRsC2

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FG0gb1HrRkuMF_fnmk18pw&google_push=AaAOQGG4ddpKgGFvIg0gxz67EGXcf3RHSVsEsJSsKeV5SzgfrzPA9BFUoPnm6IjSWgJIkHCwH4qoK8gat7YncQHyHoN_NkUoRsC2
access-control-allow-origin: *
date: Fri, 07 Jul 2023 02:24:36 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3348
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECoE7rEyoFhMehDSq6Ky00w&google_cver=1&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh-XKzOQvlX9j3rSAm92MbLohKC-NAUR2jTqGpjADPaYSP
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh-XKzOQvlX9j3rSAm92MbLohKC-NAUR2jTqGpjADPaYS...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh...

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh-XKzOQvlX9j3rSAm92MbLohKC-NAUR2jTqGpjADPaYSP

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGEeRZnZpp7fm5R26zgKtpor7gmth3h4b8gVZuW0gzjwEigMl5oh-XKzOQvlX9j3rSAm92MbLohKC-NAUR2jTqGpjADPaYSP
date: Fri, 07 Jul 2023 02:24:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 3348 0
75 B 73ms
21ms Image
text/plain 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMO3-apZ-UVoHTxRiPG8WBI&google_cver=1&google_push=AaAOQGHaG6kLQbX0DwzKlzh7xv464ssf1p-G_-vk7B5vfM1qZm_rrO7do-TmuREwK8Mep3beq2WY25AaQGQFTkh8BbKvwrLN3Rpv
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:35 GMT
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 3348 0
125 B 79ms
12ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB5y-oE-YFfMbmDImmfWx3I&google_cver=1&google_push=AaAOQGFUHy10bUEtdsNA8ZseqqFMbFG5eoBm8uEuy4Sif8myawXbKQsLUhaZQBI56ShwkQk_y9yIgAJkWF6S5-auOt9-mzw8xEs_yg

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3348 0
12 B 18ms
17ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSHURc9boHcIElrK0-O05ZPw5qIXN_MufOe7DN0wReJhJb10gtq8F-UGuEyQsXOmoAcJjSzg

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E949 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ac5dfc6b312536a951e5c5cb2d5fba600edd6707a27230b49250cfe2e7a407

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 6291 38 KB
14 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1127
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&google_cver=1&google_push=AaAOQGHfTz5sW01rZFNK1kq3g0QMDvstM6PJxjN2kw3pdg1...

170 B
188 B

25ms
25ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&google_cver=1&google_push=AaAOQGHfTz5sW01rZFNK1kq3g0QMDvstM6PJxjN2kw3pdg1k67h4Qb1cuE4P6dCMvcQ5kkbQf33KQG0YBLU58dG0-B5hxyu719lJ

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 02:24:35 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEHN6TSGTb8oF12CvA7RE-UE&google_cver=1&google_push=AaAOQGHfTz5sW01rZFNK1kq3g0QMDvstM6PJxjN2kw3pdg1k67h4Qb1cuE4P6dCMvcQ5kkbQf33KQG0YBLU58dG0-B5hxyu719lJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 1127 43 B
422 B 205ms
201ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEMpHdz4s4UsXNh9Kkc65CRk&google_cver=1&google_push=AaAOQGGO2TccIYnvk33kKBFD5oXLf4LF7FrOJqKtI0g1gyZIyioJUK6wiagid5MrgB6il534bkSzh8JN1dEAHHsrcKjzILNoBBk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGO2TccIYnvk33kKBFD5oXLf4LF7FrOJqKtI0g1gyZIyioJUK6wiagid5MrgB6il534bkSzh8JN1dEAHHsrcKjzILNoBBk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e2ca1d1aa979bfb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1127
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHZYtc8hdNzo1Pu1u4mdVgI&google_cver=1&google_push=AaAOQGF_ygdQwpv8l7WrLCYKwPJzblNvx0vcp2GFFU5VpybSklkym9KdaKhz4GoF9Ls5lAyj0aTeBKaXG3yqid...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGF_ygdQwpv8l7WrLCYKwPJzblNvx0vcp2GFFU5VpybSklkym9KdaKhz4GoF9Ls5lAyj0aTeBKaXG3yqid-o4_...

170 B
188 B

20ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGF_ygdQwpv8l7WrLCYKwPJzblNvx0vcp2GFFU5VpybSklkym9KdaKhz4GoF9Ls5lAyj0aTeBKaXG3yqid-o4_J2JMykkYAn

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGF_ygdQwpv8l7WrLCYKwPJzblNvx0vcp2GFFU5VpybSklkym9KdaKhz4GoF9Ls5lAyj0aTeBKaXG3yqid-o4_J2JMykkYAn
Date: Fri, 07 Jul 2023 02:24:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1127
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHsXOW_qlatl1EyShwhceqznC2XFL-z_WeMF77Cj0zZDrrsADZTZrLS3_PGpI2CG570G6rDREygXvPrnlb_QLiwAeCV53_8

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aK1WHv5BTrGkrrjtLhAfKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHsXOW_qlatl1EyShwhceqznC2XFL-z_WeMF77Cj0zZDrrsADZTZrLS3_PGpI2CG570G6rDREygXvPrnlb_QLiwAeCV53_8
date: Fri, 07 Jul 2023 02:24:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1127
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMKwyvrt5PjsDCZyyK9p9D0&google_cver=1&google_push=AaAOQGFAfPau761MGQRo3MHKmLsY5kMwLWVigFmhqEHCFGMYyKVsxvqH8weh_uw4GKS8X71UTLg...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSWUVFS0otMVMtMURUOA==&google_push=AaAOQGFAfPau761MGQRo3MHKmLsY5kMwLWVigFmhqEHCFGMYyKVsxvqH8weh_uw4GKS8X71UTLgZKVS5b7TgmnPuHx8vlzAi44g

170 B
188 B

21ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSWUVFS0otMVMtMURUOA==&google_push=AaAOQGFAfPau761MGQRo3MHKmLsY5kMwLWVigFmhqEHCFGMYyKVsxvqH8weh_uw4GKS8X71UTLgZKVS5b7TgmnPuHx8vlzAi44g

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSWUVFS0otMVMtMURUOA==&google_push=AaAOQGFAfPau761MGQRo3MHKmLsY5kMwLWVigFmhqEHCFGMYyKVsxvqH8weh_uw4GKS8X71UTLgZKVS5b7TgmnPuHx8vlzAi44g
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1127 0
12 B 18ms
15ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8FnHEWtfDVsLIIsmwjA_EKu4TV33bBiR0vzNxRJ3BudVyHKKqw_J0K9s

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame AD73 35 B
464 B 69ms
15ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDbQUTE_omXUg6Je1XE9FBI&google_cver=1&google_push=AaAOQGH_U_AgdYrMcCzln1hFAsZJgYm0v9ng8sOc4cGMqlrIXDcY1fvFaSTbk2VprzSf31FhillgzPy1hzBXPyb4byDvw4eMZzn67Q

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame AD73 43 B
592 B 166ms
165ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEMpHdz4s4UsXNh9Kkc65CRk&google_cver=1&google_push=AaAOQGFdinipHFPmxb7ezga9M4bAcopiq_aVxcCVINn-Ka4LmILyL15e81SxNwzJ-cRK5CHIwA80EhcL-dz48jMh-VNxLDeLTqgwRg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFdinipHFPmxb7ezga9M4bAcopiq_aVxcCVINn-Ka4LmILyL15e81SxNwzJ-cRK5CHIwA80EhcL-dz48jMh-VNxLDeLTqgwRg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e2ca1d1e9a1920b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD73
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEU8ipa5eF2Gaj8GbntN7ss&google_cver=1&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXdci...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEU8ipa5eF2Gaj8GbntN7ss&google_cver=1&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXd...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXdciepGRUPA

170 B
188 B

18ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXdciepGRUPA

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHMmEooTE4gnkBqFLczpjzBMtkXfnCnIOTiBpidcygO_fW9fB1cVbjnO-bYUSilKeI5sQmVd_1683IbgPoiZSOXdciepGRUPA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame AD73 43 B
245 B 62ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKX2S9f8v-AuFk9swOPzz8I&google_cver=1&google_push=AaAOQGHczTgXpn9nf5g-sQ7Lg6hUHohx1rv469CmZIN521mMUDMBrtKCpG71Wkun6nD_WTywPfMWWs9eKy1sNeQ2U7_hCSQRZGueEQ
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD73
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-2f4cc179-1fec-4152-9699-d41e10a80168-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHVZjKB9e-z7LljeWVWy...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw&google_hm=Ay9MwXkf7EFSlpnUHhCoAWg

170 B
188 B

18ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw&google_hm=Ay9MwXkf7EFSlpnUHhCoAWg

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHVZjKB9e-z7LljeWVWyhRG392d4_DoIOeLcQtoS6TgPWbMdRV24xBDEavDL0eIm_MTq11eFmvRAXK1iaAmC8WcG5jy9n2biw&google_hm=Ay9MwXkf7EFSlpnUHhCoAWg
date: Fri, 07 Jul 2023 02:24:36 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2f4cc1791fec41529699d41e10a80168003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD73
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECoE7rEyoFhMehDSq6Ky00w&google_cver=1&google_push=AaAOQGGUqEe29oartYY9vDv2un-jrtSlQ0sD57TeLN-zAXmACC6Rbcy6g8dgrEcunosN_lmeVySomXIHSp2grthcFfn-vPsvbe...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGGUqEe29oartYY9vDv2un-jrtSlQ0sD57TeLN-zAXmACC6Rbcy6...

