pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 29 via api (May 29th 2023, 4:55:59 pm UTC) from TR — Scanned from DE

Summary HTTP 273 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 43 domains to perform 273 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
3	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
13	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
55	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
4 9	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.195.80.95 18.195.80.95	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
1	63.251.14.60 63.251.14.60	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
5	2a00:1450:400... 2a00:1450:4001:806::2004	() ()
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	() ()
11 18	142.250.186.34 142.250.186.34	() ()
4 10	185.80.39.216 185.80.39.216	() ()
1	2a04:4e42::485 2a04:4e42::485	() ()
1 3	52.50.83.81 52.50.83.81	() ()
1	2600:1901:0:7... 2600:1901:0:76b9::	() ()
4	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
1	2602:803:c003... 2602:803:c003:200::37	() ()
2	2a02:2638:3::3 2a02:2638:3::3	() ()
1	3.124.42.161 3.124.42.161	() ()
1	23.209.234.32 23.209.234.32	() ()
1	37.157.6.242 37.157.6.242	() ()
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3602:d660:350f:5ea6:8858	() ()
1	178.250.1.9 178.250.1.9	() ()
1 1	51.89.9.251 51.89.9.251	() ()
1	2a00:1450:400... 2a00:1450:4001:830::2006	() ()
3	2600:9000:223... 2600:9000:223f:8600:8:48e:53c0:93a1	() ()
3	2600:1f18:1ac... 2600:1f18:1aca:4281:ac44:4026:62a9:ef97	() ()
1	2a02:2638:3::c 2a02:2638:3::c	() ()
1	2606:4700:20:... 2606:4700:20::681a:61b	() ()
1	130.211.44.5 130.211.44.5	() ()
273	57

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.80.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-80-95.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.14.60 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba11 (None, )

ASN- ()

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.34 (None, ) 11 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (None, ) 4 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.83.81 (None, ) 1 redirects

ASN- ()

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (None, )

ASN- ()

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (None, )

ASN- ()

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::37 (None, )

ASN- ()

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.42.161 (None, )

ASN- ()

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.234.32 (None, )

ASN- ()

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:d660:350f:5ea6:8858 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:8600:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:1aca:4281:ac44:4026:62a9:ef97 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.44.5 (None, )

ASN- ()

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	933 KB
46	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net	329 KB
43	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 414703 cdn.ye-mek.net	643 KB
13	virgul.com static.virgul.com — Cisco Umbrella Rank: 68795 ng.virgul.com — Cisco Umbrella Rank: 62090 ng2.virgul.com	230 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	189 KB
9	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	10 KB
8	googletagservices.com www.googletagservices.com	425 KB
8	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811 fastlane.rubiconproject.com — Cisco Umbrella Rank: 469 beacon-ams3.rubiconproject.com	12 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com	2 KB
5	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4394 cm.adform.net c1.adform.net	3 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 9037	820 B
4	ad4m.at as.ad4m.at ad4m.at	25 KB
4	doubleverify.com cdn.doubleverify.com rtb0.doubleverify.com	24 KB
4	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 54660	569 B
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 286 aax.amazon-adsystem.com — Cisco Umbrella Rank: 387	60 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 723 dis.criteo.com gum.criteo.com	552 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1351 mp.4dex.io — Cisco Umbrella Rank: 1975	25 KB
2	criteo.net static.criteo.net	59 KB
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 121400	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1628 feed.pghub.io — Cisco Umbrella Rank: 7466	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	88 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13287	6 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 imasdk.googleapis.com — Cisco Umbrella Rank: 437	154 KB
2	cloakan.co www.cloakan.co	1 KB
1	2mdn.net s0.2mdn.net	59 KB
1	onetag-sys.com 1 redirects onetag-sys.com	335 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	713 B
1	dotomi.com dclk-match.dotomi.com	105 B
1	quantserve.com cms.quantserve.com	466 B
1	yieldlab.net ad.yieldlab.net	400 B
1	agkn.com d.agkn.com	621 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 597	397 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477	113 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1373	379 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	46 KB
0	de17a.com Failed d5p.de17a.com Failed
0	emxdgt.com Failed hb.emxdgt.com Failed
0	addthis.com Failed s7.addthis.com Failed
273	43

	Domain	Requested by
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
37	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com securepubads.g.doubleclick.net c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net pcloak.blob.core.windows.net
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
18	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com googleads.g.doubleclick.net pcloak.blob.core.windows.net
13	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com pcloak.blob.core.windows.net www.googletagservices.com
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	4 redirects static.virgul.com googleads.g.doubleclick.net
8	www.googletagservices.com	c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
7	c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	fastlane.rubiconproject.com	static.virgul.com
5	www.google.com	tpc.googlesyndication.com c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	cpm.programattik.com	static.virgul.com
4	ng.virgul.com	static.virgul.com ye-mek.net
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	dt.adsafeprotected.com	c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com ye-mek.net
3	static.adsafeprotected.com	c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com ye-mek.net
3	fw.adsafeprotected.com	1 redirects c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com pcloak.blob.core.windows.net fw.adsafeprotected.com
3	cdn.doubleverify.com	c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com cdn.doubleverify.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	ye-mek.net	www.cloakan.co ye-mek.net
2	c1.adform.net	2 redirects
2	ad4m.at	as.ad4m.at ad4m.at
2	static.criteo.net	static.virgul.com static.criteo.net
2	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at
2	ng2.virgul.com
2	adx.adform.net	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	static-de.ad4mat.net	as.ad4m.at
1	gum.criteo.com	static.criteo.net gum.criteo.com
1	s0.2mdn.net	pcloak.blob.core.windows.net s0.2mdn.net
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cm.adform.net	googleads.g.doubleclick.net
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	d.agkn.com	c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
1	beacon-ams3.rubiconproject.com	pcloak.blob.core.windows.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	imasdk.googleapis.com	c1.imgiz.com
1	ap.lijit.com	static.virgul.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	a.teads.tv	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	d5p.de17a.com Failed	googleads.g.doubleclick.net
0	hb.emxdgt.com Failed	static.virgul.com
0	s7.addthis.com Failed	ye-mek.net
273	66

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: DFFA441343D1DA90AFCFC11EDF2EFB9B
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 53FDC1E467FA9F2A50E33B75688CA997
Requests: 113 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 413B7E01A3056593975A00BBEB40F1A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html
Frame ID: 5FEE9417BE516604BFC2F20A8BBBBB24
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: B9CA35CF20966C9E673B0FF2ABF66517
Requests: 1 HTTP requests in this frame

Frame: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F9E637D50A847208CE1CC52579DE39EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379356211&bpp=4&bdt=729&idt=317&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=3600406478333&frm=24&ife=1&pv=2&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44788442%2C44792646&oid=2&pvsid=2342975364104955&tmod=1258882640&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.3esyinmw544i&fsb=1&dtd=334
Frame ID: D0D712716321B0B18EB32A6B00CA3A62
Requests: 1 HTTP requests in this frame

Frame: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: ADC30EEE5A10970AE2AAFEBB8C80EFE2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1AF7DCEFEE5C7A64B6401C08445EF4B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99F009ADC0A0CD599DFD2DF24CE12F60
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357124&bpp=12&bdt=149&idt=244&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=3386230955750&frm=8&ife=1&pv=2&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.c2vnu3mi3xd4&fsb=1&dtd=260
Frame ID: 844637A3863D31B161F240EE183BD099
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357136&bpp=3&bdt=161&idt=253&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3386230955750&frm=8&ife=1&pv=1&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a0kvkxex2sca&fsb=1&dtd=258
Frame ID: 538801339056611CCE0FB1596D3B7390
Requests: 8 HTTP requests in this frame

Frame: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B9B18266B9CD1CB2F6EFC3B8C341E07E
Requests: 18 HTTP requests in this frame

Frame: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1FD98B332726B885CA5AF76CDB235511
Requests: 16 HTTP requests in this frame

Frame: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 50825AD564C67FCF79038A016B9DF431
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhizzIScATAB&v=APEucNUO2PYgIS6i_NYJ53ShKZSFVM2hK2UCvxHIj9BL2fCRftA3ANBG_LvYE_kvCk_BK6Ecv5vCYO5ZMLvKgUK27E92GPfQaIIUsBEcoFI0EdCBiIbZb9aJFYVN5cy88TV-UpWncq1XwlFesPchXYS69aAJhznCiYM-p52qyWE8R59akbrulDE
Frame ID: 565FE6A11C9A8E634D4F41CB1F395F3C
Requests: 5 HTTP requests in this frame

Frame: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0225F38ECDA6F7A40283B4D9A663AB98
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjV1rLlATAB&v=APEucNX7-QBADKbbuTO72_fBnE0xtYplvcw8cCwQrnYQErKGVY82VviICUNDdgueX9xV9M-SZ9KSLmTSyS4X5gV1v2SYFB-sKUSuuuGSvMxhu4sX_Qtdm-vnWO4t67xHk3M4sKqrCAc9nk60noOpQYylBofF_wG2IGZMj1ZD8wG1FjA5jMfLBlc
Frame ID: EC03CD37083D90F46AF57C41A4F8BB8B
Requests: 5 HTTP requests in this frame

Frame: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 53C34E156E080A605F80060D05A8AC6F
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9HMLlw6pDIwfg-DeQMOIWSFmOJAHrCKFv6P99sF7u1XqYX4uRXGmWl4mY5I0nwu5HJSbdsYXX4d05wKULi0b6rocrAg80FtvZT3i6j1cKp3UIrG1XpVoh7IMgLGSyGWPIZhRS7ptr1NfpeBHmvQdmeMAspcb7xVPIS7dsvdMi6zZLuyZb9SHmbcD8mmh18bmRO53YBiu_RD4VCzrd5x1few3Lscmi0fHH_eYtbLDkobwIjO6cGYLUsR1lAgdtvq9f3vbdyhd70goMR8X3s3ytlm2bAAghYRPiU9RxILiUeOps-EIz1sQc7dd3hyIrdIr31PLMVwX5HbKhz_GY&sai=AMfl-YT-R8pyovHxoQm6Gbju6bxtncXIZ6_zoyss64rR9AQTTcetWB1G974LPTjJOQ4RepzyXhu3Qq_LoXyE_fhfAjoL9_74D9tNqVrcJmnz0GUFqURYgHZdsk3kv1HDEg&sig=Cg0ArKJSzHVbhu8ZuE2vEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: ECD2143E0459B7D59FFB6A97C9A3B0B3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_Iro4gEwAQ&v=APEucNXE5x7LIOiBRx8PGiHN1zv6gKbieU5drtcymbyAdx8-yyybbuokqOs_wVQu_AlkvqAghM2JAClxyYkmtQ5otmVPG6knuOrY1Lg6N64fB__-WvgYUu7k2uENDGgALShSWmFebKN-NtdM7Tl4QFoO4hoXSjt_b5F_poDt-ZffmUBaQf8I4Gg
Frame ID: 58A85D50B2C64E25E58DD33F04E63ED8
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h7x3tmfgeqq81h17sfwyk7m8rbycyp1aqh12f6hdasdj0djxkk6me0q32e9cxfedsbvxzyde7pfjj1b3yynt6yz0kwd613btaqtz4g78sd8n4e68f9b6910ankh4knfp2ms5qpkmyx455p1ca0jazypwcs60n2ehz0xcfxa4mckj9k92cn3ww790msep1ta6mhmqcvdxr0qsv5zmza53wz7978z6bbq5mbwxt65nj8kp9r6k322gqwjaqtb7x7k86r48qgn5rmrccg2xvgh079241ncwvzmwachfpgsrvd2axc5ebv1d1w0ky1g41b34zb6g14ng799n884kvgyhwf4btcskccgk4x77an3y8gqk0z319qy00gp6979hw8mx54rac4q63w6metnpe9gd4xstpycv8kepazfa3v04326r876ehfy62wyepf9xajnwjs8kv72&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKmocHdl0ZIaLG4bitwfpzLuIBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApaduozx97E-qAMByAMCqgTVAU_QRz_UVU6YhuOng5asQosAtMTe-rN21NYaLRnqMHKv3NU2L7Mld2bF25uEveZAyiKLo9dvtBAVWClDs_KFCu4W_HoqJW-ghietSZRTsjqerxGKgsZC5Ld7EqHP8fM861fOuPlmD7dAp4EqWhYBgiTdcfVzRa7YlmFmwTiqiXdQWp90vgXItNBBZk_fTUtAwbPU6weyhqy0YBP2Wi9IYL2J3gEzCAqmznJ0u0d6NJP48l46q2Ze1M7ggLdTwrxDyp9mE375HHqqGcIK4OFP4606u3Hk64AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3bcXPDUhbyo0n9wQEbYBtU8XX7Cw%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: E8E764C014249BEDEE3A214F802FD10B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D555F6FC6D3CD60C849F69BF1586E08
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNX44VW4mC5ITW6_JZaVVGgao9h0aMO9eTOrhcRDNqr3KlekEAiMTDN40gGNmrfw89S-PwsT_XsN-fVCyKGSH0GlSjsJVj0D3khgzI6AQS-0cQpmuthYbhTqXi1NPH7b6uKsYm_0onYQ1earKXF__iHnAZrfkQXKBJVE8HTLCPOX8nt_co0
Frame ID: 83A3B7FD712D8CA45D8953DEED6EAB65
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3407002814BA53E305D3DB0A2E6F9B38
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 748DABA3ECC99E1F472001F12CCE9581
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7D5FF27E82A3E8D2592185742616B08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 337A172E90EB6FAD5F0BA6685E1E1C1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659805833&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358015&bpp=3&bdt=451&idt=341&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=5812767722331&frm=8&ife=1&pv=2&ga_vid=1552239155.1685379358&ga_sid=1685379358&ga_hid=772957013&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31071756%2C44788442%2C44790154&oid=2&pvsid=3898876265501106&tmod=1826080285&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.gbe39u2gwzz6&fsb=1&dtd=367
Frame ID: 353AC02002FA9095D0B88AE0E115661B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=3171367898&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358018&bpp=2&bdt=454&idt=398&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5812767722331&frm=8&ife=1&pv=1&ga_vid=1552239155.1685379358&ga_sid=1685379358&ga_hid=772957013&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31071756%2C44788442%2C44790154&oid=2&pvsid=3898876265501106&tmod=1826080285&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.2rhws2hemhe0&fsb=1&dtd=404
Frame ID: 4A36EA3AFBE69A1D81B26A795EE2D277
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659786642&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358054&bpp=5&bdt=436&idt=387&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=2160657135037&frm=8&ife=1&pv=2&ga_vid=1984505561.1685379358&ga_sid=1685379358&ga_hid=1523132542&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=1100520840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071756%2C44788442%2C44789779%2C44792013&oid=2&pvsid=801645483293196&tmod=852172452&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ktfzjmq1tbiq&fsb=1&dtd=409
Frame ID: CAC67F0C667B0C955C4CF1200B280B1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F801ED1087D52B7B77F990416C9CE226
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C9167A7083188B8A2E9827FE029FAAA9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 66A9F80ABB760E0847D243565633F419
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=3171362771&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358059&bpp=1&bdt=441&idt=602&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2160657135037&frm=8&ife=1&pv=1&ga_vid=1984505561.1685379358&ga_sid=1685379358&ga_hid=1523132542&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=1100520840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071756%2C44788442%2C44789779%2C44792013&oid=2&pvsid=801645483293196&tmod=852172452&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vs7zqiiq9lqx&fsb=1&dtd=612
Frame ID: 039F8D7197B48CD7DC202732E35BA125
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B691573435A1395ED72DE8696C25B3FB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=tSCNG8jTrF&t=1&renderingType=2&ev=01_250
Frame ID: 0D402C7CF54030597DC05570AE71DE54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