170 B
188 B

22ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGGUqEe29oartYY9vDv2un-jrtSlQ0sD57TeLN-zAXmACC6Rbcy6g8dgrEcunosN_lmeVySomXIHSp2grthcFfn-vPsvbeYxYQ

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyOTM0MTg4MDE3OTUyMjIzOTU3NA%3D%3D&google_push=AaAOQGGUqEe29oartYY9vDv2un-jrtSlQ0sD57TeLN-zAXmACC6Rbcy6g8dgrEcunosN_lmeVySomXIHSp2grthcFfn-vPsvbeYxYQ
date: Fri, 07 Jul 2023 02:24:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame AD73 0
15 B 16ms
13ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB5y-oE-YFfMbmDImmfWx3I&google_cver=1&google_push=AaAOQGHhZlTbC1A_JLsEYPf4X-gAnp8rrp31i3uBqDvypvtXaZmcaFqW52AprlsXsTGHoWGaESO_1y0hOfVGKo5qSFBx5VspPRXI6Yo

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD73 0
12 B 17ms
15ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lufl_aRRuhuP3gMEQVSmRpTRkaZOCu3jUrR2yJmMB3AKToBVYhTgTEqJfuDZNE0t_cXpyRMg

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 6359 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f8827ae19c1973a4f504e36950571c261a889b15447bb00137f4ab125e9b21e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE16
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:36 GMT
expires: Fri, 07 Jul 2023 02:24:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2859 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3194c6ec5635621e7946f655bb2a2a394ee7aa6c2da2cc495bb1e4ee86882d21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0007 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a83fddb261a94f0304a3bf91be20b8e5df471bbacf4a7d97133ce8bbd823782a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E949 33 KB
33 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 430837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 02:43:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4829 0
0 15ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2bO95IjofFWvqSh5iXpUQZo2G8Mr3vm1WP-CR8I2GeSTjbxglqI9vr7veCTviv83BImLtrnojME7Yh9Gv_sRk8R108g
Requested by: Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4829 179 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 02:24:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A4F 13 KB
5 KB 11ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:56:23 GMT
expires: Fri, 05 Jul 2024 20:56:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6909 783 B
536 B 20ms
17ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0063f8df728f4713ea9409d9b6a9ca3533b45bf78dfb608e6d6e6c87a3873da5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lv2K9kXU1SJFsRcb73rPAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Lv2K9kXU1SJFsRcb73rPAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:36 GMT
expires: Fri, 07 Jul 2023 02:24:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA9E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGTgzNwOp9Eo0ZD0lRs3Q_c&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEGTgzNwOp9Eo0ZD0lRs3Q_c&google_cver=1&google_push=AaAOQGEvj1r6QVvOpqrhL43VONHZnBV6wS6O3yRftq9Qgl-...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEGTgzNwOp9Eo0ZD0lRs3Q_c&google_cver=1&google_push=AaAOQGEvj1r6QVvOpqrhL43VONHZnBV6wS6O3yRftq9Qgl-3MP4ag8OI8wrHWjoutkas7gZjLY5qV-Q4WKQ-qzSWoEnXF2wTNBk_H7Od

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 02:24:35 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VklpQWVaOVoxUWhCOWE1&google_gid=CAESEGTgzNwOp9Eo0ZD0lRs3Q_c&google_cver=1&google_push=AaAOQGEvj1r6QVvOpqrhL43VONHZnBV6wS6O3yRftq9Qgl-3MP4ag8OI8wrHWjoutkas7gZjLY5qV-Q4WKQ-qzSWoEnXF2wTNBk_H7Od
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA9E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECD-WkH5uMuaVYiAsVDTnPg&google_cver=1&google_push=AaAOQGF5myzZwHRZdJf81cH3gY-l9ngJTZspMqyrJnGEFgGrp-xENU6EWxW3YgXTiytt0qj5ki7GBhvoCPjbrzyT...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGF5myzZwHRZdJf81cH3gY-l9ngJTZspMqyrJnGEFgGrp-xENU6EWxW3YgXTiytt0qj5ki7GBhvoCPjbrzyT-YEmnQJORwu3Yqne

170 B
188 B

23ms
23ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGF5myzZwHRZdJf81cH3gY-l9ngJTZspMqyrJnGEFgGrp-xENU6EWxW3YgXTiytt0qj5ki7GBhvoCPjbrzyT-YEmnQJORwu3Yqne

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 07 Jul 2023 02:24:36 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGF5myzZwHRZdJf81cH3gY-l9ngJTZspMqyrJnGEFgGrp-xENU6EWxW3YgXTiytt0qj5ki7GBhvoCPjbrzyT-YEmnQJORwu3Yqne
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 07 Jul 2023 02:24:35 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame AA9E 0
187 B 73ms
13ms Image
text/plain 98.98.134.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDsDcX2hVGgM3uH3E33i4bM&google_cver=1&google_push=AaAOQGGx3Muka9w3C4EwMp_7RjnNLuRnR51rlZYg24zgcZTqu_ExFBW8EpUkg-juYOiXReccB2rvYMaLEwJOHzpg0SKdU7bWEgUQIylp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791085&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696675070&bpp=1&bdt=136&idt=264&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5080265833044&frm=8&ife=1&pv=1&ga_vid=1449678592.1688696675&ga_sid=1688696675&ga_hid=1235383988&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=465080864&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C42532278%2C42532280%2C44759842%2C44759926%2C31075645%2C44788442&oid=2&pvsid=1432219434575882&tmod=1763332943&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.lo53mt6aocdy&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 07 Jul 2023 02:24:35 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA9E
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECtWKUV2Tt9u9mpiX9ZBLKE&google_cver=1&google_push=AaAOQGEnIzL6x6xpNDF1BeXMEDr77-uyts_ivwN-Bb95Zn-juTmQ8sC2WVHo4hfoEqttk1dmeNQyZCwRHki...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEnIzL6x6xpNDF1BeXMEDr77-uyts_ivwN-Bb95Zn-juTmQ8sC2WVHo4hfoEqttk1dmeNQyZCwRHkiMzwSYvzUSPXp47a62_EXS&google_hm=vp_Nz8-pSDGyR1BA...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEnIzL6x6xpNDF1BeXMEDr77-uyts_ivwN-Bb95Zn-juTmQ8sC2WVHo4hfoEqttk1dmeNQyZCwRHkiMzwSYvzUSPXp47a62_EXS&google_hm=vp_Nz8-pSDGyR1BAcVHwbSo

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEnIzL6x6xpNDF1BeXMEDr77-uyts_ivwN-Bb95Zn-juTmQ8sC2WVHo4hfoEqttk1dmeNQyZCwRHkiMzwSYvzUSPXp47a62_EXS&google_hm=vp_Nz8-pSDGyR1BAcVHwbSo
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA9E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO-AwLlowVZAdWcbmhlbLjk&google_cver=1&google_push=AaAOQGFkG8z7EUNOLv7hdOO9Mi6WnbvBK7kctqne2MutYhBQfldgW2V-iBMc8bVT_lbrE-WMoFc0fTj5cdPzxB...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGFkG8z7EUNOLv7hdOO9Mi6WnbvBK7kctqne2MutYhBQfldgW2V-iBMc8bVT_lbrE-WMoFc0fTj5cdPzxBF09R...

170 B
188 B

20ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGFkG8z7EUNOLv7hdOO9Mi6WnbvBK7kctqne2MutYhBQfldgW2V-iBMc8bVT_lbrE-WMoFc0fTj5cdPzxBF09Rg7_rS_r57_aXkY

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1Mjg5Njk5NjI4NzExNzQ1MQ%3D%3D&google_push=AaAOQGFkG8z7EUNOLv7hdOO9Mi6WnbvBK7kctqne2MutYhBQfldgW2V-iBMc8bVT_lbrE-WMoFc0fTj5cdPzxBF09Rg7_rS_r57_aXkY
Date: Fri, 07 Jul 2023 02:24:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA9E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBZPWVnOKCoORJ5wy_GoZx0&google_cver=1&google_push=AaAOQGHo_dIfZW-N5PyKsWTGE9yLFg7cfdahGiLRILmMvAa3aKH-5aqZiB4mqXGu2F9kfSi1RwV-XjulDOAHQ6PJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHo_dIfZW-N5PyKsWTGE9yLFg7cfdahGiLRILmMvAa3aKH-5aqZiB4mqXGu2F9kfSi1RwV-XjulDOAHQ6PJbNvTLEdewgQi19Q

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHo_dIfZW-N5PyKsWTGE9yLFg7cfdahGiLRILmMvAa3aKH-5aqZiB4mqXGu2F9kfSi1RwV-XjulDOAHQ6PJbNvTLEdewgQi19Q

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 07 Jul 2023 02:24:36 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=J0I18ThuTi6AgliBq-0tBQ2&google_push=AaAOQGHo_dIfZW-N5PyKsWTGE9yLFg7cfdahGiLRILmMvAa3aKH-5aqZiB4mqXGu2F9kfSi1RwV-XjulDOAHQ6PJbNvTLEdewgQi19Q
x-host: tde-deliveryengine-production-84d9bf65c-88n8z
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA9E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEYcyApRLH9BVHI6i0LUlIc&google_cver=1&google_push=AaAOQGEnw42JngS5cx6qASj4hr-wj9k3LGzUDFmun3czEJLdwxhkWM3jWGeHb5WOW691kPLG3HAJ3Fc4gXW06XTQTJIgd7d...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEnw42JngS5cx6qASj4hr-wj9k3LGzUDFmun3czEJLdwxhkWM3jWGeHb5WOW691kPLG3HAJ3Fc4gXW06XTQTJIgd7dLefDnSVII

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEnw42JngS5cx6qASj4hr-wj9k3LGzUDFmun3czEJLdwxhkWM3jWGeHb5WOW691kPLG3HAJ3Fc4gXW06XTQTJIgd7dLefDnSVII

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEnw42JngS5cx6qASj4hr-wj9k3LGzUDFmun3czEJLdwxhkWM3jWGeHb5WOW691kPLG3HAJ3Fc4gXW06XTQTJIgd7dLefDnSVII
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AA9E 0
12 B 17ms
16ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ka4lYpkPPpSM-0U4ZtPf4Y-b56FIjJV3b4fpR9GUHpBreuNtUzfxD_Hr_FBqU9CQcVQUNu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 928C 3 KB
3 KB 70ms
26ms Image
image/png 2606:4700:20::ac43:444e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3376
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuUyfdkz1Lp4%2F%2Bg%2FU5j%2FdwxaFPuEEoKVhK2J1s0VSvu7gB7%2Fy6F36Lx32%2F43V3%2BTG56YawT%2FKdHfAAZ0puni6vj5qG8PXIul3MoN9diM0KkiYNdGGHIagR0hM1ZB4uBniM%2Fq35t0R3GVJNSg7LLBH0tG"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7e2ca1d428de3731-FRA
expires: Fri, 07 Jul 2023 02:18:16 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B02A 3 KB
4 KB 67ms
23ms Image
image/png 2606:4700:20::ac43:444e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3376
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEzkIk2BvZ2ahsKT4cNEzeXAwQUdXpAOxNXIDbxG5tYUrFjIF440IBx1Fo0wyZX3mdG6PEXQLpEiJCqt%2FJXoktP1D2eqxmKZPvq%2FL2LViNc3FESaAGPhmEm5on1sGDUjcYo6nPQ738TVyvPMIEQguRnw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7e2ca1d428e03731-FRA
expires: Fri, 07 Jul 2023 02:18:16 GMT