273
Requests

88 %
HTTPS

55 %
IPv6

43
Domains

66
Subdomains

57
IPs

7
Countries

3496 kB
Transfer

9277 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHTZHWSfR2mm5pWfHqFsSgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

Request Chain 181

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHTZHWSfR2mm5pWfHqFsSgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

Request Chain 183

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

Request Chain 198

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHTZHWSfR2mm5pWfHqFsSgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

Request Chain 200

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDJ8fHn7BfY-kObcLLgIklo&google_cver=1

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECgG8jOGeLYYiR-WwRw2CmA&google_cver=1&adform_v=1

Request Chain 229

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI8nr7Jk1db0NSXT2sudPds&google_cver=1&google_push=ATf1kGPijSzl_fE6JEKM76wEcxsGfiJv3_ExsyeeLoXZdTA0LufvrwHhn6ty0s6LKY1w2ZI9pdF19ZvAiWj_s5Lo1ewoWbJMTJQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPijSzl_fE6JEKM76wEcxsGfiJv3_ExsyeeLoXZdTA0LufvrwHhn6ty0s6LKY1w2ZI9pdF19ZvAiWj_s5Lo1ewoWbJMTJQ&google_hm=eS03VkZ3ZVp0RTJwSEcyNDJGZDVBMzdXdWVoRDFWZTh4NX5B

Request Chain 232

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOgbsuIVZL1Pk3McsGC3jEs&google_cver=1&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQstOLxSNJaylJ-HQPD0jC6L92c HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOgbsuIVZL1Pk3McsGC3jEs&google_cver=1&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQstOLxSNJaylJ-HQPD0jC6L92c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE2MTUyNDAwNDQwNTczMDAxNg&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQstOLxSNJaylJ-HQPD0jC6L92c

Request Chain 233

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMwwhWOe_SbA5uLVD-1o8YA&google_cver=1&google_push=ATf1kGOJRPIxHfHVPiRIXd1w0CxR7CE3_VpMdRjVLCUWtDe9shdut3qHSpwpwDXl6iztNwkbgJOAnyV6NLSXVVagPHtkxxX3D_Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOJRPIxHfHVPiRIXd1w0CxR7CE3_VpMdRjVLCUWtDe9shdut3qHSpwpwDXl6iztNwkbgJOAnyV6NLSXVVagPHtkxxX3D_Y

Request Chain 240

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224181/xbbe/creative/adj?p=APEucNVrat-oZC2pbygOkMhuF-j3a6LRBYVFpEOlH3COZbeGa-IrCnw&d=CokBAKAmf-BXwkSUWHUwmEUAm1NRpAVeehMw8gLLLMnU6P1MxzFIpihiJ9uenpkP3qlNufPDr075Z69Lol1OzNcMWJ2wePejdnrji9y7dkpPqM0RGIm-qsmLD3q-W3GLZTvmlx9aFvFbXLOr1IQsm8BkZpEKN9oURgM2T8DZXtFOQ7c_Z_DCXV3KljkSqRUAoCZ_4JL5GPVVpWoMEU3qP17yjPKV8JZ0_NlrKtmymmgZY-vozyy_YfW8ZfxYT5pZ4tWgbq1JCnAKiNzpmZR9dgP2Vxlc4nMWb3BIdumZ1NH-wh-mUC7YFksqTUGaCl0J-wX_hvzjnZZ6wrJqVR9lIlTVPiVJYXBHPL5BOyiBgvbztfP7qTA_c1KqPTUZmJCfktpgSCzGPBoTIOnQ3vZcKTwbt1DupBBw2BGdhXbupQ8y7d5lTpYIj6R2OH7wEpYbvcNKm6-aE62ApEVAsL4eXEPaf81xCkgGFVPjIdGLbpS_dSZkanYmfj0LRpixX-EuN8oOVpcPMp7lg5PE3S0N0UVnkHoEqAZbNX7AicRWfrDOBTjNG1FMcWVqoLnPlGZPqX9kcwTxUgHFbAilIZFwd9q5Wzp5HTduePxGYTFNWgnFpPcRP7bJNFU_kgdvMr_gJqfNIyrsCseaKkNU1rHQiXmdJErckYYna1C5zrocO8Zhcsoq5hQeXlWF77MLoVD5UzPoFeJPGVpBfA9mljQQ4azYRcyBkW-o-uVN1aDa8HEW50fnkBD4vmA6yKrLN-2toQ2PteZ48Osse7ySVK9HZx8_hdsp1vPDoSVByn52JGk_LtCCKXRKguc0ljJWW8U6lSZ80huM_Hbuh3wiJQrFa0clX1gEkZKG_-q7_5oEfk7NVBQLXMy_DC8DIODchVQK3dL8YqSPt-Naw8jFPVp5aC8XPhsQsC38Cn7V1DF80XN1triHD6J5JpGiJQZAS7TxGbI8YzBUHftT_W0dZHa-Hua_2cDne5h-pJk9JeAGqXnfqrH1SfygfSXr4UE-dSttgDAfa_Ty0XKdlrMHOKiI3zw30T4-YiNN7IFyJkAykrHqsplKjMqdQ1_lZK_J7eVg07PT4uxb3uMEHw3fZWOMbtrWvsYoRXiyi7gDtIkG6MqyfPZC4mVqBeAnbh5VqeNBQNDd6s_UnykBTA6lR0TAMXJuX7P6T3vrIdLjERqBw-pDUPwoxwgiK0LcyHuzfSO1NxR9wd8SOgZqv7XE1l7U3vuGPS3GtV85h_U_uFgOaiJinvQKTycsEDIQE63L_sEsGOm4K8LZxaJrDncZkGcPqYrH_wEYjIA30f7KRudeVeg1oj3SRZJ-mNXyePPXcyfe1NlfoXrkOg_Q6FzJ_drdrsCW40fdvT_JOC-v5th5uQIrP1z0xxu8u1k6qexHsy3yUkja1enFUkOBkAhaFbOllxrEqwEchSNKIFA3iZtnD48dIRWxsN_g7F-a3whebWHmwAM0b8J6LCxmOE7C2fcf8YxaRqLHFd4LyYElWKvvBMcPzGtif464SXnan5ZPi4MYbitz6c9RA-bsIli-i5GaNWSnJf7et4_lXI6OyiLD7upI6iux40AjNgiFKYEUMLiOmsJBAsatETIqmwbHuCN3q_36Az3M-JoCxDa0aukSW5UFulDF4ogvFMZuk0MQBOQ-YQH0iHqQOJx-BTnMh4d-QuGP6cxM1-uBB4cx4K1GJjd7EcLxLUo5kBZr4s4aJT7_hxvjYu6BxIlCK2IIBZ4MVzzF8ZoKmfviIOC2bW-_Em3dZSB-W5CwHbPWKSAfzDAz4gEjvS00wovzXQ9HGLoWukhGzByNgrFc5BD4UanSccMqcEzMmzGYwI2Ctk_90daqvCRKZi_g5ZmHN2l1r8HD0Kww0mNgFJiIqCt3GyQJkxbwIudloSSTAgYyugojOO80iehgpVTP7yXqj7y74ESoT7BteAImhdklb-InU_Rjn1y9zIljnhP2Y5xVEQlBwxvUV3UlM5MDH4JwTq2qYjuZLvlqu7fgCzdWSdijetzfswkQY1s3nBcUzayXpzPAcyneWPbu3XIRkwF4vQlhOawKesM1UFa_fdLtMAvUVaXq84BhLchNfJLlOGHF-sh8IxGio-K0mAeXUpDqa5CPW1FQ2dEjKQbv_nBg3iuuwEud1Z4QyNL0RL84vKUonfUeaPeJy99mu-KrMPHgR9eMUcfCjvCLN1Ka-NlicISLwFjEUjpphRhqmJReHxfVxKjv-QOdo7BN9u4PpFFTa-OXiyyog8o7AXLKDhcmzjUMFbcizno9d-xEJ5EbbzUXEOuG1bO6LMS_ar6MWSOCxP1ZG65tdcqD_7bN-RRF0rZIPs5QY6hC_8AKY4uojVQ4z0trtz5G40AA_xvYcdmQffN3tHKEWE9z2IwBgeLt2X_qqYlAkn3hTh_s2gmJfYZRuofruJF2egM5iPNhAP9Lz8ikv_ESrS3jdOtZS1ySIQ4_6vST7CiXzcpeMzFTuDfTKtvGdBaumzHejDpR-UCLSAKzBqcKvuO28OvDe5GkpjrQtEJsdf6jITYO8WdaulwtyqyLaN6HAj2-RGN-4GE5zBJY2lMUFsDJkJpm69Uifqtl1iOlXD6u0pV-_wF7GuzQOi_kQwAbj_MdwI4xw4H3iUmwSxHygPCDF1dWXiKgnOgy3Q4H4IG8iIuMEuEocj7QQemE1snGmGVEkLAOoEckQOHtZqlHvUY2e81-dm1HU5QTUelVFSzzjLPMOXGt3zhCCHeCwtOFleH309omTnn1Xdt5buMDeGKbFJKCOIUAyLSDWrUlxTkCSdXL9bkcC9TyQ8NF3mHrRTpJLXKa1FtYuz5dRqrEl4Q1puJUeYYSe8m7TKQTBm5JI-T3_3zQCHa9qygt5Dde4qTTrHknBHBgtBaxYWTJb6AGCTnOxEKROqxkyFPPaFJQudP3dQ_tUmuZzAunxeWSglggV2Bp8X0QXkig2gLG3LsqoC127poAojhXzZDHx_vurITZJYYHrt0cxBJHaQzJtps-Z4x1_4Ab-dFbO5FpahCRQoygcrik4VJSlkQ4DyTea7YqbzaCJz9z_OiTP1i6iDpAT_5NZPNMACriimavqD20ABm3_6R-4qBQqzzLmuGoJwl8-uGvvlu6E8Ncj6i_IqWXrOSFNMDXK9Akv-_PeqvyPnz940pHOnN-3CQttDsfRCH_Z-pLa_nC3UdxsIcRGKX237YB-W4dNyKIGz2I1aTBgMi9iA5JxZteKagXcA342AT_uvCg9S9EFOuseX2-zlk7E5106nkKoQA-W8paauvddZaHaxT89PCla7di6aPMIyNUaV3e12Q1LulXfc1Tpr2vlM5fqDTJ1F8Odl0znuq_DoD8kG7qnxmoeZU2w1BWcMvQiPD8JJQ8iyQrNlZ6WoqcB3vezY2Lq95Rvc8i0YjNG4rCe2qW1oauGw0PP6q4v1ImZBPGNaAPh7MKQ-TUOH-9u87IQd4MeWIhQolTElVRNpT9IbhNM9vmnQoGkHyI-SKvx93Cp_Zj4YzK6wIqz8Qum0_qE8ngN_hP1HJOKdBVgtObxjf_fIt5wbUHzS4zdHPFDRSpKN18b_og3sE31CaynST9oQblsOxkZAcK0xrw12k9-GI6ucmQDURTtTb059OZk-79Zq7rUNT2VKKeNE2ZywTh_mcxv3S0AU5DKNc6jqTOkzi9Bv9WlOPXciOaB6l4XSrsKX_YTBgY9DmZRNBI361eZUU8e9HFZ8cPsuefkolXLoU7jppPY_kQoWvs5dfgfyUypBx5gzKaNUueKaAKnjtlXhu0G2xan_0ZHqPffQ2VeBn6PgIQxID7muHYW4RaUpmPwxpBCAQSOwBygQiDcvSYLHPEKTN30Wvxk5crjLOVwjSHIZaPEV2iPuaax-JMB-d3xZprl0KEfkIrcLTVUY5rgTa7GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782787846&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iIRIIyT1hXZE9cYzSqhyA2&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:d5e567f4-b4b6-4e70-eb5d-4c6fd5450b13,c:e1vySu,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-76dcc6f68d-67zj9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tFFm1Rw+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C118%7C1191%7C11a1%7C11b%7C11c%7C11d*.1352960-70224181%7C11d1%7C11e1,idMap:11d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:25,oid:aedd6e3e-fe41-11ed-a831-324a1a395d42,v:19.8.415,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

273 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 430ms
105ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Mon, 29 May 2023 16:55:49 GMT
ETag: 0x8DB5ED08476F0C5
Last-Modified: Sat, 27 May 2023 16:36:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 41e6f133-e01e-0026-634e-920a15000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 99ms
98ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-request-id: 41e6f1fe-e01e-0026-4a4e-920a15000000
Date: Mon, 29 May 2023 16:55:49 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 299ms
100ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 29 May 2023 16:55:49 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 41e6f372-e01e-0026-0e4e-920a15000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 199ms
100ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 29 May 2023 16:55:49 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 41e6f291-e01e-0026-184e-920a15000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
682 B 2884ms
555ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:49 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 2483ms
167ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:52 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 53FD 77 KB
77 KB 161ms
55ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb748b22199592ebf4ec606d4b836f3983d3dfa493da0d2a09d8da5b73270bd9

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 78540
content-type: text/html; charset=utf-8
date: Mon, 29 May 2023 16:55:54 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 53FD 90 KB
33 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 May 2024 11:09:34 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 53FD 10 KB
2 KB 81ms
80ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Mon, 29 May 2023 16:55:54 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 53FD 40 KB
12 KB 66ms
17ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 3569953
x-accel-date: 1681809402
x-77-nzt: AcO1rw60VWn/IXk2AA
x-accel-expires: @1713345402
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 90833930fd7a89ad1bd9746445f4d51f
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 53FD 118 KB
46 KB 135ms
50ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ea145aa4baea99e348fcc09075af4bd78ff800cc053ccae693dd882d59c8d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46889
x-xss-protection: 0
last-modified: Mon, 29 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 May 2023 16:55:55 GMT