GET
DATA 200
OK truncated
/ Frame BCD0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90a70791c65097a158c6b42bb8bfef5c9188db0db2f2398587984d224bcdc55a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4829 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 979e7c67e6ad34d999a507b0eb12e5136a4d0442f1d7289758eaae0ade3b5a66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DA7 38 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 636F 0
209 B 169ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688696674261&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:36 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 6DC0 30 KB
30 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:regular,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:31:37 GMT
x-content-type-options: nosniff
age: 460379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 18:31:37 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D65C 3 KB
3 KB 54ms
25ms Image
image/png 2606:4700:20::ac43:444e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3376
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlMz3oBYoqFv6ECjN0JUUkaAE%2FmBkrZStLgdnSWGTsNMxQIoKAEpTIHUyYdWmjB3EH5k3oIGDOW5IzeYCI60Sa5JeXjokRhnNriZre%2BBZ3J1A52OvI%2BZeY0hKyRIGoIIs%2F1kvULWTTHu4v6nSownLc%2FS"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7e2ca1d428e13731-FRA
expires: Fri, 07 Jul 2023 02:18:16 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 24C8 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2354091
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e2ca1d45e152bbe-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 02:24:36 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At%2B3VCMEeyowMXKeWoaQeVt0TUBmlz4uqo0Fle4ueEFura9bwE4kCRYWZww%2BubzdY0as6ma1alDVvoawkj4duu8%2FwewcJCusOLaf00Iy9MrDSVBaopWmYCVo1%2BAQbty7nzcVsSo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame FF12 2 KB
1 KB 19ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2354091
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e2ca1d45e172bbe-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 02:24:36 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHOv3xrEzuirIzTxvGXy7byWSqxpYgZ6We1qtrm0LErqsYUjr9Nj8OK6h3e01%2BwjQ52m95Bvyb2ltECO7HkuBX5pXRd69LXWkJe3uDM%2BWnAglsmDd4NU8goHa7IJRC%2BChN0HrQ8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame D024 2 KB
1 KB 18ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2354091
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e2ca1d45e182bbe-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 02:24:36 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GG497HkzvYMO4MVM4YJmusgbOkqlupYy7KaOYgqhMDzj6DTkgnldyql5ZJFCVIyDtZRP4Kartkw%2BFlhI6HaDiKt%2F8w9d1GCDgdYCJ2iLt4%2Fq5MGDEj28c2lPnS1VI0kJe9YUy5M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BCD0 33 KB
33 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 02:24:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6909 0
0 46ms
41ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230705&jk=2487041221584005&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A4F 38 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B78 38 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4907 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIeeWk_c9mSp678n99na464e4rx_N-nLrtx_-z9HXJ1PIDw4ZWYqFIw-fnIVVJHDcVbAH-CFBVx5bjZHshPSqhe6dqi9v0jCX97L5pTycUbE46jN-SsOebtV_VfMeoW0xNXKadZEZxp9ElH5U2hmKg8oKJMKua5yhXTgVn2f8eU8JDZGpDkfk9mhM1ml08OagSCmEDva7YEBZTuA50NBzAADiL0pwRu5rIKMlqQr-w-9Z-yI95uHMwsneka8bnPXJV-I3Vl61ckIBOdkLCeCRr-fAhEx-lBwhxkoAnxg8ZIYwu-AGUaPWLi7ANCTjbQXKrNke6u5wG3DNfGgZ1ekI0OST0rIKVlZQxlDGxXw8&sai=AMfl-YQZHPgwlKac-ICID-HCp-G2t0Ff857ik7wqLp0ZlEUKcjfiHsKv-suLeFR_T0hlCL3yhKHd0BbS_HBY2ecy-fPjcIyYy8zX-YRV7xGBbl9t8rFVzCu8skliJ-FpCA&sig=Cg0ArKJSzJ0NSMuBJxT9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Jul 2023 02:24:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4907 15 KB
12 KB 26ms
25ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230705&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b97f33113170d8db9812ce60694dcb2ef4fb341c027f64a52222d6ead3534da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 636F 15 KB
11 KB 25ms
22ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230705&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffd43dba83edb0183e1b5e6caaacf0f7e08f4e2ce0e33e5447e9b62333a5d4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11735
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4907 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 02:24:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 636F 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 02:24:36 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame B02A 2 KB
2 KB 33ms
32ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b23c8d494ad6cbdce019e9a7ed0c1a7edc083e2cae1e07a45cb847a917bfc489

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZEhAd2ao8DYHEuue4LWiBQSRU2R0rjJ3UAakz%2FKKd%2Fk1ZR%2BI9nyoboKUwKkcKvO%2BSTkYBHWjzoqD1ZKssnXEfZfNxbYUi0JW8GkyU2FLgvdCdXj2xxi9lMDEbFN%2F5LEW2NNqBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e2ca1d62d2cbb97-FRA
x-backend-server: aa-reachservice-group-europe-west1-tp53
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
30ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1d5fd03bb97-FRA
content-length: 24
content-type: text/plain
date: Fri, 07 Jul 2023 02:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCjto6x9F6RVG0%2FeeRuzAbj8WEw7tbpv87XYeukgartN4R%2BaQuPaIUDVslL%2Bbdc%2BoN2Ar%2FTXKHWWPqRx9Emu%2FWFh3JttF%2FInnmZnPlWffi0eInoS0Tab9w3YM7rNYwYYgImgXGE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tp53

POST
H3 200 rs Show response
ad4m.at/ Frame D65C 2 KB
2 KB 32ms
32ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: aacc0a9bc0fb1fcda123e5c6feb3030708585b91e116ac248b0edaa07eddfe24

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh2URdbJK0O6tTiP3eKWu3m29fxmFkMEexf3Wc%2Flm%2BFLcedrTxdZLvZfb871xWCjGS5pFW51EMYl1oEH2bsOSguRX14QJVwshQ5u%2FN1aID%2B0pLgMCZBQ4%2Fk3L07MeLNHKG3kK1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e2ca1d62d2abb97-FRA
x-backend-server: aa-reachservice-group-europe-west1-tp53
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 928C 1 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ce53fbd5f7019441405df1e5e3bbd41bbcd6830dad5e5b225ceea9f84d5c4d71

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOGSAFGgWJb%2BNbjeGvzbuexfaaiGAN%2FjcJOgBRuETYZyYiRq%2BYnjh%2B8e5BOd91V1mIginVtL8VYYXkPuL9122KWF1luHp3nJmZT89nGoxhC4HJqHoli0Fnm2bxJ%2BdPPVD5TmT%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e2ca1d62d2fbb97-FRA
x-backend-server: aa-reachservice-group-europe-west1-mndm
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
29ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1d5fd05bb97-FRA
content-length: 24
content-type: text/plain
date: Fri, 07 Jul 2023 02:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAjQ%2F2hC09dS%2BIcgZCShOlW3SNmRTdS4fYkezqdyUghiYwTYSbkEJgjYbrQFCV7fbl60ovS7goe36MJq6pw7E3vaoF2zCA89KZJChNaS9tZFSpj%2F28G7uJD3%2B2JIdY04qpYmH4I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tp53

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
32ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1d5fd04bb97-FRA
content-length: 24
content-type: text/plain
date: Fri, 07 Jul 2023 02:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2%2FkaJAX1ukPxKhCCdBxMHm0u1VEgcQFl7p10y4mVfF%2FVhM1pRbqHSqp24z4PbwRzPo3kwmlC21T4tfW4Azrm040%2FrnTuFLjuMy4NVUW3qzp8r3qOSFvqFPX9ipSEw6hssEF9j4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-mndm

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 830B 13 KB
5 KB 13ms
10ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:56:23 GMT
expires: Fri, 05 Jul 2024 20:56:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 69C1 783 B
533 B 21ms
19ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5121a6d4520d746fb6adb8613b4127d6eabddc20a02d3094c1f5bab1b3ab6b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kXL2UoUdoX4BeUupiUisfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-kXL2UoUdoX4BeUupiUisfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:36 GMT
expires: Fri, 07 Jul 2023 02:24:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2310 13 KB
5 KB 300ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:56:23 GMT
expires: Fri, 05 Jul 2024 20:56:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B21 783 B
533 B 22ms
18ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eef5a0c6b18a47d985bc2c6e52d77dda8571e927900df42a2992feb1cb1172b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B2s-duicoKp5dwudRQwODA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-B2s-duicoKp5dwudRQwODA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:37 GMT
expires: Fri, 07 Jul 2023 02:24:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2A4F 0
12 B 11ms
11ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3JzYHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 69C1 0
0 42ms
42ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230705&jk=1432219434575882&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 830B 38 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 434A 11 KB
4 KB 30ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b31b04393a578e1c9fbee06ad9e070e537019c0c32914b5a1a7f47ce768f3a55