GET
H2 200 WebResource.axd Show response
ye-mek.net/ Frame 53FD 23 KB
23 KB 49ms
49ms Script
application/x-javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Mon, 29 May 2023 16:55:54 GMT
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
cache-control: public
content-length: 23063
expires: Sat, 04 May 2024 23:14:43 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 53FD 542 B
896 B 13ms
13ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569952
x-accel-date: 1681809403
content-length: 542
x-77-nzt: AcO1rw45dUr/IHk2AA
x-accel-expires: @1713345403
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 90833930fd7a89ad1bd974640b940e27
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 53FD 2 KB
2 KB 13ms
13ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569943
x-accel-date: 1681809412
content-length: 1651
x-77-nzt: AcO1rw6hpXb/F3k2AA
x-accel-expires: @1713345412
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 90833930fd7a89ad1bd97464d7c7a228
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yogurtlu-ic-bakla-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 53FD 18 KB
18 KB 22ms
17ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/yogurtlu-ic-bakla-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 78070c6d1eba7c2954e61212ceae1eddfbef773ea1da4e75bdf73bed138dd9aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 12684
x-accel-date: 1685366671
content-length: 17996
x-77-nzt: AcO1rw4jw5H/jDEAAA
x-accel-expires: @1716902671
last-modified: Mon, 29 May 2023 13:12:04 GMT
server: CDN77-Turbo
etag: "6474a4a4-464c"
x-77-nzt-ray: 90833930fd7a89ad1bd97464c8f31629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 limon-peltesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 53FD 10 KB
11 KB 27ms
20ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/limon-peltesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f9b00efa272f04561d93ec35d1c255090fa1e77d2b9c7d08b2ed1bea585dbb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 236501
x-accel-date: 1685142854
content-length: 10405
x-77-nzt: AcO1rw7m5tP/1ZsDAA
x-accel-expires: @1716678854
last-modified: Fri, 26 May 2023 22:51:57 GMT
server: CDN77-Turbo
etag: "6471380d-28a5"
x-77-nzt-ray: 90833930fd7a89ad1bd974641b2b3729
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-salcali-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 53FD 17 KB
17 KB 32ms
25ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/firinda-salcali-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 25384b36677ec71b3678443817eb7d4876fdeb68a889bdd6ea15a16864f00308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 322772
x-accel-date: 1685056583
content-length: 17122
x-77-nzt: AcO1rw4l6gL/1OwEAA
x-accel-expires: @1716592583
last-modified: Thu, 25 May 2023 23:00:46 GMT
server: CDN77-Turbo
etag: "646fe89e-42e2"
x-77-nzt-ray: 90833930fd7a89ad1bd974641dce3b29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ic-bakla-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 53FD 18 KB
18 KB 38ms
31ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-bakla-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a7fe9caf3097b900fe4584c14eac69d82dcf3bccf9f53de5513dacc0b0c7e1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 413765
x-accel-date: 1684965590
content-length: 18368
x-77-nzt: AcO1rw7A1Tn/RVAGAA
x-accel-expires: @1716501590
last-modified: Wed, 24 May 2023 21:42:02 GMT
server: CDN77-Turbo
etag: "646e84aa-47c0"
x-77-nzt-ray: 90833930fd7a89ad1bd9746493ac3f29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 53FD 13 KB
13 KB 41ms
34ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/firinda-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5912818a6cbf7dd28046251c26630e960975ee5cf7f18865a8524e0d40e8a558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3567576
x-accel-date: 1681811779
content-length: 13350
x-77-nzt: AcO1rw7LD6z/2G82AA
x-accel-expires: @1713347779
last-modified: Wed, 01 May 2019 23:36:38 GMT
server: CDN77-Turbo
etag: "5cca2d86-3426"
x-77-nzt-ray: 90833930fd7a89ad1bd97464d8ef4229
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sebzeli-soslu-tavuk-yemegi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 53FD 16 KB
16 KB 42ms
35ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/sebzeli-soslu-tavuk-yemegi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 680026f318b1fd16bc8e7b24ba4e32073bc98978f5bd67f19c1b30019a6decf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569821
x-accel-date: 1681809534
content-length: 16450
x-77-nzt: AcO1rw4oKur/nXg2AA
x-accel-expires: @1713345534
last-modified: Mon, 22 Mar 2021 22:09:22 GMT
server: CDN77-Turbo
etag: "60591592-4042"
x-77-nzt-ray: 90833930fd7a89ad1bd97464e7d14429
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 53FD 11 KB
11 KB 42ms
35ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3566124
x-accel-date: 1681813231
content-length: 10807
x-77-nzt: AcO1rw5WpI//LGo2AA
x-accel-expires: @1713349231
last-modified: Wed, 01 May 2019 23:24:41 GMT
server: CDN77-Turbo
etag: "5cca2ab9-2a37"
x-77-nzt-ray: 90833930fd7a89ad1bd974641d9d4629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bugu-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame 53FD 11 KB
12 KB 42ms
35ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/bugu-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7de327885eb13552b4d8343d92108ecd9f34c139b358c2e2e4573227be944949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3567784
x-accel-date: 1681811571
content-length: 11750
x-77-nzt: AcO1rw4RmIH/qHA2AA
x-accel-expires: @1713347571
last-modified: Wed, 01 May 2019 23:21:23 GMT
server: CDN77-Turbo
etag: "5cca29f3-2de6"
x-77-nzt-ray: 90833930fd7a89ad1bd974649f8e4829
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 babagannus-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/07/ Frame 53FD 15 KB
15 KB 42ms
35ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/07/babagannus-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d3345e17444e219afe479e1ce068c14dc111fedebd1ec1b20cc561fb452a4173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569424
x-accel-date: 1681809931
content-length: 15239
x-77-nzt: AcO1rw7vRNf/EHc2AA
x-accel-expires: @1713345931
last-modified: Wed, 01 May 2019 23:02:58 GMT
server: CDN77-Turbo
etag: "5cca25a2-3b87"
x-77-nzt-ray: 90833930fd7a89ad1bd974649d1b4a29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tas-kadayif-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 53FD 15 KB
15 KB 42ms
36ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/tas-kadayif-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 00e9ceb91d310a8a3c6566b7fd1dd67cf812b47aadfa7e39e82a519b49e8277d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569924
x-accel-date: 1681809431
content-length: 15230
x-77-nzt: AcO1rw4VoAD/BHk2AA
x-accel-expires: @1713345431
last-modified: Sun, 10 May 2020 01:45:15 GMT
server: CDN77-Turbo
etag: "5eb75cab-3b7e"
x-77-nzt-ray: 90833930fd7a89ad1bd9746466916429
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 acem-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 53FD 14 KB
14 KB 42ms
36ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/acem-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569764
x-accel-date: 1681809591
content-length: 14065
x-77-nzt: AcO1rw75y47/ZHg2AA
x-accel-expires: @1713345591
last-modified: Sun, 15 Mar 2020 20:02:10 GMT
server: CDN77-Turbo
etag: "5e6e89c2-36f1"
x-77-nzt-ray: 90833930fd7a89ad1bd9746486d46629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 valide-sultan-corbasi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/04/ Frame 53FD 11 KB
12 KB 42ms
36ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/04/valide-sultan-corbasi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 81edaeb1fa8ee92d6ff74b25c17ee3c4281188958a1e5506ccb8fca25469a639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3568309
x-accel-date: 1681811046
content-length: 11543
x-77-nzt: AcO1rw5tasL/tXI2AA
x-accel-expires: @1713347046
last-modified: Wed, 01 May 2019 23:15:03 GMT
server: CDN77-Turbo
etag: "5cca2877-2d17"
x-77-nzt-ray: 90833930fd7a89ad1bd974646a4c6829
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sebzeli-firinda-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 53FD 12 KB
12 KB 42ms
36ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/sebzeli-firinda-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3785a64ea212b675fabed56a2d69b001dde3a875471a6bb395493bc2321103d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3567610
x-accel-date: 1681811745
content-length: 11965
x-77-nzt: AcO1rw4aZZv/+m82AA
x-accel-expires: @1713347745
last-modified: Tue, 14 May 2019 20:51:03 GMT
server: CDN77-Turbo
etag: "5cdb2a37-2ebd"
x-77-nzt-ray: 90833930fd7a89ad1bd974645bea6929
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sodali-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 53FD 15 KB
16 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/sodali-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c95864adde9fe8a23911034d261ca90d154b87611afb584416b2b317c1357813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569935
x-accel-date: 1681809420
content-length: 15812
x-77-nzt: AcO1rw4D0uH/D3k2AA
x-accel-expires: @1713345420
last-modified: Fri, 29 Apr 2022 00:25:19 GMT
server: CDN77-Turbo
etag: "626b306f-3dc4"
x-77-nzt-ray: 90833930fd7a89ad1bd9746436ae6b29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 53FD 16 KB
16 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569825
x-accel-date: 1681809530
content-length: 16315
x-77-nzt: AcO1rw5r7+f/oXg2AA
x-accel-expires: @1713345530
last-modified: Fri, 22 May 2020 22:51:08 GMT
server: CDN77-Turbo
etag: "5ec8575c-3fbb"
x-77-nzt-ray: 90833930fd7a89ad1bd97464ada46d29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/08/ Frame 53FD 13 KB
13 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/08/tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2949015
x-accel-date: 1682430340
content-length: 13086
x-77-nzt: AcO1rw7M55z/l/8sAA
x-accel-expires: @1713966340
last-modified: Wed, 01 May 2019 23:03:11 GMT
server: CDN77-Turbo
etag: "5cca25af-331e"
x-77-nzt-ray: 90833930fd7a89ad1bd9746410707029
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 terbiyeli-tavuk-haslama-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 53FD 14 KB
14 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/terbiyeli-tavuk-haslama-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 895b747078615b23f6386c387ff4bafdc3a6c17676228fac66485d250ab87584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569801
x-accel-date: 1681809554
content-length: 13835
x-77-nzt: AcO1rw7PTVf/iXg2AA
x-accel-expires: @1713345554
last-modified: Mon, 03 Jan 2022 22:47:59 GMT
server: CDN77-Turbo
etag: "61d37d1f-360b"
x-77-nzt-ray: 90833930fd7a89ad1bd9746438ad7229
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-buhara-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 53FD 15 KB
16 KB 43ms
38ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/tavuklu-buhara-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1b03fd3fa3f31290953a4de0da547b6f833489691c8f447fa19019095a60c8a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569875
x-accel-date: 1681809480
content-length: 15804
x-77-nzt: AcO1rw6HFBf/03g2AA
x-accel-expires: @1713345480
last-modified: Wed, 22 Mar 2023 20:32:55 GMT
server: CDN77-Turbo
etag: "641b65f7-3dbc"
x-77-nzt-ray: 90833930fd7a89ad1bd974643c887429
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-tavuk-pirzola-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 53FD 14 KB
14 KB 43ms
38ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/tavada-tavuk-pirzola-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3a55a81ee41fb052562bfb3751492caf7ce85c5c029a7a7b03fa55797707b85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569764
x-accel-date: 1681809591
content-length: 14203
x-77-nzt: AcO1rw6Yzjr/ZHg2AA
x-accel-expires: @1713345591
last-modified: Sun, 28 Feb 2021 23:53:10 GMT
server: CDN77-Turbo
etag: "603c2ce6-377b"
x-77-nzt-ray: 90833930fd7a89ad1bd9746408307629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pesto-soslu-tavuklu-noodle-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 53FD 12 KB
12 KB 43ms
38ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/pesto-soslu-tavuklu-noodle-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cb52111dd9f956e7d4e7aedafd0bb0f1785509e9d242eb245a82f1a165e6462a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3566413
x-accel-date: 1681812942
content-length: 12246
x-77-nzt: AcO1rw4jrsf/TWs2AA
x-accel-expires: @1713348942
last-modified: Mon, 09 Dec 2019 21:34:21 GMT
server: CDN77-Turbo
etag: "5deebddd-2fd6"
x-77-nzt-ray: 90833930fd7a89ad1bd974647ad27729
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kabak-dizme-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 53FD 16 KB
16 KB 43ms
38ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/firinda-kabak-dizme-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e6c870caeff593f3247187fe97c6888a3bd2c9a67ef4cf1d666b43665952a430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569559
x-accel-date: 1681809796
content-length: 16225
x-77-nzt: AcO1rw59HvP/l3c2AA
x-accel-expires: @1713345796
last-modified: Wed, 14 Apr 2021 01:02:00 GMT
server: CDN77-Turbo
etag: "60763f08-3f61"
x-77-nzt-ray: 90833930fd7a89ad1bd9746461ed7929
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-kremali-makarna-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/08/ Frame 53FD 13 KB
13 KB 43ms
38ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/08/mantarli-kremali-makarna-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 592b6041dc50712e6562fd725a58a3aefd7f81327fae077be170fd00a9573601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569821
x-accel-date: 1681809534
content-length: 13108
x-77-nzt: AcO1rw6ErR3/nXg2AA
x-accel-expires: @1713345534
last-modified: Sun, 01 Aug 2021 22:03:23 GMT
server: CDN77-Turbo
etag: "61071a2b-3334"
x-77-nzt-ray: 90833930fd7a89ad1bd97464546a7c29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mercimekli-kabak-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/10/ Frame 53FD 14 KB
14 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/10/mercimekli-kabak-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 492adf8c1a07f8a94b648c30ff706dea04aa46438beddc72b9de798656796260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3568818
x-accel-date: 1681810537
content-length: 13961
x-77-nzt: AcO1rw6XE6T/snQ2AA
x-accel-expires: @1713346537
last-modified: Tue, 26 Oct 2021 21:55:31 GMT
server: CDN77-Turbo
etag: "61787953-3689"
x-77-nzt-ray: 90833930fd7a89ad1bd9746458a97e29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yumurtali-borulce-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/10/ Frame 53FD 14 KB
14 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/10/yumurtali-borulce-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a829afb793084ba036e062f62df25c19a246b6c08d59bfa24811ea9ec26b415b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 784202
x-accel-date: 1684595153
content-length: 13871
x-77-nzt: AcO1rw6H4Tb/SvcLAA
x-accel-expires: @1716131153
last-modified: Thu, 17 Oct 2019 21:02:48 GMT
server: CDN77-Turbo
etag: "5da8d6f8-362f"
x-77-nzt-ray: 90833930fd7a89ad1bd9746426d48029
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 aliske-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 53FD 12 KB
13 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/aliske-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a6da92fdbad2cbf7335e0189ffd8740e2d1b2bcee9542681b0049eff590536e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569825
x-accel-date: 1681809530
content-length: 12480
x-77-nzt: AcO1rw6zsZ//oXg2AA
x-accel-expires: @1713345530
last-modified: Sat, 25 Apr 2020 23:52:56 GMT
server: CDN77-Turbo
etag: "5ea4cd58-30c0"
x-77-nzt-ray: 90833930fd7a89ad1bd9746482098329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cennet-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 53FD 13 KB
13 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/cennet-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 52e4ef7a6185c0be960e4d73e85a4694f582a1c32d5d379d1c2fd02093b153bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569911
x-accel-date: 1681809444
content-length: 13428
x-77-nzt: AcO1rw4S81P/93g2AA
x-accel-expires: @1713345444
last-modified: Thu, 23 Apr 2020 23:48:48 GMT
server: CDN77-Turbo
etag: "5ea22960-3474"
x-77-nzt-ray: 90833930fd7a89ad1bd9746404678529
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pirinc-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 53FD 12 KB
12 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/pirinc-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79b38a235f327e607a6f59ab735cd78b4105a2e4164e2dd3f2c0415331e2d301

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3567664
x-accel-date: 1681811691
content-length: 12082
x-77-nzt: AcO1rw7IFBv/MHA2AA
x-accel-expires: @1713347691
last-modified: Wed, 01 May 2019 23:24:49 GMT
server: CDN77-Turbo
etag: "5cca2ac1-2f32"
x-77-nzt-ray: 90833930fd7a89ad1bd9746443b48729
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sutlu-misir-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/01/ Frame 53FD 11 KB
12 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/01/sutlu-misir-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4d0a27543c9a3893f798b3892a5dd46b9e15b69417b23229049df5f49caacb6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3564015
x-accel-date: 1681815340
content-length: 11735
x-77-nzt: AcO1rw6F9qf/72E2AA
x-accel-expires: @1713351340
last-modified: Mon, 25 Jan 2021 23:21:15 GMT
server: CDN77-Turbo
etag: "600f526b-2dd7"
x-77-nzt-ray: 90833930fd7a89ad1bd97464d7ff8929
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 biskuvili-balerin-pasta-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/10/ Frame 53FD 15 KB
15 KB 44ms
40ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/10/biskuvili-balerin-pasta-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bf375cc0cc38dc98d44b40d5807b4397acd75834c3b177e73d9f98a207e2edc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3567129
x-accel-date: 1681812226
content-length: 14897
x-77-nzt: AcO1rw7Gr8//GW42AA
x-accel-expires: @1713348226
last-modified: Wed, 01 May 2019 23:06:47 GMT
server: CDN77-Turbo
etag: "5cca2687-3a31"
x-77-nzt-ray: 90833930fd7a89ad1bd9746486a58b29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ay-tatlisi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame 53FD 13 KB
13 KB 44ms
40ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ay-tatlisi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: acffece7892896faf2569dbdd15d0bedb4c09ac1f768697e83e3e6c85b07d7a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569756
x-accel-date: 1681809599
content-length: 13314
x-77-nzt: AcO1rw57/pv/XHg2AA
x-accel-expires: @1713345599
last-modified: Sun, 02 Feb 2020 22:14:29 GMT
server: CDN77-Turbo
etag: "5e3749c5-3402"
x-77-nzt-ray: 90833930fd7a89ad1bd97464df498d29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 portakalli-revani-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 53FD 14 KB
14 KB 44ms
40ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/portakalli-revani-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e37db6d8f45ac721b8a5e4cc5367e23398c0a717118648ecb39ce936fdd1b459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569924
x-accel-date: 1681809431
content-length: 14267
x-77-nzt: AcO1rw5B6TX/BHk2AA
x-accel-expires: @1713345431
last-modified: Sat, 22 Jan 2022 19:06:10 GMT
server: CDN77-Turbo
etag: "61ec55a2-37bb"
x-77-nzt-ray: 90833930fd7a89ad1bd9746468918f29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 elmali-crumble-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 53FD 12 KB
13 KB 45ms
40ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/elmali-crumble-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 78da9db43c13878a83c2add982d64622874181fd479875d2ab4c4be7cff84fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3564147
x-accel-date: 1681815208
content-length: 12773
x-77-nzt: AcO1rw61SR//c2I2AA
x-accel-expires: @1713351208
last-modified: Sat, 27 Mar 2021 01:19:51 GMT
server: CDN77-Turbo
etag: "605e8837-31e5"
x-77-nzt-ray: 90833930fd7a89ad1bd97464e971dd29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kaygana-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/03/ Frame 53FD 12 KB
12 KB 45ms
41ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/03/kaygana-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7db39f0b9931b338e9cd0eabeef7fd618ace0e5bc5990061ce13a0a2ed8e8a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3564362
x-accel-date: 1681814993
content-length: 11893
x-77-nzt: AcO1rw7gjE7/SmM2AA
x-accel-expires: @1713350993
last-modified: Wed, 01 May 2019 23:14:01 GMT
server: CDN77-Turbo
etag: "5cca2839-2e75"
x-77-nzt-ray: 90833930fd7a89ad1bd97464b343e029
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kahvaltilik-cevizli-ezme-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame 53FD 15 KB
15 KB 45ms
41ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/kahvaltilik-cevizli-ezme-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 84e751f2dc953e626ba17dbd4aa9f4ba4a62ed2239bbb48b4e2d485b4b3a9ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3564957
x-accel-date: 1681814398
content-length: 15077
x-77-nzt: AcO1rw4u7D7/nWU2AA
x-accel-expires: @1713350398
last-modified: Wed, 01 May 2019 23:20:59 GMT
server: CDN77-Turbo
etag: "5cca29db-3ae5"
x-77-nzt-ray: 90833930fd7a89ad1bd97464df2ee229
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sahine-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 53FD 16 KB
17 KB 45ms
41ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/sahine-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d98024e61787e1bdd709f051b35af56fad581b55527b74b00717435db4489828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569924
x-accel-date: 1681809431
content-length: 16575
x-77-nzt: AcO1rw5c3IP/BHk2AA
x-accel-expires: @1713345431
last-modified: Fri, 25 Feb 2022 21:40:05 GMT
server: CDN77-Turbo
etag: "62194cb5-40bf"
x-77-nzt-ray: 90833930fd7a89ad1bd97464d2e1e329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yumurta-katlama-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/01/ Frame 53FD 12 KB
13 KB 45ms
41ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/01/yumurta-katlama-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 23d58172a13a810fa151cb35f5f0bee205d2294327be9d8b7172553719cf3e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 118375
x-accel-date: 1685260980
content-length: 12735
x-77-nzt: AcO1rw5uFhH/Z84BAA
x-accel-expires: @1716796980
last-modified: Wed, 20 Jan 2021 23:18:27 GMT
server: CDN77-Turbo
etag: "6008ba43-31bf"
x-77-nzt-ray: 90833930fd7a89ad1bd974649369e529
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 53FD 5 KB
6 KB 68ms
18ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:55 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1685379355.cds322.am5.hn,1685379355.cds292.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET addthis_widget.js
s7.addthis.com/js/300/ Frame 53FD 0
0

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 53FD 465 B
585 B 73ms
23ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:55 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1685379355.cds322.am5.hn,1685379355.cds214.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 53FD 74 KB
26 KB 205ms
50ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:55 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 15:23:45 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 53FD 3 KB
3 KB 33ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a824750b0b4c00060ba43dd544a11c953f3b13afa875d59082f8d50cc8a7d65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 May 2023 16:55:55 GMT
content-md5: LMDqz4ck4vXQ/2dp7XrMuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: tikCXVBzoblkzeev3RkypIkcr3sT+0NtS/tUOAbXf8aHrwaRkoOSeONCIZAkPKlzTD42iaosQJIma0WadOPv3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: f2b3eac9ad8be843f2d3205ece02f1a9
cross-origin-opener-policy: same-origin-allow-popups
etag: "f35d60ececac1b78c60e92bcf13ea56a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 29 May 2023 16:57:17 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 53FD 21 KB
21 KB 41ms
41ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 May 2023 16:55:55 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3569953
x-accel-date: 1681809402
content-length: 21525
x-77-nzt: AcO1rw7U7x7/IXk2AA
x-accel-expires: @1713345402
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 90833930fd7a89ad1bd97464977ee729
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 53FD 301 KB
85 KB 26ms
13ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=204955560bb1174a687dcb70e79ca664

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

02aadefee382da56c324b7d20b37a3442871c5ba884280c4d1e999060c686a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 May 2023 16:55:55 GMT
content-md5: 2LA16MPmZGIQUyBHM1lykQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87271
x-fb-rlafr: 0
x-fb-debug: ASxdV+U/zZIc/3ipu1R9TFRhk4A6LgE1tLnN4AScD9uSYIeYgM6IIv88ZnmZX2hgu9MuHhncFrtJE9yWxA7QXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b97a28413562ee7c9cd9da7619ca13ec
cross-origin-opener-policy: same-origin-allow-popups
etag: "cf9600aa36c408c5df6e52f9c3597dd7"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 May 2024 16:37:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 53FD 51 KB
21 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 May 2023 15:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 29 May 2023 17:04:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 53FD 75 KB
25 KB 210ms
99ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fadeb214cd5b14873918e6c90edabcb815e39a2fb90936a36c7b9b229819db90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25140
x-xss-protection: 0
server: cafe
etag: 987 / 19506 / m202305230101 / config-hash: 5517893993639430185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:56 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 53FD 120 B
307 B 45ms
45ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:55 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 413B 891 B
1 KB 46ms
45ms Document
text/html 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Mon, 29 May 2023 16:55:55 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 53FD 136 KB
47 KB 186ms
87ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8717b6f058897e2211c83c7169f852ebc0e4e6e0b8911d4999168052eb307be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47423
x-xss-protection: 0
server: cafe
etag: 3018746789498533708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:56 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 53FD 489 KB
182 KB 50ms
50ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:55 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 53FD 228 KB
56 KB 34ms
8ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:44:38 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 19:17:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 678
etag: W/"d18b57a80b57082ffb531a2e077b3016"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: pesV3T56DmEg-JBh37Y-70WAPDQYB5BYoRD8IIdqZw30qMEUZs6-kQ==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 53FD 33 KB
5 KB 183ms
70ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1685379355953&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7953572310079526
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 4b7d8df9fa70501dc1a1195b0c5511d140ccdd40988a4bd2bdcde13f498c26eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 53FD 12 KB
2 KB 45ms
45ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19506
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:55 GMT
content-encoding: gzip
last-modified: Sun, 14 May 2023 21:52:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 53FD 49 KB
5 KB 165ms
55ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468160
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: de3d06ba46d343d5ce946e6fab1c0a1030669f7bafad177fdcd182b6e881fa08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 53FD 0
305 B 8ms
8ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:48:02 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 7674
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: aeyCnj30nMxll6dtyHH7T6H_Ou6CwRofK0xE4ETtd1SKGF_a226DMw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 53FD 6 KB
3 KB 26ms
9ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
date: Mon, 29 May 2023 05:55:07 GMT
x-amz-cf-pop: FRA56-P3
age: 55157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: cOSDUgr_PT9i36crjaP4PMBRYQ87_GUIuDta0JEGIXgdR_ocVXxv5A==

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 53FD 9 KB
3 KB 46ms
45ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 53FD 11 KB
5 KB 45ms
45ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468160
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 53FD 17 KB
5 KB 59ms
16ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:27:24 GMT
content-encoding: gzip
age: 1712
x-guploader-uploadid: ADPycdteENBlsBT7U8uYUcPAUQRo3zdnQ24jwPOjiwZ9CCwE-bNgK9kXs446BmHmhy2MAkiOyUSukNVLJIXeknkEfqJ2rVtBhIX3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 53FD 0
210 B 45ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685379356147&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.11457226833948742
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 29 May 2023 16:55:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 53FD 7 KB
3 KB 202ms
46ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19506
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 05 Jun 2023 16:55:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame 53FD 350 KB
118 KB 195ms
117ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0fe92dc4ea02d09ee56e4b0e11f8618bb8310fc351cfaccdebfd25a9ea0884c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120275
x-xss-protection: 0
server: cafe
etag: 7070848669646692991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/ Frame 5FEE 10 KB
5 KB 123ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 15:23:40 GMT
etag: 15057649708203361565
expires: Mon, 12 Jun 2023 15:23:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zoneview
ng.virgul.com/ Frame 53FD 0
210 B 45ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685379356239&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5629240732746321
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 29 May 2023 16:55:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/ Frame 53FD 403 KB
125 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 13:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11776
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127382
x-xss-protection: 0
server: cafe
etag: 12178286523779166803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 28 May 2024 13:39:40 GMT

GET
H2 200 tag Show response
feed.pghub.io/ Frame B9CA 13 B
258 B 69ms
25ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Mon, 29 May 2023 16:55:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 53FD 483 B
1021 B 70ms
22ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 16:55:56 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2410423
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afhmLZD39OcYDmqF2B8RfXy1m5Gtjj7W2W5NAueOsgrJoFVmZcnc6DmgeWbn%2Bttr%2BUtRwzlwXXc0rm7%2BMyLC1b2H9nnUkNaV3sSQNy%2F9Rv0EnnWasU1X9cz9WcrRrdhM4cwyFj5Op5Llrkmc"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7cf04491ea8f7327-LHR

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 53FD 23 B
459 B 398ms
336ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=DiY0Cq77JYJBO&cb=0&ws=1600x1200&v=23.517.1921&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: NQMH0V2KJ1ZMD7V61HG1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: MIH7i0z-uo-7h5goFAn_PM9tmEBQyGJ1tQqXrAtKIJGs-3t7rbNPPg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 53FD 107 B
532 B 166ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 53FD 107 B
457 B 161ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53FD 26 KB
11 KB 474ms
474ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2342975364104955&correlator=3820281359114358&eid=44793315&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685379355953%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc82ceb5cbd3e46d7ba07b1bb203c91af&sc=1&cdm=ye-mek.net&abxe=1&dt=1685379356435&lmt=1685379356&dlt=1685379355482&idt=899&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=r25qpnwpmbq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

353692ea41493ab1cf0ce7a126b05cb69937241143d9d359e4ea7afcd43a9632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11277
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9E6 6 KB
3 KB 161ms
46ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
expires: Tue, 28 May 2024 16:55:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 53FD 16 B
379 B 90ms
50ms XHR
application/json 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 29 May 2023 16:55:56 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 53FD 0
529 B 136ms
62ms XHR
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 53FD 471 B
1 KB 27ms
7ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

0c8597eb33ce87bcd380caf9216cbd93cd732d53c33e8010a2c462069ec7ae85

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:56 GMT
AN-X-Request-Uuid: 55cae95e-d392-42e2-888d-143cbc409572
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 471
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 53FD 0
282 B 111ms
58ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7cf044925d3301e7-ZRH
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 53FD 173 B
400 B 178ms
35ms XHR
application/json 18.195.80.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.80.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-80-95.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 20fccb0490daa3b838d6385f0db1d858ed9b3ec52f2aa8b2773bbbb70bb2476c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 53FD 416 B
741 B 294ms
148ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=869f4f43-96fb-4e45-8aa0-3e9bbe1d05b9%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=a7202f3d-2a1d-4be1-bf98-7702a8f6995a&l_pb_bid_id=2684c440289c2e1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7887759157490539
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 92f05f1a58fbb3fe0bf42fe1389ebcc863f2db3341c76951bcb365c813b83452

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 53FD 410 B
735 B 266ms
121ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=869f4f43-96fb-4e45-8aa0-3e9bbe1d05b9%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=432cb589-744f-4b1b-ad8c-dcfbfe31b5b5&l_pb_bid_id=271ceeeef29416c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46821322343543303
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a620a71c44dfc26dc854e6dc221501c89ad63b7ad2e51bc06a3462bb62b512ae

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 53FD 404 B
731 B 406ms
261ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=869f4f43-96fb-4e45-8aa0-3e9bbe1d05b9%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=ecf2feff-35c4-4ba5-8138-b375843ea0e5&l_pb_bid_id=282fee916f88e74&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18121636301614252
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 876bdc822487b7f9a4a6387822d361c6d53d2f23583f938735c31cb6233f945b

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 404
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 53FD 20 KB
8 KB 406ms
262ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=869f4f43-96fb-4e45-8aa0-3e9bbe1d05b9%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=01017917-e14d-4008-ad23-2ee90edcf355&l_pb_bid_id=2994cac94f955eb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28635013893462613
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 45414429e2717d3503ff3c19b24c8559d615d0e3b1973722afc5e71de34cf94f

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 53FD 397 B
724 B 284ms
140ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=869f4f43-96fb-4e45-8aa0-3e9bbe1d05b9%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=1d9d68e0-5ea1-4136-a617-95cbe6c8fcbb&l_pb_bid_id=307eb6258b24403&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4964735620648888
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d231cd7bf6c1228a6d8ab331f27c19403dbfc0f6636eb5f3e4abdd08ef6ddd1e

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 53FD 408 B
958 B 262ms
118ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=869f4f43-96fb-4e45-8aa0-3e9bbe1d05b9%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=2757faee-dda4-4696-b476-fb5f0b87fd7d&l_pb_bid_id=322307fa2affdf9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7633284280304677
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f3764f6186780697673ae9c1332e51fa903537d5b879f963ee6efc1fb75261de

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 53FD 0
189 B 91ms
30ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=41872761735&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 29 May 2023 16:55:56 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 53FD 0
113 B 71ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 29 May 2023 16:55:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 53FD 0
142 B 190ms
58ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 53FD 0
143 B 187ms
54ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 53FD 0
142 B 187ms
55ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 53FD 0
142 B 191ms
59ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST /
hb.emxdgt.com/ Frame 53FD 0
0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 53FD 0
528 B 111ms
63ms XHR
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 53FD 24 B
397 B 543ms
179ms XHR
application/json 63.251.14.60
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.60 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: c7c25c3154b5fcf28395bb05b37919d613ac143cef9cda49322bd94f7b2982a4

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 29 May 2023 16:55:56 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 53FD 361 B
1 KB 10ms
7ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

8295ac4442becb97fa4d1acff351ac7f980d122907a3a886f89c033001cdbcd6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:56 GMT
AN-X-Request-Uuid: fb116cba-21d4-426b-a387-54f71680a9ec
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 53FD 361 KB
121 KB 175ms
57ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Mon, 29 May 2023 16:55:56 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 53FD 398 KB
128 KB 52ms
51ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/29/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a2bd03a89a32099068ca9ca2a7f6a61ed04029d3f196d8ab9285d32de87a07f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 15:46:17 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 05 Jun 2023 16:55:56 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 53FD 74 KB
23 KB 63ms
29ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 16:55:56 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1755950
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwhf0qaZjNOnMlTwdCsACIiQzaJhvfdselX9CY4oPFSgZG7rRFiRNnYJ65eexQt1DUlYjLNLiBm%2BTwbmuG2xmSXWDO%2BXObnOkkCDcqcGypHDpNE53TeFNnhjCfHUMe3URUWpV%2FIvFEU6zcvp"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7cf044928e2923ad-LHR

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0D7 603 B
67 B 214ms
214ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379356211&bpp=4&bdt=729&idt=317&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=3600406478333&frm=24&ife=1&pv=2&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44788442%2C44792646&oid=2&pvsid=2342975364104955&tmod=1258882640&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.3esyinmw544i&fsb=1&dtd=334