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1knbsar9m31zq0584kpr746pf1v1scswsqr8sxvzh86hvm6vvfb2nw0zggb8vr7smaz279qfsv2q99hebqddfbxkbf7s5p60hh7yrtv62w66wse5rte7dk11gj5pyqss4ys5efahya3pvg3fprg8rr2xsfxty6wfzdycf5d79fbc1zbp2t83hkcgw4qeq9h1yjvradgstcydfbxgpthqbxctm2zddfhbnt96njc2qhnfh74j95nkqzmrm9b561ntvwtatern83n5ms40b49zpzq240gj4hw5vby1vyccy6yt0j1f8k6wpjr42sanm01spzsj86dqvxtry8mc41x77mzdrzf0jyjx52rdvdzb7829yq9f0rrbtycp1ahnzf0fyh62szsqtx2q43zrtbckd97jwxyvx4ezpc2qx3hd5xzyda7hq0ww7dc0v17zgpbj7ffvmh0s18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1d808b92bbe-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1B77 10 KB
4 KB 31ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82446b1063b1cbc3de3729cc70772e94acaf389ca03b35090fd74cf0d32013dd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kbpz1kkqks41ka7e8gh1m9jk63vh8pxrh96aksxd59646sy65ymg54s7f9y3e19de3ptpp9nevecc9cs75xtzsezjhxfj90td0s0a6ppy8dzqvqcp5cftv6j50bbxhpxw05ztfb228wjwvkkm77xnwex8z4gb75dfhwkqfphwkegn93rd6s556g8x3sxc0vk1xgctpyyekfsagpyca3t6j2thr4f90y7eh6vbg915yv2wwc7vxm3f215z0d7nrx59nw2dt9e7w7cdzp0g492w1hx96p6sy2sndgfd6jc92t5thjr15n8dp54zrah50fjk7yt6sy6nghmch3re2gz2trvzf88gbwe0qb0qy0c1brtgj01k7wzbzf7cwxghxtafgch301chp465p75v9d1pmmar31wr8gbaksw7qtb2qfavkne77q4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1d818bb2bbe-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 069C 9 KB
4 KB 30ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae37a33b8b8e308e8d7e894483bbbc84552f20dd058fa454d865c73fa6a5a55c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k567q4fzn0g5n88dx6e3agyk577k8kjhqrh361a18ygg59bjb8jj1nxs0egqd5h3gh39kmkbmpgk2pbz03q93qgwmkcv3n2e2b23pt24h1aad0rf3d9k4hkxmttg9s2e7xykskqye6kegthkphptkpv0e43wc7pygr9nr6am9y84yp6h5fjpas42yk4yq88n84d0d4cvqf9djzgscmx2p9ex04hfh6vdn9jt62mwt5vaen8gvkjpy5y82n6t9ma083w7aamath442dp0vd46h9dtfm6bnztnqtbrpfaw4czz1e98cq8fcn9ayk3k4k28p5ze5pvnwkfbbq8ene06tafqqscp0n2cw7newv13b41q11j552echtd9xs9sw2qtfcr084a0x2zzars2mjdmz2jstzsy6rvn9nknv8mpgm2rjkyzesyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e2ca1d818bf2bbe-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 02:24:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 434A 114 KB
14 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 745888
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Z4tLRfkUvsrzKzWu2TnnNVAvibymllfBa8Cebi%2FBBb08GesYMEl0BnMZwhBECcTn4WZ2Wi3qlMmC0Zz7oh0gIkd%2BYuYMFwkGZhDOgP%2FQHP0Cr6Y%2BpK1VrsxkzgXYcST6nLdPQz9zXw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e2ca1d868f62bbe-FRA
expires: Fri, 07 Jul 2023 03:24:37 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 434A 5 KB
5 KB 47ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1231125
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bv6Ir8XP%2BL342LnbSo%2B6nA57LbKk8SkHcVl1KoCzgb%2FcwvEcVYvzQeRi9l6NLJFrhp2cITLBePXpt1xzEq77CM1Jlx5%2BQsL8Q6C2fKzkH%2FNSs2IA2a1bkZ7Th2a15hMrYyYPkCblGvgExBk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1590d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 434A 91 KB
91 KB 38ms
27ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2359216
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiGxzyjw7Mp%2Fo4WeD%2FMrXI6eaarnJcMKiPeNV2Adr8Bvqumb3YhMCVHVZZYy2ZSuD7eL9HfGab9YQDtjyKpFp5cYSg3s1fNli3Bei84ZB99yoURtqiqmz%2FnDNRj%2B1TxFJID0q9Arzr9IOClo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1990d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 434A 2 KB
3 KB 27ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040695
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpnjFDnJXLIUExDxXg%2FlE6Oqqx7bPRnhy25eriGgwFuGle%2FICl8RDJdQ%2B3NjitCwNnGc3a%2BkHk58BeXENoFEn%2FGF444uDgppq%2B4yaQi%2BUYwNHeyYVp1SmNKjyOL%2Fzx5x9IEzxT3Odo%2FuENhU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1790d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 434A 253 KB
254 KB 38ms
28ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1232406
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20fhu%2B%2B8lnE2zoBQqHp1eGMa8kxCQf385oPQ7IuvNZQ4YC5E0Pflv0bBaiIOhUUyL8CnGa1VFehJKUecLozc2FTg6nkJitD2kVtty9eCl9taNO4dymH47Q1XDXLcQzOiuHSxrVMSR7yX6CpU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1890d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 434A 43 B
702 B 231ms
102ms Image
image/gif 104.102.45.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 02:24:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 434A 36 KB
36 KB 29ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539227
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGXVzq39nmuYllyQunFvI5bSGxOcCE9FNsRilwwtWzGCjvY5MwHL1FltAig9Ezk%2FNjo58ncDIumaLlAOvgg9ZMUKhS%2B%2Bh372pQJZKrnG7w%2BhhYI024YI8tRwRZoOa7wme5%2BT2N%2BODHu1TFXV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1290d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 434A 28 KB
29 KB 37ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1753623
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GFhFbzk%2FPOJux7kXNAk6APtXXeXD4tRbmS8SAYLXo%2B46J20qfU6YgIU0wdrtUYjoZY60wzLdPD3YRYZBf5XDKNScd5UgTV1834LLc%2FUBr%2Bg0p4IMyM%2FVe2qXpTYNESobkwXUhsYiofsQz2b"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1490d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 434A 43 B
702 B 185ms
57ms Image
image/gif 104.102.45.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 02:24:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 069C 114 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 745888
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9t%2F4sfnWrOiv9t5HikR90jiWuOErXdXUASwx48bMK0CHyIiRvy5gDhNGgHgHhtSzTEz%2FgdFm6cITx8O4IxrsrqpJmG645NZExLN57hJhOsje8BWP66LODSkd1%2F4JzUhAW%2BCloZaFUk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e2ca1d869032bbe-FRA
expires: Fri, 07 Jul 2023 03:24:37 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 069C 44 KB
44 KB 42ms
28ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1200398
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7AaKZ1LtWZBHkSBwAo9HfWImnlmsV3r9O0FJKj7eqFwsD0IHMYNfA7y1sNO5VnG1AMS0VU7Y6%2BmRsudUqxDLX4QxkVp%2Bq63KQ4unRrrnY7ZmRPe2GuFJJU6hzgHhfFaRr%2BsW0IBEQ8p%2BlXS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1690d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 069C 222 KB
222 KB 32ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1739449
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3hRf7RMTTFnlQ6ECp9IZa2tnmgmEaM6u5HqMDB9P21a3dMXRJepNWKXixfzBSkxyVFtidgDYxYhblVW0WK8Oknw8cvC3GYICYgg5p%2F4getw2fdot4VFZxKl9B%2FaeJRlzDsW0rtZi62fJWYh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2890d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 069C
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5e01c0-1c6d-11ee-9c19-223148ce0464&insert=AW&&gdpr=0&gdpr_consent=

0
475 B

60ms
17ms

Image
text/plain

2606:4700::6812:7f05

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5e01c0-1c6d-11ee-9c19-223148ce0464&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7e2ca1d9d94c2bd3-FRA
content-length: 0
expires: -1

Redirect headers

Date: Fri, 07 Jul 2023 02:24:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5e01c0-1c6d-11ee-9c19-223148ce0464&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 069C 53 KB
54 KB 32ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1588436
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv9oW0HUS4XucqG%2FseKWD3cts0IAcmphPDueRd6dpJNHbiDgCMRbmGvSpKc1688FqCBema53oteM14DBElBxpV8sQK5T0ch80sIUshGgbkq7NlmewZ4aBWbwpmnG6cR8ITHC%2Fdq3951l2BdL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2990d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 069C 23 KB
23 KB 33ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1588232
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIRCqZsXwyVQQxR8OTbyHO3q6b61NwDXjKgfLNk5MqO7SXbnzgFG6C2%2BtMK%2B9b9fWJWCAkBSu4XkQZmIM9TIwj4nueu2KMufuRYNGxNnjn8ZUXZaFpMeoLsAv0g7RzKHrRoavare3llw1Y4M"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2a90d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 069C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COa91KzF-_8CFYzhuwgd0WYH2A;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194675X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

104ms
22ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194675X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023070704243786595194675X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 02:24:37 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194675X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023070704243786595194675X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 069C 13 KB
14 KB 30ms
23ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009754
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zYGvzDbtNBE2QBl84UuMsPKLgcf1njeyAMCuPkei19%2FjIKkMUQtsjtqusg96twHtvIUzvDMoYl3xdF02HpbYPriTaBiJrLblxRGrIaXfToRizpAL47J%2BQchgfbD47i7Sd9tuC365%2FaBtnph"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2b90d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
assets.ad4m.at/ Frame 069C 12 KB
13 KB 31ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1328775
cf-polished: qual=85, origFmt=jpeg, origSize=42379
alt-svc: h3=":443"; ma=86400
content-length: 12442
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Apr 2023 14:20:26 GMT
server: cloudflare
etag: "d065bd00faf2a542b1b900322391648c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3P67krLKwXgKMLd8c1q5yWkUlL9PBymmK2VtxcbWNI8UAgswXy7owvoSRo4FdFhIc3mn9Yo4TDt15HeVLYth11U%2FOHbtf71W9gZQ2Rwi%2FamiYc0ngBg3vpx16Mu9v4zyQ4E0dsnt3kdLmb5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2c90d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 069C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLrA1KzF-_8CFbmJgwcdSesAHQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023070704243786595194677X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Net...

49 B
1 KB

87ms
30ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023070704243786595194677X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 02:24:37 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023070704243786595194677X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 1B77 114 KB
14 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 745888
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvcUKz2cjsx%2FTvhEaI4vndPOJ%2Fm4usMSA5kl4UiClQZoUOtLGNfmr8hoeENU8UKZ6RBdXa7e3CP8n0LmydF5yVJWrbhpxhcwxFkh%2B55J1tQtsvtzEGw5Hx8ybAjrllqEj8Vay7r0O%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e2ca1d879062bbe-FRA
expires: Fri, 07 Jul 2023 03:24:37 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 1B77 44 KB
44 KB 30ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1200398
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP%2FXiokM%2FsWtDTLOTRqUXHK09VlNrVq5yYZ7OoVvWfmld%2BqwNjVHIjnFUinXfZG0H5W%2BS7lwxGoaAbwVik17zTaURsvOotUwt0UIGlamSK2WEzrJ1crMpLZiDSbW8Yltcyo5WOf4ruZJpkkt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d88e1a90d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 1B77 222 KB
222 KB 31ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1739449
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ACelEmfts6y3BCyiz4Fw3nlH5YQTeXSEsCHggyHoP3LMtrohJP3oz2Q2ExD7t1cKepujF7XbInywvsc7KzucSD%2BXxRlpT1aw5GlCHfC1FMtDIgwhiKBzxtOmuqSY%2FLsMwio1IMxGWNgvvP2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2d90d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 1B77
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5ddab0-1c6d-11ee-909a-2265c0ea454e&insert=AW&&gdpr=0&gdpr_consent=

0
314 B

62ms
18ms

Image
text/plain

2606:4700::6812:7f05

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5ddab0-1c6d-11ee-909a-2265c0ea454e&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7e2ca1d9d94b2bd3-FRA
content-length: 0
expires: -1

Redirect headers

Date: Fri, 07 Jul 2023 02:24:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1688696677_6b5ddab0-1c6d-11ee-909a-2265c0ea454e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1B77 53 KB
54 KB 30ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1588436
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA43IepIxWyl8iGKbllCkwAl6809urJFrwXbVGM6vgexav%2Br3PCc5gKoul%2FG%2B5MLrl%2FRuZ6jX7fAI%2B5z2xFuHJFzdZtA60oSFUYnTnUhMlJf05zNjgLkg1%2F0DPKl2fNerw%2BwkmXww5bcxjZJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2e90d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 1B77 23 KB
23 KB 31ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1588232
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzVU%2FMb1ka960OXRYXzl0GthHIXcIr2CmjGZ%2Frfj7hhzYMohP6sfYFz0%2FvuaYQANAVwEGKx7UgHRhRsONz0IQ5YUV%2FKkuZME%2FDsz3YmodEbh8RSYNiNArjaeAD2XmcgDkofaKRuFYM63paxE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e2f90d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 1B77
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPL71KzF-_8CFRPluwgdxJEMYQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194673X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

102ms
19ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194673X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023070704243786595194673X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 02:24:37 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023070704243786595194673X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023070704243786595194673X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 1B77 13 KB
14 KB 31ms
25ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009754
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ys7HSiFLDATL5Ar914YkiQgn1N%2BDGhzAWIbxafsm6dGUqdNt9XNVgJFy1VP2RSr2CKo6J9ekokuHUT1bJU1FWwd%2BGc1DN57b5wkbLL42XZoeO8LW%2FgrK6r1iVmZVB0EsWof58a400mIOoGPL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e3090d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H2 200 98D5EA65955FB31202159D5E9CCC044E23226E6372C0FC28C57236E58EDBD9EEC9E618A0EEF3EE0BEAF90677D8237C04F154258F461096989E70D2C0D7AB3302
assets.ad4m.at/ Frame 1B77 9 KB
10 KB 29ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/98D5EA65955FB31202159D5E9CCC044E23226E6372C0FC28C57236E58EDBD9EEC9E618A0EEF3EE0BEAF90677D8237C04F154258F461096989E70D2C0D7AB3302
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16316cd4ce2758630d931a01c81b2ade77822467091849aee69e15be449919d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1234336
cf-polished: qual=85, origFmt=jpeg, origSize=27153
alt-svc: h3=":443"; ma=86400
content-length: 9632
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Jun 2023 13:52:53 GMT
server: cloudflare
etag: "108ec57714e2e1db0b705c0c90f244f3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbCsIiVQoO6t5%2FlO5b9asFRnUZmU7CtNSdjw%2FREgGj%2FVX3S5aL%2BuegNjqpFTG%2ByJcn7pLEv3QlB3FI0F5mXC9lDFSllOpCNa%2FFi7wiA9qu4TQpXlAPH8cbU5kpi32n6a1gPblXYAGTlNmweU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e2ca1d89e3190d6-FRA
expires: Sat, 08 Jul 2023 02:24:37 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 1B77
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COj61KzF-_8CFYDiuwgd2iYEMw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023070704243786595194679X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Net...

49 B
1 KB

67ms
11ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023070704243786595194679X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 02:24:37 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023070704243786595194679X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B21 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230705&jk=1511131752530672&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 2310 38 KB
14 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 434A 2 KB
2 KB 174ms
80ms Script
text/html 18.169.161.72

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgg2138x2d7jxqajqa1harehtkx8fesx645hnpk4nypzkh4c51ye96q8ckk105pwrdp9av83dk6c5j3vbe1j4e4kax7qvwwzvvp5qfvcsmfy5ph88c7jjdyxr7p2rgxawrg702wfgrb7mq5rqx4jre9s722c30hn9hn9x715ydnbyhafv3k2t5t4mffb2bp32ke727pxzq3kd08kwb5bzs391wvqvbwzncrx20r908n421e8qqmrbjme2rm92f04r7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.161.72 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: e5089f3f07853801cd5856ac9aa3f3310d438c79f5fe6b4e16ff69a727cb7d43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
last-modified: Fri, 07 Jul 2023 02:24:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 07 Jul 2023 02:25:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2859 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNVI7kJ_dt7iFUBeAQe71bPsIS6WkvJQvzrXfDh7rOoc0BOCYDjyu48eZWdzt5QehozMbJOd-uhnmNyilvtVia77fq&sig=Cg0ArKJSzOM6eIZOYpvwEAE&id=lidar2&mcvt=1037&p=0,0,250,300&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1935728605&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688696675344&rpt=868&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6359 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuICFI023Vn3rtgNis1iMJWH107DNYVq9KTNZA78DXyeci0olNRa-5KHPM8alKaI-EB_Ca9sC92pyuz9xa82QtWdoE3&sig=Cg0ArKJSzHv7cBBV213zEAE&id=lidar2&mcvt=1040&p=0,0,600,120&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688696675424&rpt=751&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 636F 0
209 B 57ms
55ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688696674261&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:37 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 830B 0
12 B 7ms
7ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B-YkPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 434A 85 KB
31 KB 76ms
8ms Script
text/javascript 18.66.147.52