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 53FD 15 KB
11 KB 91ms
90ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75bc511de07a9cc8d5a183cec87c2297db7970f013cc2e22ad2201e95634e293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11264
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 53FD 17 KB
7 KB 361ms
249ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H2 200 container.html Show response
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADC3 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
expires: Tue, 28 May 2024 16:55:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ADC3 24 KB
7 KB 71ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 549449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ADC3 135 KB
46 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e95b2b1338e35cff9c68b8f62453fb3bc2bc74509dce3efe81d9ee0e615eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Origin: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47242
x-xss-protection: 0
server: cafe
etag: 11392672991355204757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADC3 171 KB
54 KB 150ms
50ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 53FD 107 B
166 B 49ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 53FD 107 B
166 B 47ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53FD 23 KB
11 KB 377ms
376ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2342975364104955&correlator=1261305582952214&eid=44793315&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=3&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685379355953%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc82ceb5cbd3e46d7ba07b1bb203c91af&sc=1&cdm=ye-mek.net&abxe=1&dt=1685379357066&lmt=1685379357&dlt=1685379355482&idt=899&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=nsvbxfm5t10z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvi-RcoCYtocc-NlpR5_WY709rWe4-IYMBmKikeQieRmJjPXEs51Z8nFC5d0QDEWRuhGVCAswXDBMF4E-Ns5ZA&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00edad84346277b96b653b811514443abc1d1b477e7816a13d7f56b4753212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11207
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53FD 26 KB
11 KB 442ms
441ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2342975364104955&correlator=1226385924396336&eid=44793315&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=4&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685379355953%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc82ceb5cbd3e46d7ba07b1bb203c91af&sc=1&cdm=ye-mek.net&abxe=1&dt=1685379357071&lmt=1685379357&dlt=1685379355482&idt=899&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=adfrfy1flqhb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvi-RcoCYtocc-NlpR5_WY709rWe4-IYMBmKikeQieRmJjPXEs51Z8nFC5d0QDEWRuhGVCAswXDBMF4E-Ns5ZA&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97c16ec0dcc4392637209277a53947e885ba5fbedd40a63be7448e8e00d5a4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11253
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425516693
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53FD 26 KB
12 KB 368ms
367ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2342975364104955&correlator=2352735587867807&eid=44793315&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=5&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685379355953%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc82ceb5cbd3e46d7ba07b1bb203c91af&sc=1&cdm=ye-mek.net&abxe=1&dt=1685379357074&lmt=1685379357&dlt=1685379355482&idt=899&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ebeinritb0d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvi-RcoCYtocc-NlpR5_WY709rWe4-IYMBmKikeQieRmJjPXEs51Z8nFC5d0QDEWRuhGVCAswXDBMF4E-Ns5ZA&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef7bc11180ede3049e699a3348a1eb8e1df6ed61c574e54ac95dbdf793995478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12199
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53FD 26 KB
11 KB 387ms
386ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2342975364104955&correlator=2191401694756728&eid=44793315&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685379355953%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc82ceb5cbd3e46d7ba07b1bb203c91af&sc=1&cdm=ye-mek.net&abxe=1&dt=1685379357078&lmt=1685379357&dlt=1685379355482&idt=899&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=xbr2h0jt7jl6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvi-RcoCYtocc-NlpR5_WY709rWe4-IYMBmKikeQieRmJjPXEs51Z8nFC5d0QDEWRuhGVCAswXDBMF4E-Ns5ZA&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c733e611ba1965b9caeedef9c8c580e149ed49ec27ffa58ad80a0dcb221374aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11342
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425219174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53FD 35 KB
14 KB 459ms
458ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2342975364104955&correlator=2700531220187207&eid=44793315&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685379355953%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc82ceb5cbd3e46d7ba07b1bb203c91af&sc=1&cdm=ye-mek.net&abxe=1&dt=1685379357081&lmt=1685379357&dlt=1685379355482&idt=899&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=goewnq3ky24&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvi-RcoCYtocc-NlpR5_WY709rWe4-IYMBmKikeQieRmJjPXEs51Z8nFC5d0QDEWRuhGVCAswXDBMF4E-Ns5ZA&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02242d4f155564e1ebe14a1f8a40554087a4f0e40eb16b33471d334fb553b2cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13998
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 53FD 27 KB
11 KB 531ms
530ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2342975364104955&correlator=961317740916758&eid=44793315&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D4.46%26hb_adid%3D68acd35853e085b%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D4.46%26hb_adid_rubicon%3D68acd35853e085b%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D4.46&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685379355953%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc82ceb5cbd3e46d7ba07b1bb203c91af&sc=1&cdm=ye-mek.net&abxe=1&dt=1685379357086&lmt=1685379357&dlt=1685379355482&idt=899&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=3jzmb5dzmeoy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvi-RcoCYtocc-NlpR5_WY709rWe4-IYMBmKikeQieRmJjPXEs51Z8nFC5d0QDEWRuhGVCAswXDBMF4E-Ns5ZA&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1620dfc736899f25202455ccbdbf70833c5534de0d972d5affda94ac458bd88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
google-lineitem-id: 5617226546
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339352911
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 53FD 0
210 B 53ms
46ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685379355953&userId=vnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 29 May 2023 16:55:57 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ADC3 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkR8N0Dwg5F5j36Duhh7ogra38WNRte2wiBLd6rMRcxnsWZOHMlmC4oQW8m5AY3WZbrOOD8ZleAsHxQVGiFgaHqBNtsFE30RpKCPIvm8CNU56K6NH-TGuTUeNbUKkUWgU6bJeTadIPgBq5mPIje8o3HZeNAlyqmeFare5xnPiYomwuyZiSdx5DMZvTjWYpODgbDd2PImf43Y5Q4EHf_ba5rcVzMY0IcdL_IkNAgjPqxt9f3YELa2bbkv1Fgg9P8E5R8JkbPOgAtb9yjHxAqDhtbNfr96aY3G1TtQS1EDMAonm0oOtwpg4KiCQ_IImA1VTxMV2mgNM9vzGOziHjDF7zWOSsfkLn_Nh0gHmx8DVywkGF6Zo&sai=AMfl-YStRFcOsry2cxnY613F-iZ8A5gD4CRVFzM3E0Udv4SrBJa_P6W7j56VxwuOJ1cxHwutMDZmH60ZEp28HRxmyB3VmUR7uH8agMM_f2YoaaY&sig=Cg0ArKJSzDTamVbxd0XIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame ADC3 350 KB
118 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

637bf6412d5c06ecf344715cb995ce75c7087dc4277c7ac9f47aafa29a3dc865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120275
x-xss-protection: 0
server: cafe
etag: 11730950347354220613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
DATA 200
OK truncated
/ Frame ADC3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8d4f9aff01bf57bd9730e2a7dfded16812b7eed6e11e7c7fcdcd18aa62dd610

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1AF7 13 KB
5 KB 40ms
37ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 14:54:20 GMT
expires: Tue, 28 May 2024 14:54:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 99F0 783 B
1 KB 134ms
49ms Document
text/html 2a00:1450:4001:806::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

21b9d0b18ea32cc8ee1da6224d976f29896e40306351bb471cfd60ce9e17e6aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MSmkBBXRHEE1pdJDKTUawQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MSmkBBXRHEE1pdJDKTUawQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:57 GMT
expires: Mon, 29 May 2023 16:55:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame ADC3 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ADC3 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8446 0
16 B 184ms
183ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357124&bpp=12&bdt=149&idt=244&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=3386230955750&frm=8&ife=1&pv=2&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.c2vnu3mi3xd4&fsb=1&dtd=260

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5388 31 KB
13 KB 302ms
302ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357136&bpp=3&bdt=161&idt=253&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3386230955750&frm=8&ife=1&pv=1&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a0kvkxex2sca&fsb=1&dtd=258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146ff2704eeb1b44f9c0bc0100b45f99bde389b520a2f1ea1d3a09e7398e3176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13292
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9B1 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
expires: Tue, 28 May 2024 16:55:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1FD9 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
expires: Tue, 28 May 2024 16:55:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5082 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
expires: Tue, 28 May 2024 16:55:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 565F 624 B
242 B 86ms
84ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhizzIScATAB&v=APEucNUO2PYgIS6i_NYJ53ShKZSFVM2hK2UCvxHIj9BL2fCRftA3ANBG_LvYE_kvCk_BK6Ecv5vCYO5ZMLvKgUK27E92GPfQaIIUsBEcoFI0EdCBiIbZb9aJFYVN5cy88TV-UpWncq1XwlFesPchXYS69aAJhznCiYM-p52qyWE8R59akbrulDE

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B9B1 78 KB
27 KB 168ms
168ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B1 42 B
63 B 78ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlQinEd5FXvIiho0B3DpHAEvvSS8TobJyXlarzNAt9CZ5cAYbhBv8vqOdgfAzVORARIcjim-cA401KFbZsf7RjOpHfGNxo8vinmE7Mngpii8npqwg

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B1 0
20 B 76ms
74ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18022748924589721669&x=1&ct=77

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame B9B1 2 KB
1 KB 78ms
9ms Script
application/javascript 2a02:26f0:6c00::210:ba11

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=QN94gh&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0h6Z7K0Cj6F-TDsLrc3olzv&DVP_DBM_1=1861733&DVP_DBM_2=26833064&DVP_DBM_3=16280343071&DVP_DBM_4=327231027&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43561248725&turl=https://ye-mek.net/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=970x250
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 16:55:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B9B1 8 KB
4 KB 81ms
10ms Script
application/javascript 2a02:26f0:6c00::210:ba11

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0h6Z7K0Cj6F-TDsLrc3olzv&DVP_DBM_1=1861733&DVP_DBM_2=26833064&DVP_DBM_3=16280343071&DVP_DBM_4=327231027&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43561248725&turl=https://ye-mek.net/&DVP_PP_BUNDLE_ID=
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7b73aebaf7b805bbda6868ef315fa129c8a16ba4fd7d68dd9ab666ca5eca8049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 16:55:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 May 2023 16:04:24 GMT
Server: Microsoft-IIS/10.0
ETag: "0f47668598ed91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3372

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame B9B1 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:13:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame B9B1 19 KB
8 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:09:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B9B1 0
0 49ms
47ms Image
text/html 2a00:1450:4001:806::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsTerDGUfkRgCgEBIHJG5Zk4iDYHb6xXd6T_uN60DGxfxT17qd8LOEXAWejD9-afGELyaeVBpzv-nLbJSzQmExOycOIw
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9B1 171 KB
53 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AF7 37 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:36:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 May 2024 16:36:55 GMT

GET
H3 200 container.html Show response
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0225 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
expires: Tue, 28 May 2024 16:55:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EC03 624 B
242 B 84ms
80ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjV1rLlATAB&v=APEucNX7-QBADKbbuTO72_fBnE0xtYplvcw8cCwQrnYQErKGVY82VviICUNDdgueX9xV9M-SZ9KSLmTSyS4X5gV1v2SYFB-sKUSuuuGSvMxhu4sX_Qtdm-vnWO4t67xHk3M4sKqrCAc9nk60noOpQYylBofF_wG2IGZMj1ZD8wG1FjA5jMfLBlc

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1FD9 78 KB
27 KB 239ms
238ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FD9 42 B
63 B 76ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwUPB9em6JuQ_Wn0anYsDHa2AL6n_Y8gs6nm4RC0K-AJtpxH6PunGYlkneMc0tsR3Nrx8tWOz1FV1G2GXJUtmqTrmpsOWySn5Uc4EBRLCWqygCsvM

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FD9 0
20 B 75ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10310541982910761829&x=1&ct=76

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 1FD9 3 KB
1 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:13:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 1FD9 19 KB
8 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:09:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1FD9 0
0 61ms
55ms Image
text/html 2a00:1450:4001:806::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjgBHXL72jSaDgpITfT6IEgjVRrBfoG0FKyYX8cOHd_L0imSBd7ipVjzPp5adDkxJG5JFKffg7W0ZlWp7k-XivBgqYcw
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FD9 171 KB
53 KB 65ms
59ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 container.html Show response
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 53C3 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:56 GMT
expires: Tue, 28 May 2024 16:55:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5082 24 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 549449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5082 135 KB
46 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a23e962dcd1332cdef1b7b483843503c551c2b0c7989c15f6a3bd8b022ed5d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Origin: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47244
x-xss-protection: 0
server: cafe
etag: 12109142704287049480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5082 171 KB
53 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 565F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

43 B
766 B

36ms
8ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhizzIScATAB&v=APEucNUO2PYgIS6i_NYJ53ShKZSFVM2hK2UCvxHIj9BL2fCRftA3ANBG_LvYE_kvCk_BK6Ecv5vCYO5ZMLvKgUK27E92GPfQaIIUsBEcoFI0EdCBiIbZb9aJFYVN5cy88TV-UpWncq1XwlFesPchXYS69aAJhznCiYM-p52qyWE8R59akbrulDE
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 565F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHTZHWSfR2mm5pWfHqFsSgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

43 B
632 B

36ms
8ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhizzIScATAB&v=APEucNUO2PYgIS6i_NYJ53ShKZSFVM2hK2UCvxHIj9BL2fCRftA3ANBG_LvYE_kvCk_BK6Ecv5vCYO5ZMLvKgUK27E92GPfQaIIUsBEcoFI0EdCBiIbZb9aJFYVN5cy88TV-UpWncq1XwlFesPchXYS69aAJhznCiYM-p52qyWE8R59akbrulDE
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 565F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

43 B
1 KB

20ms
17ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhizzIScATAB&v=APEucNUO2PYgIS6i_NYJ53ShKZSFVM2hK2UCvxHIj9BL2fCRftA3ANBG_LvYE_kvCk_BK6Ecv5vCYO5ZMLvKgUK27E92GPfQaIIUsBEcoFI0EdCBiIbZb9aJFYVN5cy88TV-UpWncq1XwlFesPchXYS69aAJhznCiYM-p52qyWE8R59akbrulDE

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:57 GMT
AN-X-Request-Uuid: 7cf47bcc-9687-4801-8f85-a47c27340f13
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 565F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

170 B
244 B

64ms
61ms

Image
image/png

142.250.186.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 May 2023 16:55:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 98c4756f-79b7-4600-9f82-f3270b15d38b
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0225 24 KB
6 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 549449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0225 135 KB
46 KB 157ms
156ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d6f7027b6051c52cc116d010413c5975e6962debe802c6860a3d003fd2e424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Origin: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47242
x-xss-protection: 0
server: cafe
etag: 4216924694923903556
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0225 171 KB
53 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 99F0 0
0 123ms
122ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305230101&jk=2342975364104955&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ECD2 0
0 102ms
101ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9HMLlw6pDIwfg-DeQMOIWSFmOJAHrCKFv6P99sF7u1XqYX4uRXGmWl4mY5I0nwu5HJSbdsYXX4d05wKULi0b6rocrAg80FtvZT3i6j1cKp3UIrG1XpVoh7IMgLGSyGWPIZhRS7ptr1NfpeBHmvQdmeMAspcb7xVPIS7dsvdMi6zZLuyZb9SHmbcD8mmh18bmRO53YBiu_RD4VCzrd5x1few3Lscmi0fHH_eYtbLDkobwIjO6cGYLUsR1lAgdtvq9f3vbdyhd70goMR8X3s3ytlm2bAAghYRPiU9RxILiUeOps-EIz1sQc7dd3hyIrdIr31PLMVwX5HbKhz_GY&sai=AMfl-YT-R8pyovHxoQm6Gbju6bxtncXIZ6_zoyss64rR9AQTTcetWB1G974LPTjJOQ4RepzyXhu3Qq_LoXyE_fhfAjoL9_74D9tNqVrcJmnz0GUFqURYgHZdsk3kv1HDEg&sig=Cg0ArKJSzHVbhu8ZuE2vEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame ECD2 26 KB
10 KB 150ms
13ms Script
application/javascript 2a04:4e42::485