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgg2138x2d7jxqajqa1harehtkx8fesx645hnpk4nypzkh4c51ye96q8ckk105pwrdp9av83dk6c5j3vbe1j4e4kax7qvwwzvvp5qfvcsmfy5ph88c7jjdyxr7p2rgxawrg702wfgrb7mq5rqx4jre9s722c30hn9hn9x715ydnbyhafv3k2t5t4mffb2bp32ke727pxzq3kd08kwb5bzs391wvqvbwzncrx20r908n421e8qqmrbjme2rm92f04r7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 12:41:10 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 49408
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: sshfiQ9l0sBCL0tUhfz2_saF7_e4PN6EHcdkorjcPfH09eTIOgOl1Q==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 434A 15 KB
15 KB 47ms
8ms Image
image/png 99.86.4.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1688696977&Signature=N3iq6vdDOkxWZBqFuIWbMZa9u4ZCqow8Ed5p3kw1OM9iOSvJ1sxU0-ZDFWWik69DPj8v8G7Spg-Q4PerEtqlNSAWptDqNYb4Zg~aA~YMs03MGnVC4fptTx-FetvK1211NvQmKzhPJmjeQhonexfwmKlTI5WP5kHeHQToFhxJGzTNstUNaa3GgaaeX9ajr-fR1eP1xP4DwZGxNCf789aIzT~tCfmsjQY-01P0BRA4jFTdGhAPbKclBh~PFBUbxBzceXWr5k294iQpUu1k4PGKCujXejooo0i3JJgpOG5ftM6OqgXkoPzQBi7AjcAbAVAdmb4Up~ysI0gyygEX5pjzJg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 06 Jul 2023 05:02:59 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 76899
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: AzVfIQEpeCi9_RxDT8m4iEqXHaSv7YoFYNuODToL15dZwlRdQygyIA==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2310 0
12 B 8ms
7ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?s5TaWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 02:24:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7321 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuozqr3b8H_XD-20TG_h2j4jLV2tV2nEs6G4Tg0f6Td77oF_aTYofY8OuthJi4DdGSJs2iEM7_6xNy9x6lkWGu9POFQbzXM2C_6EMEcSork3kccXTO8IpOt3xT-dmDbCgmtGgnzA2F2Flko&sai=AMfl-YR_6mxoRNWIS2_HDiSyJ00IciEilzzSZch26lCULYPf3sKGsVE-xXBrR4HMQhce5_y-hbPW75jPI1VL4FnXM-a_ba-w8Cfc0xpuvT19IiiLAI65FYmZNC3GCsk&sig=Cg0ArKJSzBxjWCP1y0icEAE&cid=CAQSOwBygQiDkjYMOgh-nQqzCw-s-KbuEVYFozC94HhQTwQ1DmN8k8DOIAfOK8uzUEjgDk3VqK_CFrz9QqLxGAE&id=ampim&o=0,601&d=160,600&ss=1600,1200&bs=160,600&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=918&tls=1919&g=100&h=100&tt=1919&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6363a944e4b0125bde9e6739
ng.virgul.com/tck/i_vb2/ Frame 636F 0
209 B 52ms
51ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/6363a944e4b0125bde9e6739?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1688696677594&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:37 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 636F 0
209 B 51ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1688696677595&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:37 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 636F 0
209 B 49ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1688696677595&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:37 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 636F 0
209 B 50ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1688696677595&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:37 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCD0 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn2FMGkmTGFb1To3TqxWhFH1RRPuPCZNp1rqy_axJa-z0onVx2nd9ZlUdSQ7ou_6x628zanqus4y8ysZ4HouUbDcbz9O_aSxL6PNPPv-qn3i1RyqVq4IvJNzJP3RDmE7Qu5VH86hM2VEYq&sai=AMfl-YSJcB5SuZklkUoH4Wq3aLOgcOmy1ISAdMz2Ax-H8C9SrftOx7Ox3s0zMmnKGXKmwoX140-Fjoz8PepRX45IYM_bYAK_TXS7uk-0dqdTiZiH7xZrP8S8CT8RNgM&sig=Cg0ArKJSzCyrPmwZYcVGEAE&cid=CAQSOwBygQiDDn6kUo-iBkpHsMyBj5sQdudZXlYXbEgHeknwrsNCR-HWPPZLggqpyh0ErvnB8pMnog-CNresGAE&id=lidar2&mcvt=1000&p=0,0,90,976&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688696675665&rpt=956&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4907 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMMKbtc50NoQ_kCvY5V2Zosom17ZyCxeodageS_6hyfxkch2DpnJ51RFw_AL9wBa7F0kN-ffeJuWtwUqFyFQPNEtIS2NtlAt4R4gLVMEN5u0eVjWKv&sig=Cg0ArKJSzMxQ-wUuAu42EAE&id=lidar2&mcvt=1008&p=0,0,250,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=973936160&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688696674912&rpt=1753&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 02:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6B16 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230705&jk=2487041221584005&bg=!dHeldyPNAAb90kgr3dI7ADkAdvg8WvGG3Le7Mwq4jCY7seTUgA9AsyUQokvAd5AMN0ME8rX7mFHcGsz-NlCfx7VgoemkbfJJglICAAABzFIAAAAJaAEHmQMTmSZF3Qtyn-gZigfb-3tB4qchrbTmhHdOOpgxUgUl_3jgN2zd94p1DJrB54plMUk00t876g2xkgKyAZOht_EqZEtrfGZbb3s4_09ruI-twAjznAHa4vMwdA3Ur76bhOVkoi1d1OVqBS5Yq24-k0VacQ2wlSQdi-EdZBEHrJg2aCyrB-kQwevZ5lJFXzXadU8x63ThhkzXMpUr2acqwV_BAywRpIBCrUlGSTHSicItdWXBR8eD1i-XlExCPvdsU9mRZO29lkhvY3hM6dOwaE7SbLI-Ual5jYMz7KWt8dWHRkn7B_q77mBrdDwAFGNZVlGp5DOYdDi-guulEql1IbR-vAF3K3JFz_UN9iuP5RhBcgyED8kJNg_OPGp8Kn2iBCWCr5um-TkDxe42cTlui_HGmcpGCY0dAcw5YRZdyfTDBltO6wmKfEeDGnZI3OKlxHiO9qJ_35SMZ0qiEbhk6qYV__CoU-OS5HGocjrcgis0xSPb6c3K2Q48HpJ9UX7J-yy-fKk8aymfnib6t4jeuhJVsu0epS55KPtYlZikD_z7RHqBgKVAkDKhuN6_X3wKUXX_A686eMVcVmAPgqi8bW59ka4XzF37v4_Jb_ZdsATH8ESFjfxyvyriOH_h5UtQd-PXTS6xemz5BLwFhisDcbHxDnkicZqHlc2qhg3MGiiZbWfatwk7dfHWJa7c4U_FRkoxXcErocrUYsSDX_Wd1UE7q3aWFZ9SjrgMl6GLn1mbUlokp_HOOWthPQtvMhJw0bKl3af7MOjSSf04Td4zwoyT7RqH-sIfnTHfiiJ7mAnvBqOIbHDZOSbEoVhNuBsqyApkad6cacf5M-0GBE2f8HyTt7CtFScTqcv5AJgcbNcjRn14NjAild9rwZMdhY3zbu4NHFuoI2Rwn7trh_CcQz6Ntx6lRJl8IvHxDtpmeSHX7usJz_YFuQTxtdWVDR4ruRiWggcxnNYic9C4Ro_e0WDZVdVFgxttp_YQri40jriNM5uViV8cSwae0CuD60wTm39RHyQMx9VFjKqC309OWB12l0ma2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4907 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230705&jk=1432219434575882&bg=!JySlJHDNAAb90kgr3dI7ADkAdvg8WvC_FEptQiD4OMZTkY-X5AkS5nEk8ww7S60a6YPTb0s1THyIX2PPPZmVthky9YXru7oBODUCAAAA5lIAAAAIaAEHmQMbVRLt3wFHJhb5b9ZV9Bk9xQz48N4Si1m85DZulkHccMkwTL1eDVTrbXFQAeon9kfLm4kUsru3juTYI0LPrn67dbr858KB7KfOTQfvORcsXJrk8T761NjV_XxHhqPQIauEwdiktfmFTAgQaytPiAeEQJuQaeRZd9KyArhMgZasVDYLuqnGuXVnfvGSmcCm28GTcY4JreFNuNRPhr1-zIHZC4LuyN5lOaWSvOdkEagf9WaOkdwIjGxH4MuJgsPS_5y3EuHXSP5EB_bojXci3anzpopcIsAr0z4IyRpmuaqePOCFPOfwyhFJXiOgPRGPVFCyqZOMG1xVavk93_DfZiwh2iYr47txrp_8d-52oRitRtk4rDpa8du0FO4omGE9tiT4mc_bwoySh46Kx78GM-gYUsdvnhhLnGx7DgPgid0d90_8BQoiT08QMoWzrTZ41XEt_zNOMYnTAfYJGN-g9SrclNFe5ImHbquUN6UTLZ6AuY4kjoKiP82VoOL4WTIq1fYd4oMZ8nT-VcW7MAuYOjwAh8FpX5HFBPsCjgSsiE-qkKGONsUQEt3TYpjYMDXgWju-bZN0vilVTuvNUg3hNkRgujjKhLtLpyE3qDt7jdn_dUPr0qztLC8LaE84NUX6e5OqScDlhM249_TuUNBRJyuV0_9fPOwlOZt544p5S6X_vxiqdPgTNWiCHohASxHLTVASEqL0z0tyAOFSxakU8mjChduZ1lH6DYrNhPLXKLNrcCtfzsrupM0yI749aofRF6GfJniwfHnJtY6iuFfWMwH6GVYqliFpHABQgcOwcfxbGQycg06LucqxQN4YQ2hUAYR2gmX4hNUb9-XM2BaT8dJDr9QzTboO7KsBS2_p1K2ipfjW4tzpclORp8DKReiPREAgdzRiYK7a8PVe5US79CFoZuOyYPoqDGFSa6EeKNUpOsqKE9_UsqomdUR_ACmKqACbjXwVzZ1qHROHqns3Uf2fkB2-luAjNtlcRdYp02l202M9Zeh44zS7OpbdN2wyGJ1M6_gXF-74Jhwb4jXSA2c-IcmRu70CGYrvu_Uv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 636F 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230705&jk=1511131752530672&bg=!fX6lfirNAAb90kgr3dI7ADkAdvg8WihS23wloxKTcOsGHDU4bkOZttlOyaIPu5wx1vzIRboo99aO3FDbNKcj4nZoPoHdsY4hd_QCAAAAu1IAAAAIaAEHmQLH42Y1j_U9fr3ozk5PzpWrfkUwJK3fgqog1pjrqB9oj_qB0mejaZ-Q25Hnn6BB9CVrkGQ9ohY8jM6jev24tRrWB5uELHMyMw_OsoetY0NVhA5AvTdz8MafnlLcmEqYj7zqI7Ww2hdFZWPMx_TYoFhEt6UQ7g_KLYMakTktbRzNu3ZMboh5be2y4BI-Jny4WCzsE-tN30DKffd7jhi22Fjw0sYE8Sdqu51VjdXM8sSPFBUpXYISF_yN_kd5qZ6MxPoM23iZjHoRh0GURg3cnR_dWOswh3EaJZVHDTEWXLXXiTC87KrG6qOUouYxPHV7Tzof_VbgYyvMHtk1Br1g_Qm-K5KPUVxcABxiNNIRsyg55t_hHdyw2VJ9M2H_2KobvBo60QMK_7MvpvOO2RbI5ID8tWIGQcD7q52-uQag2RYQeXgDIOWNLdWJn3zRkL-C2tDEK3xsBmIJD6b2oJH0EglNpe1DpTCT80RTaLoxaGhe13xnbivP4xXRs1p0Epz5hR_r5YtmFTeRVguaSmVV5B3bGHt66wZrLPcvbf76K_Tw27LQQMlyV1I4rMNhJHBA_9L4EMyzirIarousWBhdqwUB3Nn4mvz90ad5h7beMpOFgqgm3fHUHwVUbfjCcE_gBmn31zM9GNHbmsst1jMSrwHAgZynbtrJS7i7-2xn0ZXXywQ04LcCcR9ljDcRMf6emNPcxrIFpwQMGDmPKJejo8dru9Qwnlu_JhdcMfF9eCubyUjMZbPFgWpzTCzy2xhfQvydNEhX0Q6MRruFI8At7RGOdE1Q90KGsZ6PLZ8J49gdViqhNYHbbPNbo_vHWw7PkzdWoFh5eDX9orX6PChflhHa553KV2MfQfGmBS5ICPMYFb__BuDlW5Yew20K_hb-gyF1MkWtWijQDERwU7ImGV69unvilfQnEFNzsslt8C-Fmqa1n0Flf6qQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 636F 0
209 B 51ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688696674261&userId=vnetc95b9e47-d55c-4459-bc87-393aeaf3e463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 07 Jul 2023 02:24:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 434A 16 B
209 B 65ms
65ms Fetch
application/json 3.11.66.180

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.66.180 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jul 2023 02:24:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 119ms
20ms Preflight 3.11.66.180

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.66.180 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 07 Jul 2023 02:24:38 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 22:26:32	Name: IDE Value: AHWqTUm3ZuYQwy790ETi9MJMJR-3qsa01apXL4J4SQvKrhZlQu5hzc2jKQCeA1Bgu7Q
.adnxs.com/	1970-01-20 15:14:32	Name: uuid2 Value: 5713135861534461118
.travelaudience.com/	1970-01-20 22:36:37	Name: _tracker Value: %7B%22UUID%22%3A%22274235F1-386E-4E2E-8082-5881ABED2D05%22%7D
.blismedia.com/	1970-01-20 21:50:36	Name: b Value: 64A777630A36499860CEBCDBBLIS
.pubmatic.com/	1970-01-20 13:06:23	Name: KTPCACOOKIE Value: YES
.adform.net/	1970-01-20 13:49:35	Name: C Value: 1
.pubmatic.com/	1970-01-20 21:50:32	Name: KADUSERCOOKIE Value: 68AD561E-FE41-4EB1-A4AE-B8ED2E101F2A
.adform.net/	1970-01-20 14:31:20	Name: uid Value: 1210127822842844439
.lijit.com/	1970-01-20 21:50:32	Name: ljt_reader Value: G8DwvGZHrDc6H5viQSKZhRir
.everesttech.net/	1970-01-20 21:50:32	Name: everest_g_v2 Value: g_surferid~ZKd3YwAAAQwXZQBa
.bidswitch.net/	1970-01-20 21:50:32	Name: tuuid Value: 35d6555f-288d-47c5-82e0-b2b0d8a34335
.bidswitch.net/	1970-01-20 21:50:32	Name: c Value: 1688696676
.bidswitch.net/	1970-01-20 21:50:32	Name: tuuid_lu Value: 1688696676
.3lift.com/	1970-01-20 15:14:32	Name: tluid Value: 3029341880179522239574
.bidswitch.net/	1970-01-20 13:04:56	Name: google_push Value: AaAOQGG7dPTaIUGIc8dghXrktXdvCEQz2bpuqH-B-1PYzqOh9Jn2Ng-twaQwEP8JHppRHOAglb6HSQQ-3L9-mSRKo_hruQNTEoq0
.casalemedia.com/	1970-01-20 21:50:32	Name: CMID Value: ZKd3ZOTCXvMVU2ndYK-64QAA
.casalemedia.com/	1970-01-20 15:14:32	Name: CMPS Value: 5222
.casalemedia.com/	1970-01-20 15:14:32	Name: CMPRO Value: 5222
.adfarm1.adition.com/	1970-01-20 15:14:32	Name: UserID1 Value: 7252896996287117451
.w55c.net/	1970-01-20 22:36:37	Name: wfivefivec Value: VIiAeZ9Z1QhB9a5
.360yield.com/	1970-01-20 15:14:32	Name: tuuid Value: 146d206f-51eb-464b-8c17-f7e79a4d7ca7
.360yield.com/	1970-01-20 15:14:32	Name: tuuid_lu Value: 1688696676
.quantserve.com/	1970-01-20 15:14:32	Name: d Value: EAUBCQG0KYEA
.quantserve.com/	1970-01-20 22:35:11	Name: mc Value: 64a77764-3063b-0f88e-dd564
.de17a.com/	1970-01-20 21:43:20	Name: guid Value: 1.1107736208000298603
.doubleclick.net/	1970-01-20 13:05:00	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-20 13:48:08	Name: matchgoogle Value: 5
.1rx.io/	1970-01-20 21:50:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2f4cc179-1fec-4152-9699-d41e10a80168-003%22%7D
.tribalfusion.com/	1970-01-20 15:14:32	Name: ANON_ID Value: aAntmIqO2c8U2OqnvebLoqac3CrZcbwe2e6XrQuycogWyeZbPx6pQLnraJLpvYhL1Oli1DAhTb7QX1bPYZd3YF8ZaLX9
ads.travelaudience.com/	1970-01-20 22:36:37	Name: _tracker Value: %7B%22UUID%22%3A%22274235F1-386E-4E2E-8082-5881ABED2D05%22%7D
.ctnsnet.com/	1970-01-20 21:50:32	Name: cid_be9fcdcfcfa94831b24750407151f06d Value: 1
.ctnsnet.com/	1970-01-20 21:50:32	Name: gid_CAESECtWKUV2Tt9u9mpiX9ZBLKE Value: 1
.mathtag.com/	1970-01-20 13:48:08	Name: mt_mop Value: 4:1688696677
.targeting.unrulymedia.com/	1970-01-20 21:50:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2f4cc179-1fec-4152-9699-d41e10a80168-003%22%7D

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688696674337&bpp=3&bdt=720&idt=117&shv=r20230705&mjsv=m202306280101&ptt=9&saldr=aa&nras=1&correlator=8202452768800&frm=24&ife=1&pv=2&ga_vid=1386782392.1688696674&ga_sid=1688696674&ga_hid=878393907&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31075816%2C44788442&oid=2&pvsid=1511131752530672&tmod=1165983658&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.bci643v8r1mr&fsb=1&dtd=133 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/10896490684634628096/index.html".
security	error	URL: https://as.ad4m.at/ad/dr?ed=1knbsar9m31zq0584kpr746pf1v1scswsqr8sxvzh86hvm6vvfb2nw0zggb8vr7smaz279qfsv2q99hebqddfbxkbf7s5p60hh7yrtv62w66wse5rte7dk11gj5pyqss4ys5efahya3pvg3fprg8rr2xsfxty6wfzdycf5d79fbc1zbp2t83hkcgw4qeq9h1yjvradgstcydfbxgpthqbxctm2zddfhbnt96njc2qhnfh74j95nkqzmrm9b561ntvwtatern83n5ms40b49zpzq240gj4hw5vby1vyccy6yt0j1f8k6wpjr42sanm01spzsj86dqvxtry8mc41x77mzdrzf0jyjx52rdvdzb7829yq9f0rrbtycp1ahnzf0fyh62szsqtx2q43zrtbckd97jwxyvx4ezpc2qx3hd5xzyda7hq0ww7dc0v17zgpbj7ffvmh0s18&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kbpz1kkqks41ka7e8gh1m9jk63vh8pxrh96aksxd59646sy65ymg54s7f9y3e19de3ptpp9nevecc9cs75xtzsezjhxfj90td0s0a6ppy8dzqvqcp5cftv6j50bbxhpxw05ztfb228wjwvkkm77xnwex8z4gb75dfhwkqfphwkegn93rd6s556g8x3sxc0vk1xgctpyyekfsagpyca3t6j2thr4f90y7eh6vbg915yv2wwc7vxm3f215z0d7nrx59nw2dt9e7w7cdzp0g492w1hx96p6sy2sndgfd6jc92t5thjr15n8dp54zrah50fjk7yt6sy6nghmch3re2gz2trvzf88gbwe0qb0qy0c1brtgj01k7wzbzf7cwxghxtafgch301chp465p75v9d1pmmar31wr8gbaksw7qtb2qfavkne77q4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1k567q4fzn0g5n88dx6e3agyk577k8kjhqrh361a18ygg59bjb8jj1nxs0egqd5h3gh39kmkbmpgk2pbz03q93qgwmkcv3n2e2b23pt24h1aad0rf3d9k4hkxmttg9s2e7xykskqye6kegthkphptkpv0e43wc7pygr9nr6am9y84yp6h5fjpas42yk4yq88n84d0d4cvqf9djzgscmx2p9ex04hfh6vdn9jt62mwt5vaen8gvkjpy5y82n6t9ma083w7aamath442dp0vd46h9dtfm6bnztnqtbrpfaw4czz1e98cq8fcn9ayk3k4k28p5ze5pvnwkfbbq8ene06tafqqscp0n2cw7newv13b41q11j552echtd9xs9sw2qtfcr084a0x2zzars2mjdmz2jstzsy6rvn9nknv8mpgm2rjkyzesyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=189d4b741c3bcecd6261896fda9213be%2F7029326121843657990&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gaxpgrhtmtvms6d8vtrnr8f5qavapr7ngnyxnj2d7es0190abe7sh54nt2v3v8z9ayfq6hbm0pdfh0eqskppp776nmmn5n1te3z9qc8sw80q0fkat56a2rrte8y0qcpn2ypvfcqqwf5sshmtkyqhf8nnk5m9hnbtkqm9nkxjdtqqm275m8y5n24d3sbjamwqh51g8vdppd0xskepshtpd0ege9ddzhg25v6pwswjh5936vng74h7sgwcqnv66swv1g8erpzdt8zzcs93h79xtaq4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbz3iY3enZN3uC5Ty-gaD6pOYDJDhgYRctqjCivACwI23ARABIABglYKAgMAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSkAk_QGqMfCd2YW1tNEQYQxkNyrnS1MTglszzy-3vlFU3DpCoCWwU92T0EiuDDV2LgO1C-Lcs9CwJKFRjrOKdiy60Ogb3sVqGYbtdks0hWf8myk9hSOECLJWFlXT37THc7U3fjs4lTM301sz-3JFANb3r2SrJ016BRm98PO6lqEoFP-Z4J4zXuavSWRbqn1jJjXPEW5vdavImLOqOidYhBRo7vKsEcIE4tlCN-z3gzCmk9vyDSXBB8YsQf-aGV1Urrntagns0VU56Z7QsqyPts1xT0VEwWnr9jh9zbECcTtuXNB9kiAYRiPZDAXoo71jTgW1tiaYXzGrMlh21v8NoBRc0ENnVsxBDkXIaCsz0xXPtEGfCHyPLlM4tmV6XrJ7uDu4yWDxjgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_22iggw7rfwBZ0uCIYtIyMFH2AudA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=e3d07a4104fb12fba8f35c7e0ca1a930%2F13107858850210521125&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676833&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1c5mwhwba4gcfcbzadmx8mag7j7tsjrqh707hb6r3q6qy5qmt0yry71cjwwx1pcf0hkqxbe3h0q81zd58q2n57qkr5qa4vnmpnda1gv2pf12gk1sj4yk3qxzbzm5hy66y5v5nv6kcgqe64sa90zpcmfn5yw34jhdcn73j2z39mnr6r0rdg9h71xrx9h59g52g1fbwdr6cc3hsbjsrmy14xrk7d9wexc8a31b01xba9js70phzk2p2whgrkrpncyjm76htvvhekagpy1dc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzjdSY3enZJGSGIuYiQb58JL4BZDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApS-iRURRLI-qAMBqgSyAU_QLczqBu1H3rl9i2bPsQJzplp-cLEkLO0ASRiJH35oZaNNg1rRXZBmXL9XEz9wBiIDfMtxVDEpaBQ2oMPENbITGwbU32OVD644WyZHm8ReHz5nof-P00t3U6SKgLu_oF2f59h4YqHSATPeyu1CSQNhflGi5fx86D4Dmnryut1PTMBpIIJD5Mkfs-dMoMkffwzlNPUqd6ghZYAvACYYiMWAtpUmtI0snYjV0H2PT6_b6T6ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06vd8hP7U_wgQWv1lYUjc3mvfUZg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=120&d=600&e=&g=dc7f221ba0099a47110b8024e3ff05ca%2F8566084187615790122&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1688696676843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j1dq7qk113jmycspqfc2gwk7gyq96104badah8415gdssf8xjhgwvs5v445dbcb76z4mp51h2bh11g0ab5g1g5dg4qsh0b0ccb11yr81p9k9nmpedy1q1zmxqe1ct4yx3dy9b9vvg3d1c7dwefqw5h7sxez2d2g2rtfb3tfxsp4eb896dcyvzrr2xmv3wa8k1pjahtryg05pt7tsekm3y7wxy2rqprmffhebmm22nrzaa99b3q4ttjfs3e21jdsgx0k0b2ac410wjyzps00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2XCsY3enZIrUC4emgAf7kr24BJDhgYRctqjCivACwI23ARABIABglaKZgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpApS-iRURRLI-4AIAqAMBqgSMAk_QiT31wMFVz9Eau8QtHnEBFhNAW7qoFpZijY0QF2LjYMN6xutnG1jCrocX63_ARqt3Sa_zJH9AqU_ROB4ComR08N_2VdhzhiOmX6IAcZdHLFdrjg1Vgf4BMcEqe-svKLl06gW0asI2PQF1M3NuUVl80Ziw999losY0nhBxnxE6798J3SgfMnb2icAvVgjnpxA9rrZ3j1eJHwG0xmXTaiBcQniSu-TeA95OMsRPFoxLYrZ6x4yYAkHFOKWx-ZWdtolGMIYvdo5FXyGwm1SKvcHBnev1y5-8lhUaxHQYdlOdKe_wO078xdustV54-vwciOlz9Cu0P1oRZYU1tfAaAtge_w97rSf0IT1aw9vgBAGABrie-tWl8sWD1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2bFqblvIpeTVtXEYbbGY5nKomaug%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a83cc140318b4e2e81346428d0ba2d8a.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
ads.travelaudience.com
adservice.google.com
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
match.360yield.com
mts0.google.com
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pcloak.blob.core.windows.net
pghub.io
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
prod-rtb.ad4mat.net
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s7.addthis.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.cloakan.co
www.conrad.de
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ye-mek.net
104.102.45.165
104.75.88.126
108.138.1.25
108.138.9.235
13.248.245.213
142.250.181.230
151.101.130.49
151.139.128.10
167.233.13.224
172.217.18.98
178.250.1.9
18.169.161.72
18.203.168.4
18.66.147.52
185.29.132.241
185.64.190.78
185.7.176.223
185.80.39.216
185.86.138.150
20.60.220.36
213.155.156.185
216.52.2.39
2600:1901:0:76b9::
2600:9000:2057:6a00:1b:5138:8a40:93a1
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2606:4700::6812:7f05
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a02:6ea0:c700::18
2a02:fa8:8806:16::1400
2a03:2880:f080:9:face:b00c:0:3
3.11.66.180
3.122.44.22
3.75.62.37
34.102.243.38
34.96.105.8
35.186.193.173
35.186.253.211
35.190.0.66
35.241.45.217
37.157.4.24
37.252.171.85
46.228.174.117
52.58.72.45
69.173.144.138
77.245.159.14
84.200.5.215
85.114.159.118
94.138.206.83
98.98.134.242
99.86.4.36
0063f8df728f4713ea9409d9b6a9ca3533b45bf78dfb608e6d6e6c87a3873da5
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
041dd21623a05d2e4ce118419b17051ab2d5aada214bc7a99a9ecf1091a22d52
050e11be4354d91e937d0ec8e1209915ed7f96017c6903f2c42ef05975d183d5
05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0777d9cebf4bdc5a6d92485313169e75f95e953ad6cdb53b70a68d6153312037
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5e1f3b36212be035e5a1c2fe828c28d1b6a791b021b5ede6eee13421077169
0f936e87d85698dfb9376e5d95e40bd3f66b95825fc9b58785290498ebaa7c06
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
14531170f1abbdaf7a727d0e838e01c39fe2030ab40400c02ad85bc2a25ecc43