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 -, , ASN (),

Reverse DNS

Software

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 14057
x-jsd-version: 1.15.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9276
x-served-by: cache-fra-eddf8230064-FRA, cache-lcy-eglc8600059-LCY
x-jsd-version-type: version
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECD2 171 KB
53 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 58A8 624 B
242 B 116ms
114ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_Iro4gEwAQ&v=APEucNXE5x7LIOiBRx8PGiHN1zv6gKbieU5drtcymbyAdx8-yyybbuokqOs_wVQu_AlkvqAghM2JAClxyYkmtQ5otmVPG6knuOrY1Lg6N64fB__-WvgYUu7k2uENDGgALShSWmFebKN-NtdM7Tl4QFoO4hoXSjt_b5F_poDt-ZffmUBaQf8I4Gg

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 53C3 78 KB
27 KB 117ms
115ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53C3 42 B
63 B 98ms
96ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CmvKvrdmIYuCa0G8aSo7HKIsrE44EQnlcz3vRWeMtII7Hdu6QlPG5-EKlb-UZlBDW_fzMthdbWRnB9Lcb6UMOcUZprVTsHags8yEp_2L1Q03aPfHg

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53C3 0
20 B 99ms
97ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2643076679039914839&x=1&ct=76

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/70224181/xbbe/creative/ Frame 53C3 253 KB
77 KB 166ms
36ms Script
application/javascript 52.50.83.81

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/70224181/xbbe/creative/adj?p=APEucNVrat-oZC2pbygOkMhuF-j3a6LRBYVFpEOlH3COZbeGa-IrCnw&d=CokBAKAmf-BXwkSUWHUwmEUAm1NRpAVeehMw8gLLLMnU6P1MxzFIpihiJ9uenpkP3qlNufPDr075Z69Lol1OzNcMWJ2wePejdnrji9y7dkpPqM0RGIm-qsmLD3q-W3GLZTvmlx9aFvFbXLOr1IQsm8BkZpEKN9oURgM2T8DZXtFOQ7c_Z_DCXV3KljkSqRUAoCZ_4JL5GPVVpWoMEU3qP17yjPKV8JZ0_NlrKtmymmgZY-vozyy_YfW8ZfxYT5pZ4tWgbq1JCnAKiNzpmZR9dgP2Vxlc4nMWb3BIdumZ1NH-wh-mUC7YFksqTUGaCl0J-wX_hvzjnZZ6wrJqVR9lIlTVPiVJYXBHPL5BOyiBgvbztfP7qTA_c1KqPTUZmJCfktpgSCzGPBoTIOnQ3vZcKTwbt1DupBBw2BGdhXbupQ8y7d5lTpYIj6R2OH7wEpYbvcNKm6-aE62ApEVAsL4eXEPaf81xCkgGFVPjIdGLbpS_dSZkanYmfj0LRpixX-EuN8oOVpcPMp7lg5PE3S0N0UVnkHoEqAZbNX7AicRWfrDOBTjNG1FMcWVqoLnPlGZPqX9kcwTxUgHFbAilIZFwd9q5Wzp5HTduePxGYTFNWgnFpPcRP7bJNFU_kgdvMr_gJqfNIyrsCseaKkNU1rHQiXmdJErckYYna1C5zrocO8Zhcsoq5hQeXlWF77MLoVD5UzPoFeJPGVpBfA9mljQQ4azYRcyBkW-o-uVN1aDa8HEW50fnkBD4vmA6yKrLN-2toQ2PteZ48Osse7ySVK9HZx8_hdsp1vPDoSVByn52JGk_LtCCKXRKguc0ljJWW8U6lSZ80huM_Hbuh3wiJQrFa0clX1gEkZKG_-q7_5oEfk7NVBQLXMy_DC8DIODchVQK3dL8YqSPt-Naw8jFPVp5aC8XPhsQsC38Cn7V1DF80XN1triHD6J5JpGiJQZAS7TxGbI8YzBUHftT_W0dZHa-Hua_2cDne5h-pJk9JeAGqXnfqrH1SfygfSXr4UE-dSttgDAfa_Ty0XKdlrMHOKiI3zw30T4-YiNN7IFyJkAykrHqsplKjMqdQ1_lZK_J7eVg07PT4uxb3uMEHw3fZWOMbtrWvsYoRXiyi7gDtIkG6MqyfPZC4mVqBeAnbh5VqeNBQNDd6s_UnykBTA6lR0TAMXJuX7P6T3vrIdLjERqBw-pDUPwoxwgiK0LcyHuzfSO1NxR9wd8SOgZqv7XE1l7U3vuGPS3GtV85h_U_uFgOaiJinvQKTycsEDIQE63L_sEsGOm4K8LZxaJrDncZkGcPqYrH_wEYjIA30f7KRudeVeg1oj3SRZJ-mNXyePPXcyfe1NlfoXrkOg_Q6FzJ_drdrsCW40fdvT_JOC-v5th5uQIrP1z0xxu8u1k6qexHsy3yUkja1enFUkOBkAhaFbOllxrEqwEchSNKIFA3iZtnD48dIRWxsN_g7F-a3whebWHmwAM0b8J6LCxmOE7C2fcf8YxaRqLHFd4LyYElWKvvBMcPzGtif464SXnan5ZPi4MYbitz6c9RA-bsIli-i5GaNWSnJf7et4_lXI6OyiLD7upI6iux40AjNgiFKYEUMLiOmsJBAsatETIqmwbHuCN3q_36Az3M-JoCxDa0aukSW5UFulDF4ogvFMZuk0MQBOQ-YQH0iHqQOJx-BTnMh4d-QuGP6cxM1-uBB4cx4K1GJjd7EcLxLUo5kBZr4s4aJT7_hxvjYu6BxIlCK2IIBZ4MVzzF8ZoKmfviIOC2bW-_Em3dZSB-W5CwHbPWKSAfzDAz4gEjvS00wovzXQ9HGLoWukhGzByNgrFc5BD4UanSccMqcEzMmzGYwI2Ctk_90daqvCRKZi_g5ZmHN2l1r8HD0Kww0mNgFJiIqCt3GyQJkxbwIudloSSTAgYyugojOO80iehgpVTP7yXqj7y74ESoT7BteAImhdklb-InU_Rjn1y9zIljnhP2Y5xVEQlBwxvUV3UlM5MDH4JwTq2qYjuZLvlqu7fgCzdWSdijetzfswkQY1s3nBcUzayXpzPAcyneWPbu3XIRkwF4vQlhOawKesM1UFa_fdLtMAvUVaXq84BhLchNfJLlOGHF-sh8IxGio-K0mAeXUpDqa5CPW1FQ2dEjKQbv_nBg3iuuwEud1Z4QyNL0RL84vKUonfUeaPeJy99mu-KrMPHgR9eMUcfCjvCLN1Ka-NlicISLwFjEUjpphRhqmJReHxfVxKjv-QOdo7BN9u4PpFFTa-OXiyyog8o7AXLKDhcmzjUMFbcizno9d-xEJ5EbbzUXEOuG1bO6LMS_ar6MWSOCxP1ZG65tdcqD_7bN-RRF0rZIPs5QY6hC_8AKY4uojVQ4z0trtz5G40AA_xvYcdmQffN3tHKEWE9z2IwBgeLt2X_qqYlAkn3hTh_s2gmJfYZRuofruJF2egM5iPNhAP9Lz8ikv_ESrS3jdOtZS1ySIQ4_6vST7CiXzcpeMzFTuDfTKtvGdBaumzHejDpR-UCLSAKzBqcKvuO28OvDe5GkpjrQtEJsdf6jITYO8WdaulwtyqyLaN6HAj2-RGN-4GE5zBJY2lMUFsDJkJpm69Uifqtl1iOlXD6u0pV-_wF7GuzQOi_kQwAbj_MdwI4xw4H3iUmwSxHygPCDF1dWXiKgnOgy3Q4H4IG8iIuMEuEocj7QQemE1snGmGVEkLAOoEckQOHtZqlHvUY2e81-dm1HU5QTUelVFSzzjLPMOXGt3zhCCHeCwtOFleH309omTnn1Xdt5buMDeGKbFJKCOIUAyLSDWrUlxTkCSdXL9bkcC9TyQ8NF3mHrRTpJLXKa1FtYuz5dRqrEl4Q1puJUeYYSe8m7TKQTBm5JI-T3_3zQCHa9qygt5Dde4qTTrHknBHBgtBaxYWTJb6AGCTnOxEKROqxkyFPPaFJQudP3dQ_tUmuZzAunxeWSglggV2Bp8X0QXkig2gLG3LsqoC127poAojhXzZDHx_vurITZJYYHrt0cxBJHaQzJtps-Z4x1_4Ab-dFbO5FpahCRQoygcrik4VJSlkQ4DyTea7YqbzaCJz9z_OiTP1i6iDpAT_5NZPNMACriimavqD20ABm3_6R-4qBQqzzLmuGoJwl8-uGvvlu6E8Ncj6i_IqWXrOSFNMDXK9Akv-_PeqvyPnz940pHOnN-3CQttDsfRCH_Z-pLa_nC3UdxsIcRGKX237YB-W4dNyKIGz2I1aTBgMi9iA5JxZteKagXcA342AT_uvCg9S9EFOuseX2-zlk7E5106nkKoQA-W8paauvddZaHaxT89PCla7di6aPMIyNUaV3e12Q1LulXfc1Tpr2vlM5fqDTJ1F8Odl0znuq_DoD8kG7qnxmoeZU2w1BWcMvQiPD8JJQ8iyQrNlZ6WoqcB3vezY2Lq95Rvc8i0YjNG4rCe2qW1oauGw0PP6q4v1ImZBPGNaAPh7MKQ-TUOH-9u87IQd4MeWIhQolTElVRNpT9IbhNM9vmnQoGkHyI-SKvx93Cp_Zj4YzK6wIqz8Qum0_qE8ngN_hP1HJOKdBVgtObxjf_fIt5wbUHzS4zdHPFDRSpKN18b_og3sE31CaynST9oQblsOxkZAcK0xrw12k9-GI6ucmQDURTtTb059OZk-79Zq7rUNT2VKKeNE2ZywTh_mcxv3S0AU5DKNc6jqTOkzi9Bv9WlOPXciOaB6l4XSrsKX_YTBgY9DmZRNBI361eZUU8e9HFZ8cPsuefkolXLoU7jppPY_kQoWvs5dfgfyUypBx5gzKaNUueKaAKnjtlXhu0G2xan_0ZHqPffQ2VeBn6PgIQxID7muHYW4RaUpmPwxpBCAQSOwBygQiDcvSYLHPEKTN30Wvxk5crjLOVwjSHIZaPEV2iPuaax-JMB-d3xZprl0KEfkIrcLTVUY5rgTa7GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782787846&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iIRIIyT1hXZE9cYzSqhyA2
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.83.81 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd7d0bed50537d1011409512bec30d5b089520aa2669c4dd7dac714dfa8446a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 53C3 3 KB
1 KB 96ms
94ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:13:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 53C3 19 KB
8 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:09:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 53C3 0
0 93ms
91ms Image
text/html 2a00:1450:4001:806::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBebg1rINomK9w63Wqp6N0UL62DAiQsPzXx65JBjo7a78pOObxkdOSa9aFRSG-CevREsEfPxnFRdXXhA8z8vSpY8AUOA
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 53C3 171 KB
53 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EC03
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

43 B
632 B

37ms
9ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjV1rLlATAB&v=APEucNX7-QBADKbbuTO72_fBnE0xtYplvcw8cCwQrnYQErKGVY82VviICUNDdgueX9xV9M-SZ9KSLmTSyS4X5gV1v2SYFB-sKUSuuuGSvMxhu4sX_Qtdm-vnWO4t67xHk3M4sKqrCAc9nk60noOpQYylBofF_wG2IGZMj1ZD8wG1FjA5jMfLBlc
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EC03
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHTZHWSfR2mm5pWfHqFsSgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

43 B
766 B

24ms
20ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjV1rLlATAB&v=APEucNX7-QBADKbbuTO72_fBnE0xtYplvcw8cCwQrnYQErKGVY82VviICUNDdgueX9xV9M-SZ9KSLmTSyS4X5gV1v2SYFB-sKUSuuuGSvMxhu4sX_Qtdm-vnWO4t67xHk3M4sKqrCAc9nk60noOpQYylBofF_wG2IGZMj1ZD8wG1FjA5jMfLBlc
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EC03
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

43 B
1 KB

20ms
17ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjV1rLlATAB&v=APEucNX7-QBADKbbuTO72_fBnE0xtYplvcw8cCwQrnYQErKGVY82VviICUNDdgueX9xV9M-SZ9KSLmTSyS4X5gV1v2SYFB-sKUSuuuGSvMxhu4sX_Qtdm-vnWO4t67xHk3M4sKqrCAc9nk60noOpQYylBofF_wG2IGZMj1ZD8wG1FjA5jMfLBlc

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:57 GMT
AN-X-Request-Uuid: 0b8b76b2-afb6-4347-8059-570b94a90c9c
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EC03
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

170 B
233 B

51ms
50ms

Image
image/png

142.250.186.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 May 2023 16:55:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1c0a9ccc-630c-4025-af44-098a3d90d6a6
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 5388 3 KB
1 KB 87ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357136&bpp=3&bdt=161&idt=253&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3386230955750&frm=8&ife=1&pv=1&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a0kvkxex2sca&fsb=1&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:13:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 5388 19 KB
8 KB 89ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:09:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5388 0
0 61ms
48ms Image
text/html 2a00:1450:4001:806::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyHWbrqSj_0ok1sRoR05XGl614Bto3z3I67zxxSINdhZajNtL0tsBbjjb_k1h2et7nlL1HpqeBUCVDemnMWx4ZUUpDvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357136&bpp=3&bdt=161&idt=253&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3386230955750&frm=8&ife=1&pv=1&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a0kvkxex2sca&fsb=1&dtd=258
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5388 171 KB
53 KB 64ms
51ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5082 0
0 126ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbTvvCQeI7PM1zWN0fzjVUqe5TK8Ggi09xw-EMQxia-GFsU5uTNe5pFn4r2Ak7ltZewDMWjzrJZTSb34ge70i5sf11aBZHcmUHHI3asRsEg2mqUCe6xn2SpwVD1LNJrYDExfnT0d9_W0zRq1_zc7ttFpRRut0gGmv65DeWEhYFZF-KYrELrWlt-L1Ac1b2kwrG05QqJnUtkcq6ecMezmj1VUnsJuMdr0-IhoANlFUrMU41eLvqUCPy04vPnMOY4YYWWrSBITNFDGPE_RHagZlOSenPpIL6sa1VmPWzZp5ZvWpa0VoH1-14kgQ9Amwf5qFF8m8rNGQcUcTl600KTGjCu6ZbGG4AQq6IKL_m9zx-8IL4_Gs&sai=AMfl-YT3fjYIbO0UpozEoLMsziqgm1Gwxr49G3NvxZegUXYBU8_0ZV84u7yd_qed_SStweAq_3zJ_hcxtrxxOPQDjLs0jQaxWrYxK3ahEX3AC8Ztfd9LR4aM3VUNn5lVQg&sig=Cg0ArKJSzLpmliG17BXYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0225 0
0 83ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTRI8vJD3IFTepo9B1ZX8RT0V4bokBAc4aNzFP3WSemdRZyWz4-8UnNuRweCvQVh3h3bVVgkqHrnvlJGRqBtWci1ZyXQhwP-vG5JnCstaE4dpkwuwBSH9xfVW1qrGlRLJK1n-vUrqzbsXIVmHSWqb1aBQPDbk4u-N20o-XzwnEOJTOD4VQ-fjt7bJNvnz4HJsUC3Ci-teoBXm-LjAxpRnZG3VnXDF_8wYKjtJEwQRfEBF14kwdA93s0AJkIRXcNq4DBT1wAcka-TSo_nHTEdqdLPzBEwWJi8niBhece9Ez5PV8sJlIeh3KXK4w0-txwxPzkJm6lH4a2aiLtQ&sai=AMfl-YSS8cWG2--w_HMmPlLXqqLf5mStkVvOlD2vEr1pExZSsgpD-lXOT3HQjc5q0RYnwklScYE1dvzi9zM0vRFAkRXZ-J_94UvfYr9OBOnjckNAO_4Wi_JZbfgDj5CWpg&sig=Cg0ArKJSzIDwwpxS5NHsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B1 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4471650128446&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B1 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4471650128446&version=m202301230201&ct=77&x=1&cor=18022748924589722000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B9B1 32 KB
18 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQ2Au8uCNqBlRHTzK53bZE2sPXx9KkDawKINkkwVdwTOkNbVMV_r_2AchjG9skbC2eGXE24sYYUIGzc3lEO_bxgU4QJfTRxdFyep4dAn5ftNz1n3_Y_RbDcdxRKIA0mkOsS5UMnpHObWpVHgsHk3RKlC9P-qPZBtkuVZG1rkhYbMEMcN4&dbm_d=AKAmf-BAvBlvsU_-PI64Xw8Ffh_RbHRgQStp61A-9dyaz1rHrKAsiSd0FpZ3Xb2ZhcExn1LjgZ5bj35wCUVlBVLeB24PN3QBeE-OwwN2a9u3-2GuLscx2SYPysAVBRTKLc1Nvsyoz7DM4MkZaGJhNDpXgF34MVsWR3tAnT9SxnFbo306-O52QKnP5xwrwq6F6eI5jhljb1YJX2zguz3nt1bobFV4EjGOIKnj8gS5qXRpbMYHMXuhDw7SKpvhgT1liH2Opmd_Jjsl0J4V3LxxGdyrGeI77FYsU48_Nb3CY1rvkG16Ad_tYi3oV8GA6TB7wMS_wXZnLNXqMteTbvxNhBMQn0WEEozfIR67KO-l1Z_t_KScxtliqW7x3miF6ClemiXiFNfsyDdC7DfxH72qazgKFIGEUjV-yaB4g8rdl7kmVyaXDuXwbZ7Z571J68eYXRILS43qzaJnJeZ0cq0YjgoVsw4VBwvroSUd9BGz-UmXIA1i8P_s48az75isp25qxgXQFZY50_1dF9na-KBA-o0v0hFR_gguoImXaYZe-SYcNIoS1TGLcsxL7LQY2sABxMxpzGxDNxpu2F38s12hHKdgbiW4Jf3y1lNr8ejPMoufJmF033zhIJVAkPeGI7vOMpLl14k_KX48jfMRzR78z34tUokQnGxrwvEDkweFbpQ7GwRo99EOB-VUTBx52lO63zCkO0qEjaxQRppWeU9r4pGeCQVB8aFIqdMt1wVoQ0_JmFPe5CY3jp8Xs2ihV9i2Mzy4kBgJSGEu5V1XoGEFSSl_umvjpAAsOjxidxyt11tYknBKUUOvnQdm8AkEochjNlU1z2xdRxiR1lhRla8sBT34XiY04cax0efHUbsrIPb-0CncO4YdDubTaQWp-Z8sFEOapIaHpLTPPachvGr4Av4JyLkqjkXtiLYRqj99SeWOCH28KmmdbvJ04jdwmIi0cmMt96NiNxkBQGVEWj1kYlkJ1tIMHHvpvP4HdEdeC5g4OYaf03ekysCwxDqGeb_ReJU3Abl2zVx5jOsAVGecyqvh7YGbdEvD0vI7peAHWsCbEo6ZEjv9Ka6hZ2Esc_27TUV_k5A0QYIaCMTnBGqSugnAcvbfYCi19b_QiKPIPI4Cu4ITiKgn8H4wY8bMNMhapeOomsx6hu_2VyHCfm89cyNONbFE3fkYHFA_r0XaL-YZ9UCYUv4kC0PfMpMYSE9g3-EpOsdY2tVHm1Vi7ny0yBimkYHwmmEqsPjjsSDBOW8Kqs02_cJxxQNbjKQKYRkVaKVOCRmTUn32mcpJy0UwqNLq62Y14pA5HCvlR-9ZLE8WF0Z8dRIaEoLz8ftg3sgdhYZIKmrj--CjIVN3b8Wk7Eru9_on5iHT6yGsIZWzvBAXaGL1wVMAWqdaX7wa0DeMQZPUH6MYUn9MMnpzPEwPlq8lc-5C6N021yh9fNF5r01hcN97mJnIFlZ_ctjmyJS3J25O29jbxeCBMRJE8rhKFXTrHQmC6YUq_Ghc6u4nYagFl3yCSCIwfOm18ddA7NPT-irWakrY4gkjg5u5JVR7dAZv0yAzq2ZwhPlyL7Z-JRWHiHaixk611jIpqvjhuOXkXPybDZFv6gSN-SU5efAnN6zLESDxilERPB_Cf-Q_F58psId4-ZqyMoYZIyCunv2dY_6V4G4Un49ekBO4wjozBjDdowMj_s-tfTvH-TvLtqigphu0PuPujmWdbb1yC97SakqCwNNlyob-xw1H0rEhyPnginFNQVi5814JwtvSFEuhX_Kct_BbCfg1iY6dqS4tRqq4mdqhRJYxLckynw6ehkBNDEsfOqIeCR2a22wa6_xye5AH-NIaOFTV2P9LErZD7nz6AlQvCRgRkmvs-vYACACY-g9_EgA2pYUaZP-CicLklM5POYlrf1VQGuqcJPdaHJiIMLzNzW8sMFnoqG2V98tkZSJxhAKwoAGL3pmi8xzUzAOp0P_ljco0DLIKv4GeOokzBieWxG9MH_fepEtov1StXkM46UgYo743JEhlVSuz1GGLYYzRCUzXqdazN6N6tEvx8ChSjbVnRYrO-lYus0EelHGm0NLl0eZAmsklAxkQzUJPrslzIvYZtEBGnaundeBtdZsWGukaHzxvt28R0Kvhs3MYfB82oCUbNLIeUk_ntkC1zztMLX5ajY7qcQ6t7LKVQxqu6fIUu2-gzc82gfv8K-FEvErSkI60EeZY3NIP2YYTGcXP_MmdYx12XpzLL25EvValxj7NhxuzyJ--C6s1eNzpd4w_Ty2tdOAw2r1zXV-wzWysHvkWxG2pIaoWcookftUkZ2Gh5r3Xu-7ZFnlIul5AA24Ye4kAQHtVtAbwRn-IUVuhZqxzO8VM2SFgsTNNCA1B-3JVey_rC9xvYyfK_hWGdMrLKl4i4j5g1la4CZy2k33kaBKQU0AmJFJjciow0YG18UYWo4bYBsgJ9_Lp20MNp0m4gKXQwsjMSId7VP76U5dsFwa33bmwHuurrk6wBnxbQwcXojxASEwKgxI6Vs7UgbopwfhffX3NQF1CI2SfVKAg2tes1xRLrq0TRD9-77GdfxYum2TFmfhploMOHt0vycO7QFjBYVO5rTCb59LOceKn4R2bbyzJWY5mgRYl3-zTlQag88w176AJsQEI-0SBJNDl01-eYotuTjhkf7ehwSh7kxbMcnpivH-n6QNBMpzOa5oQDvem4vTK-rysamzZ0xTxf8mrULaBJua15_MU5hpGz2YcnlqDMFsuUVCJbD3NG_0PJj9B2c2gwXHix1JXKd9ag59n0rkvIBm_DlnYR0CoujgDF_9cPGrXkrS1CBCUno4A7Ti2sHo4csiLMMyraz_0ZyMkmN1lK1gI9eFLRFfXlqvs0aryYG63OnUVzy1bhL5cU69V3lAIiODgdzRD9RzlTayngWIFb8r1ujmeu81i9gOtL4tMWF617fcSwzVPrlAFskag3LRnL8t-dOohOAGSq57rDIRkIRgvcRkaCbk9X_8Dxkq9ORm0QwELN8hH3R7of20NczJVXe__0p_XvjUD_fzhYC8oLxuf3pOQxu9R6JTTilHsau6V0IHNnYR3eYBELX_XyF3HWTyighW4T2pvQxsmcjmGlJvb8M8v6sZR39GhQ0aPaUqeWc0XN7_VBvEXNqy0jIoMGyYkCpeI06Ip8QuRjVJaps_Cd5MQt7lmBam7mDAWeQcrzQwV3_ht_MOfUwYU4hto7HOR-jOGNLo_ClLMsi1WQleHDFrtf7HUhb8J8vuDjXblLJh2SKVjSFgltgtNNWfkyoStMZUCfBx7VY86XqizfW1PqlxelX_tzXds2Sm4nBZzQ-T5G0xqZ9fkW09PIKlBuI2efPOKZIjxphbWJNNP7M3ozwPrbY2-UGMbWVJQXCHz05CSwfGykkCSnDVEiSTn9WFvYpdUotPpI7MRzjN2ngoCpT0hYwVms6G5Gaa04XOxK09U6dLrtZD-JuSWHpNC34OMxpVRw-xHJJEMtHYf08mYukQsRlPN3c2FG1hZZV6DwM1oC6_yQUYOD5DMZQdxKuP91oK6V11inb3KxUiWtV-b1lZKKDmgZsl3VGpfPFBd1CqzhGmCz8gMVTFO-CtOdEezdGqIswTmpYhWOH8UuJ_1MULrlqaGrAzt7PCeKTWX6tH57IOuRb2pWMS_E1i6gvQccdMse_0asVqWa3HV48IXqNluouzb4wW0iw2rXiO8UbNo0lIK3vzsOpTZtRZrMzk7zlPiGva-_0BquoLJ3MzJXrtimhszW0Fte7zvOVcaZdY1oDAYAKC18IPJJ2P6gLl3jubYhkSLdw&cid=CAQSOwBygQiDEPZ2Eij5UCxh8ltIkjUH2MBSjmFE2hZRykKxEDQ-Y6TLRX2oi0jHirKMcEbELqhA2IPjLTGXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=18022748924589722000&adk=2465470143&idt=237&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfc70fd67c3338f3f99e2c456e9143d56107b41d28dd6a29a841659cc60035bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5388 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVEEnHdl0ZIaLG4bitwfpzLuIBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApaduozx97E-qAMByAMCqgTSAU_QRz_UVU6YhuOng5asQosAtMTe-rN21NYaLRnqMHKv3NU2L7Mld2bF25uEveZAyiKLo9dvtBAVWClDs_KFCu4W_HoqJW-ghietSZRTsjqerxGKgsZC5Ld7EqHP8fM861fOuPlmD7dAp4EqWhYBgiTdcfVzRa7YlmFmwTiqiXdQWp90vgXItNBBZk_fTUtAwbPU6weyhqy0YBP2Wi9IYL2J3gEzCAqmznJ0u0c4NrJqJae9667ZnFg6ySWh-6hJZ5VIC6N53jM44VYUzPmaPzJ6c4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=v-1Y6hkw1QY&uach_m=[UACH]&cid=CAQSKQBygQiDsrbJfT6Ft4t1TTxh_mXBzti_OTq6JvUeOonvQkJsEsmmulZEGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357136&bpp=3&bdt=161&idt=253&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3386230955750&frm=8&ife=1&pv=1&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a0kvkxex2sca&fsb=1&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5388 0
0 119ms
21ms Fetch
image/gif 2600:1901:0:76b9::

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j9j5sfkrs3cgwm5fyskh2f3vyz64se6w7gjvxe09kztgswvnafc1rz73rev3egq4f23fytpr2qwbnn3gcq9jgmy0j5psy2tewrrd6hh4b53av5wjzc7wksqx62wyykpc6bpbxpdgepxzt882f0e0kkhphxjy5x2kvbw23z1fzbeyz6qfe78wcb7ngmnmj5f0t2rghxdzcvsj9yy2manvy46dvg6qdsqpzn5yd7tkqdtehq8w0kxhj9z5kq5sjgrdv6t1cacm9ebap5tjq37q3tqx5emqdt5p0x6fysdjv7ykeme5x85an4t53em2xvnm9m9bs77gw5a3n42wzjkemgnzjk4xb6qvge9v72er4tg2jcjgfmmggd4kvcb0zk9tj8pxacpatzxyjg&b=ZHTZHQAGxYYK7fEGAA7madAiQBlBNjT1qx0NCA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357136&bpp=3&bdt=161&idt=253&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3386230955750&frm=8&ife=1&pv=1&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a0kvkxex2sca&fsb=1&dtd=258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 May 2023 16:55:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E8E7 2 KB
2 KB 144ms
49ms Document
text/html 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h7x3tmfgeqq81h17sfwyk7m8rbycyp1aqh12f6hdasdj0djxkk6me0q32e9cxfedsbvxzyde7pfjj1b3yynt6yz0kwd613btaqtz4g78sd8n4e68f9b6910ankh4knfp2ms5qpkmyx455p1ca0jazypwcs60n2ehz0xcfxa4mckj9k92cn3ww790msep1ta6mhmqcvdxr0qsv5zmza53wz7978z6bbq5mbwxt65nj8kp9r6k322gqwjaqtb7x7k86r48qgn5rmrccg2xvgh079241ncwvzmwachfpgsrvd2axc5ebv1d1w0ky1g41b34zb6g14ng799n884kvgyhwf4btcskccgk4x77an3y8gqk0z319qy00gp6979hw8mx54rac4q63w6metnpe9gd4xstpycv8kepazfa3v04326r876ehfy62wyepf9xajnwjs8kv72&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKmocHdl0ZIaLG4bitwfpzLuIBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApaduozx97E-qAMByAMCqgTVAU_QRz_UVU6YhuOng5asQosAtMTe-rN21NYaLRnqMHKv3NU2L7Mld2bF25uEveZAyiKLo9dvtBAVWClDs_KFCu4W_HoqJW-ghietSZRTsjqerxGKgsZC5Ld7EqHP8fM861fOuPlmD7dAp4EqWhYBgiTdcfVzRa7YlmFmwTiqiXdQWp90vgXItNBBZk_fTUtAwbPU6weyhqy0YBP2Wi9IYL2J3gEzCAqmznJ0u0d6NJP48l46q2Ze1M7ggLdTwrxDyp9mE375HHqqGcIK4OFP4606u3Hk64AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3bcXPDUhbyo0n9wQEbYBtU8XX7Cw%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f666b91a4bc5812fc2c44fe158c217dc88ffcdfa34b7dbb94028b382093c6d42

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cf0449b7a33240f-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6D55 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Tue, 30 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 58A8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

43 B
632 B

10ms
9ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_Iro4gEwAQ&v=APEucNXE5x7LIOiBRx8PGiHN1zv6gKbieU5drtcymbyAdx8-yyybbuokqOs_wVQu_AlkvqAghM2JAClxyYkmtQ5otmVPG6knuOrY1Lg6N64fB__-WvgYUu7k2uENDGgALShSWmFebKN-NtdM7Tl4QFoO4hoXSjt_b5F_poDt-ZffmUBaQf8I4Gg
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 58A8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHTZHWSfR2mm5pWfHqFsSgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_Iro4gEwAQ&v=APEucNXE5x7LIOiBRx8PGiHN1zv6gKbieU5drtcymbyAdx8-yyybbuokqOs_wVQu_AlkvqAghM2JAClxyYkmtQ5otmVPG6knuOrY1Lg6N64fB__-WvgYUu7k2uENDGgALShSWmFebKN-NtdM7Tl4QFoO4hoXSjt_b5F_poDt-ZffmUBaQf8I4Gg
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAvmZ4-TN0W_Fj_pG0C5Ntg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 58A8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_Iro4gEwAQ&v=APEucNXE5x7LIOiBRx8PGiHN1zv6gKbieU5drtcymbyAdx8-yyybbuokqOs_wVQu_AlkvqAghM2JAClxyYkmtQ5otmVPG6knuOrY1Lg6N64fB__-WvgYUu7k2uENDGgALShSWmFebKN-NtdM7Tl4QFoO4hoXSjt_b5F_poDt-ZffmUBaQf8I4Gg