158af2634cccf27d5f86778556cdddd7c5501e5286b3495d664ec6744f54c6b7
16b4b8473e400ff9857859df9a39214cff498615062d4fd7655adbb9443cdd27
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
196e3a68bba2b559f5a35bf6a55e6aeb4cd164df122e23e5bfaa96a4e3272e0f
1c674563ebba8e98b68405f097d0bbb1ab2a4fdf80da65de2e43cce0c3ae25c1
1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
20d0b7a9cd806629f41d149dce5cc1ef08fbea6e365e1a64aea2269b35353e3b
2180f29f86c7567e451861d1c1db1df4e665191dbc790c421a2b168138336f3f
2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128
22fb5b0df795b4084882ef226c87823477476927bd5e3462db1db36f30bdcaf1
23ac5dfc6b312536a951e5c5cb2d5fba600edd6707a27230b49250cfe2e7a407
24f84ac71d3431cace6f0c033cad4c9c9d5a5f44a94348e3016d336a1f0b06fb
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3002b527e1cb5e6d8601854825ff1a291b37dfe3e190c02eb7ac1ad76cb12898
30bf458f10efd6425384a778db3797a4a3e045d9062684d32dd854e55af146b6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3194c6ec5635621e7946f655bb2a2a394ee7aa6c2da2cc495bb1e4ee86882d21
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
32b0f27c10ae5d28deb7b4e8895190d9e6e70e7735282d93154f62d534281d89
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39d963d1265b5da79cee9aa2ac480f152e900be382bd87b0d9e5e0fc6c53a8c7
3a55a81ee41fb052562bfb3751492caf7ce85c5c029a7a7b03fa55797707b85a
3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ad7c822291d507feec76dfe7a79f3b57256841a8949bc9140fd3d76a0591101
3d1be7afb3606c1dbff0d3410acf5f2d6423c7732967e605668d4ec1f30db333
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3ea0227e598415569d2ae39c3ca6ffd8225611cd3e8df65fb3fb620e8a1464ff
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
43797a0e1a6d676c96ec38776434f1f353b630f757f29acb43ebad6f1b3dc751
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4be9624caae3b35eaab23f3145f1bf80807dcf5d0743b645af4274b59b6bc709
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8827ae19c1973a4f504e36950571c261a889b15447bb00137f4ab125e9b21e
50b60e567db6d954a6853a1a8ed0e688077a806f89197fe4b7cc77b9b131b74e
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
523a1fbc42dcd8bc45165d43642abd3d2f1a14d0aa059c835c915cc0e8495075
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54d132fb58287602c5cd91cb07939980debaf99f46395ac5bf5992aab2c6b8d7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
59a7ac4dd24a605dc58987d7514a91137697421e6647ae8d3480bd84de4efce1
59c0af76ee929f64ff78f095611cafb8a168437b58b4bda40b5ab4150cffcca5
59e399be1610fd5e4dacad6129afa457a57e068a9255d705c717a26ced9cf4fa
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61214aab21dcbc611abaa12903d9469d219196cfc5623c28f13d7c2409033b62
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658dfe73a093c2fd46bfa95fc40eab39b5486c152db9ec4bf8458c829851a49f
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7808396ba1e6a15c45c10dc2a7ccd98f7d936d0befce1a536c51c067b8a8608d
78ca9cd6e65b7bcecd7b0d51c5f3349b8d8da51bec102d2c9f31105776565189
7939b8cb427c1b1898f1d6a222b5eaa68229d7f22d829d4d6f20c5798d94a80d
79fa5da711b1944ddaad083cc2e6977520e4a1a6ecf655f76b2564af8893a601
7aff74b268cf9960c0f6482276773d0a8f2555672bf59f56ff37e309af485303
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93
82446b1063b1cbc3de3729cc70772e94acaf389ca03b35090fd74cf0d32013dd
8a1dea6d243134ae61584a76dcf439cad55e5737729e79d1f5edcfe20bca425b
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55
90a70791c65097a158c6b42bb8bfef5c9188db0db2f2398587984d224bcdc55a
979e7c67e6ad34d999a507b0eb12e5136a4d0442f1d7289758eaae0ade3b5a66
99fdb43a3f4a492e50f73375a49dcfc3ffa77f4044fbc107f288bb6b9ce1198f
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9ca119586f3ba8e6a4a1dacf83852d3275071d2501de033ba04673b4efde1ac3
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53ed6b8a6464de13222ee31a6da76a6246ab98e6dbf0fae1832b54dc33eb287
a6f4970240af0435d4154cadccae8187ae03ddaaf41708d7c3b532241935e28b
a7095308f3bf41143463d9b7d23dff61d8177f1fe2ba70068a8a47ad693ef1db
a729787d797f5fc274541d1f8233b0f63d87a6924da0effd635ac98f5d1c04a2
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a83fddb261a94f0304a3bf91be20b8e5df471bbacf4a7d97133ce8bbd823782a
aacc0a9bc0fb1fcda123e5c6feb3030708585b91e116ac248b0edaa07eddfe24
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae37a33b8b8e308e8d7e894483bbbc84552f20dd058fa454d865c73fa6a5a55c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aece4ef61cd8a8dbf436abb83f94c8d35af814f41607595e82cf5e9a5a29b147
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b16316cd4ce2758630d931a01c81b2ade77822467091849aee69e15be449919d
b21a64749c26a288c526eb39a1b246f11b148ab4c365ffeed74de457d73f06b0
b23c8d494ad6cbdce019e9a7ed0c1a7edc083e2cae1e07a45cb847a917bfc489
b31b04393a578e1c9fbee06ad9e070e537019c0c32914b5a1a7f47ce768f3a55
b3bd44024f95e59ed30e46d4e3eb04ae50a1bae373074f8a4879387637fb4249
b5121a6d4520d746fb6adb8613b4127d6eabddc20a02d3094c1f5bab1b3ab6b6
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b97f33113170d8db9812ce60694dcb2ef4fb341c027f64a52222d6ead3534da3
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
bf2d7a87d374579a58fe02fc4404a1ad3fc0e017df8be31ab56d30849bac98db
bfdd52bd476486ec1e766b590b0249780df4ac4015a8c8db99e1ed59a1c23539
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c96d560d0fb90d4edeedc0f54cb94b7fb9a3aa25cb8a4ad3fa52b95e63212a92
c98d521f6e84c225d7f5fb21cf0a73fec15bc090f04b049beb34b3c1e422df3c
c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1
ca0f743edd5f319581c7249d4de05809bfff91b910ec7547ed3787cdbff2e920
ce53fbd5f7019441405df1e5e3bbd41bbcd6830dad5e5b225ceea9f84d5c4d71
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d00543662dc76d7816ce80350c2bbf786202b389b550b4e09661350623e372c0
d33c84fffbe54086cb4fb2d283fc474a6667dd0f45a72ddade7e77885aca3fd1
d361bd3fbe8e2c43c177120bcd8788dbbd7d0d6b988e12a9e56efecba4cc1a93
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dc63503c3f3c59f9996f4ceee5ed9bfeff55f0714094188f7a9174e6a15a2a47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5089f3f07853801cd5856ac9aa3f3310d438c79f5fe6b4e16ff69a727cb7d43
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c52e4a087c75da0cfff809c224ef59af8179f8a1f3b1cfbdc5d147e407a76b
e5e28786e68ee9365dbc5f4b39fa49358367e4371322c7bfc70f7b016e7cfed3
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e97e1496927056e5edc6354ee3af5c26be9acfffd72046a45592ba182227b77b
e9f4eb06811b8f2c55fe2837c64b600feb5da3ce8f747707a9aa7a4e9ddc5346
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
eef5a0c6b18a47d985bc2c6e52d77dda8571e927900df42a2992feb1cb1172b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6929b02d4eddc57dfe47a42f581f68dd622abebfd0ce2d3f2c24665df0cd673
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f80288d218412c1a0d2f3c79fe7439f84ac41a1395b54a58d2de5a88327636a8
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2
ffd43dba83edb0183e1b5e6caaacf0f7e08f4e2ce0e33e5447e9b62333a5d4a1
fff9ddf1c7f2c7a06936d2d11a415dc5d2e885fb925a3bfbb5b0823f0a6eeafb

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

349 Requests

91 %HTTPS

38 %IPv6

57 Domains

77 Subdomains

49 IPs

11 Countries

5007 kBTransfer

11305 kBSize

34 Cookies

0 Outgoing links

Redirected requests

349 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

349
Requests

91 %
HTTPS

38 %
IPv6

57
Domains

77
Subdomains

49
IPs

11
Countries

5007 kB
Transfer

11305 kB
Size

34
Cookies

349 HTTP transactions
20 data transactions