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:58 GMT
AN-X-Request-Uuid: a3017329-e92e-4731-98d4-4c554eb96ccb
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAQdqRei4MLGnkGRTRQHTS4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 58A8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 May 2023 16:55:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.183; 185.213.155.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7d41c8d2-7ea2-4c96-b99a-9368e0c20179
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc2ODAzOTc3OTcxNDY2NzQ2Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0225 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c70b2e784cf403ad66bba90f929d9f37269d99a9e79c285f993cecef58ebcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5082 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af7aa482d5c655acc59599f546343c71176f6a1fc8dcf58c4ee376e1616383df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53C3 0
20 B 73ms
71ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2389718674787&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53C3 0
20 B 74ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2389718674787&version=m202301230201&ct=76&x=1&cor=2643076679039915000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 53C3 15 KB
11 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De3p44z_toAPMx1wRNxnqOqphCfP0ifmMGwqRurXNLsZG1f-aQivQczDG7G_IWih4wNl8lO2oF3IDBviIcUC_9tel2wsnmG1fvUM4ESAkUO2cKTEZaL3BfF91A9fMMxUq0QPIdE3lBWLLGptN89GXR2kh1PulveZgfSTgFBX649qEUHhU&cry=1&dbm_d=AKAmf-AkLTk5s2oh239iefHcdykFN5bzxElQxac0HDorEQgGUXjmXqLPuOwfqJO8c2AZf5usII1966st1n4ZcjovjgN1-J0W0At9_kRyPt3Cjuqj50UsP_o0cRvkLrofHN9tFhbBoqtKKkwgfd08_1KIt87Lgvy5I0Bf3K0VTsm5NiKsFjzWGg-M1oVvKL2iLWRAuNYYevNfx_C2ot1D39fv-sQNTTtv8ftHPh61oa2L088Ub93ccqy_hUvAk2o9JhXYW91GklIKhjIjfy5co2SPbwrSaNTnoJFlQWE41UwS-Lt9fODrhCwmhU_LRU8p8FtApN0uxclC7bnTPOE4-OJVh4ORRQTVupExs1ao2JqmePMtBjJ4A2SoTu3kp4crZ8OHnGaTtp7Ew7OLQqzVC9sq6-kUgZG4XGoCxUojmsMv9esr-fccLoD_ZTBhrFLACHd1HjRwhI6-IivVDeebHv9t2O0hx5NWMNmeL7toBQqUMQ7UlQkuq7-INhwiyDTfMIdOghXtJSrkoNeSOcfoSxzPkBGXJsPzwg9hedEsAhIuyjlZxDB2YYHNnaq2YKPSIyMNuAtZgTExa76BnpNo3Vv5HYO5-_x9PlXuhuZET_UZh9pi3RV20gMIYj9Z_sLDSGp860ZD8nC27i0qlPPWH-8nRBCDrUnEY4czE1oLDMtQrXVZ39dzF3IKBpx91DgMVq-Kg-5gEtkYPKxZJWt5dYvC_wIRSvGfbvhbkrM1FxMvZaLF_c6AFipFgL_c3K1OCPAFVFAZ_0a9VjVfabkx1dMU0mgMARJaQbvZ0lhLl8ShbTR1fI2vrSgc66cGOwrQ-K-oXqZj0-HsR8z4BywHI3uCHwaob5_FOLC35fgMhhCtOyWtQA5dzFOb2niQY-c1A0uGnKRCG-HbkgkFUHPZiH5iTh06PQ0k18_1rUe9r2Qjv-r6-aV3dpXSMAWMaN51bUQZYJaXc9ceJSkQ3wX42Z1AGGs4JdxXg5Cbs7ozMCNmIGtXrE3f_j7-4Hr9U7cSWUucNOFFtQxUFzOwfktlAc34chDzEbpE_m6GmYclmbELckhdmYZ5uCq2nublFTRyMEO_rGkZA2Od6xDg-HPLbk1e18SaAlOVm_zm572dxq6T5f-_eVP5F5iaV07NYyRnV4jNJzfo0fmJFF7t6g4ZAircR8Mlg5WShsrGuOk6fEkAuXpeiKQTN_TC1ZXa1f6z93xbcMQLvZRXAE-f9teCL1ufZ53f6-dTT6J1dvAl7uEehzpO5Ntwg68_dWEnB1SDEG82mLAKn50yKJragaQW5bm7pOIS-4J8dbtCXMZA_Bpaxydps-cLz9xRKkgdsuVcZXSJo1KvhdEX73WXEhCjAepq3TWJmVRljjsH0wBVfcrYs_a9ISDNxLKClETym355CmuUmCF6-kXkALhwwxg3MchPovC4ej7DgOAYJkPiIRsAYVlOumhzhfsdBGStOJJyAShsOGjTqe-L35dxknCD6aSr323MNYtY2pnFHyJrqtTxtuZbv3apZEXk4EcjCp5iDR3obttK_-zLurudKYoP1CV9B02p0GPwr0LcLEXW-pRTbIxNAwMf3oTGFNqMfHuUYp-gB1TFPve7X33SBHDUfAHFcrqb_DqDK6XEiOEtFK1v9zVAeyFkgRLyDNmudL6YF3zOGAUd0okA0aWUjTFUAfCqN3IqTxdss1FuKSHzA0aeM1BNJX9Pkd-JWbRHqJTuCyR52XFiWk99tgo0-s5RBJP23Y4pHo0266wm_nl72NpuqxU6lqAhX1U4TfdD4JnKvPaCXMunfjMuNTnQr5DRGK_O78u2MvixvRuW8XquJjQrfdGJ4e2OKNpTBDjt6Y2Q9RPRopd082e8iQJBuNten27o0JDdZ6m1HiN25vdZTGwwzjXkbre18bcJclKO6zUZXCsPicyRjqeQh60o3iSRiTGtwcHz1cdHshpXrZxRsvUIbYdC5ZQDdkqsHBVuFoA6YCGcKKqVAQpWPGuLGNFPf7GtLrsqiCgdq3_01kQ2x32KokHrllNYle77q4_wLNXwht2DZfaTLLyr3W6wO0o1nc4QoRUWlnD77fDQ3Dr5sCMw5KxxgyA8GVfRxjhy6f5xluEA1e0Vk23g2VngU_zBd4k5jv05dCh5MCh8_g680IMOGGMaiwytFEnNItrHoToQQ2UDNh5tZzjv7owTSKNQg7MdiV24v2l4_C11BGfTa774PqDZbPYoEhvkf5kWsirUqtgVHxCpc9LAyvQR3zfQJhE1wR-VxoCcqOpq1pK4T5_z6tViUQksNfhhAqHD9jOtVdOStonQPBkqyaR8--8nXVIVOQMoljwfjLd0cnQiqV0ob5tfPcraQgTSXH1rfdHt5sdJba7XqvPw5J1stsZ2e-aIMDqT6Vu21UuKcYTi0C_gZy22h12i4kobOG1x0M_u_4iXecm6RcKiMnJckWzP0p2tw44HNx1qWTXJMV3TRMVi9mTWI3zKk-a4T_J01PBbA_8RCYjHjwC0Mrv-w2S1y4N1FZ_Nue0EXRb7ibSig2TBkURlj_mG2_Zx0WPpKtW5Bsz5GMpfidj8hSKbZfbkDQNiZGFm-2NGh5nFZTAwJKSgnquiWQpaNtJh-5Kq8GQH_c37UARSXJyZ0gP6pRdtusZHD_I-vPKmcgDXgvNuEJ8bcWMToEeEw5uvPtyAmyXowwq1SixfQDvbGXqPW7Q-RIlK-3qicj0qwxc00fwXG4fliIAHyK-9pJyTmCwy3FfqvOTCjr4Vexexmdzkj6EvZRS8OFaBMMrzJ4EXNvNtfwW0N9dx5DDvMfsepWXXPckab9AuTPYn3JwtlDsEv_fSlMjkDp2qDx6FSj1EXS91LEnGImY4c5aZ6fPgtgks64TL0h6nDVe3mZkOJHnReJpYVy03JDRVnLB_Z9Zkox3DAgtwBD8neA3n3q0UK03pcgZmuaCJS5Q1EahBiOHfRGGZm8wUOsdiRvTBakTuYCYjhyhtwpE1zVFd6Fd9rdyA2XizRmfonS3sxuvD6-NdWnDm2aIRCYd0wdStZ59L4WekVd3KWzK-2BeJjSGfRNKOoM9Eu6VUd7MtiRZq1LFDiWNEwHXiV_KzaTpOss9fNP7W0kg89mMZnthEH5flMw71-MQpK6c6E0zR2ggr&cid=CAQSOwBygQiDcvSYLHPEKTN30Wvxk5crjLOVwjSHIZaPEV2iPuaax-JMB-d3xZprl0KEfkIrcLTVUY5rgTa7GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2643076679039915000&adk=3860319555&idt=129&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09ef099dc07be358e7c594faa33ca344541380a094d0631060d5ed73792bb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FD9 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1829802343179&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FD9 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1829802343179&version=m202301230201&ct=76&x=1&cor=10310541982910760000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1FD9 85 KB
36 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6M79UNWoMPde697Uxikh9optP9sxlwczv0MYVmQbXvj6_snlFKhPmHddulEGDvKnKzdb6JqFX9oNg-5fH7yw-JYWkwjwUzqXs3QxWyppSrIutPuhAgWbGpjSNejPweermeMOeAEyepg5a4eZvqiAa9Ugiz6npo6xJ-yB-PpmTj8QjmEY&dbm_d=AKAmf-DptKqMSMVp6xQbtrDyQGJ3roZ5AffClXL7nUxJIdls1AcWnlxrDexYK0GpCUe-6jvbBVftAra-LU20nDzhk5EseIXs9_UoiDC0mBFJuYi5TBs858HB6gPAPJ6wmghXI5Sw-vFax9p56DX9be8KQ57qktgODmum5EX3fDbZ4ge7tmCkaIc10XgP9PY1tvSOQdvj_alCHdh4JyhiY1TExBgmoqkbLZG_rklOOkdnlKmyT78I4IWRcw-RMFgu5qq0V5t3Q9m4XdQ2twPCn1X90mLIaSmcfiyZ1JHX6LWrC6HAv7MUB3O-aOTNy5BNjyEHhMOOR54hI7BcU4Os-D4GGKtFxZCWOL65yjykc09kNfWW3RrjLWESt_pyNnOTdsuub3C0qmsvF3pOBQJztrRs1zIgFxdaJcF2-iQmOp_VqsNF6xURlXIdIk03muia_EgF6GX8HL4eTAIBy77N_ywuDI_Gow1fi9X7FYPAEy1tEvYa1ahpYcSAgNY-y7ew6J5Kt2F6pcvU984UHsu9vS5nCQtT5xSWTRXSBPQRK8h-3r2fGWQYUXYIfSFmW6pwMI9_xPe3CWwOkcXAmpdYYB_FuIMJotrp4KJ31NR1LHrGWcuvKIxcWXPmC3ac-Dbnn9h6SPt7TPL4xoH_t9De7IDHTSQnjrfiwEZlFMQHZRxq6Jrk3VKoP1gxu7rCn_kKUzGHyOeqnJeJ8LKJ-A3Ge96S3k7xI2nNvOR08evaX-OJ7QZ5cGOAlm8Q3N4xnvpsIKUu4TWzOJ4AbuonMml_6pSoWKvP3VC6UL0FjnMDb_FBQ6kTxPiaITki3JlHvpPCTheuaxun79jTNz3-f7_obXmna2rOfW-GFAF69ZI1l-SYg-nQf58kzQWybgN76WC_SJXsIGBCmE8Wh2StAbjJANpPnG8jHJdfMbscAy6XpuDHTtGI2QOQaz5erjL5ayDi3OWRhJxiH9T1KwHCLuYalSaj2M0XG08uwpsDPuBEgnIlsoLqlxnSEkBMxXUXG_2Dss7LEm7w_iy6LjvU6rc0pQ-82W4MwUxWI69THeqdzS89AdX2a0xQX8lUsnI_kvmLCWW_euKjES6f64I5O60x8eZHWgpAYaXhpjmKDhwtYPHIM-UniCFl0Y9BV5kwmb3X7ePHWURYVk0S1mC0CnfNNergfRfAN9ybTyH56WZ2Ku54EJIkRvaktNYbM17WhJYTFqwzQ-QGb_JD_JvoOm5YnphZqqc7dZAWNXkPwZwZmVO4Ln5drTVqGXaLNvK4Pn7Fk8I4bO_M_w0KLEAFB9WQx3kb7C8InJHKXO3YhOR_UxP3vpI5xEVr5Kicw3ejUyA8ciOqLxYN1dF3-zpBdi-TowwyYC5WHabqEkPnuS7EyHKTStm8CyuIWvZ9Qp2G4bvVN9vrVeKi9qxO6PjGLzarr4bmmfwROwenQu2KUwryqCKJCJjoCxs5i2oqQghwHg_XFrXGhbijtX1hq7YRwCje4vTM58yYFq7eHwWEc7FwbX1FoJFofLw20jhcO9PNSg10D_W0nlWlcRHvN6Ep_Js3n1KYBQEJ7SgJOSszOj8fKiW7CAH6TDIuJPPGxzZJ0TOwUb-HpLYO7DxjA9MX4TrNj2z1j9KZ0beVdENkyl2UI822xJ-M6foDAW5HfYiOOv6kSSuBllW6Aw8zs6R325UsfX8ltx9oCb7Y6i6WDQJYsVSbbrd_IwtZvtTim6MeqQ_wWi4Of6lbAjtBfkkHeaDGXYYxEw1feQsRZXGd4RH9uAQ8Yo8ri9QPyZWChLJC9gmi8Y0RYvjvWsSxPRQGRJSFEc4dAiVfNTdGcqL0lBcsQX-u72NGbWK35796yEgmZepZVyaj12Pu97tu5cSV3MHim5xLmR7XoB_ZBoNuSLUGnR8X0lZ2WVW45tro_IeuEG9yv_TUQrAsckwcdr94JBI-xgkVCCQdj3pKPJG7qAxriirV1Ub0_3eu89nzVtFfzsc5ugdiTDzxxxGpd-dASHwmriv2_gkhwsFvj4OQCrBuCatNEe0qrSACTs_NiRC7DnLDOq5C6jDynhW085Nm-YCB8TyWUIZRGR1OtCbZv92HzLI-KS4wDDveo2jKpI6f5vzsEjDfXii16Gccs7XeqUTzFrE9-dKKwK3xizn3VKVQBUELRBJ7-13chVpxShsx3RoklHpFyzetIrUAHgU0dZUtk-vWWgLrOx8UnG4iAkpAk9jmbVA81FYqWes83Eh5C9-L09Pwnnk-mAJHH_JNuHC3_DU7FPoRPlIg3CVrUfVeWYKrgR5Is1vxJq3ENErKLxQ8T597ExFE3OTX9YNSwCTyJxoFdflk6gC8H-vW28Rx7hHbMEc4BAC-8lf_QXYW6zoESXCTCVIIZmUbxA4uyr2vGjiEykfj49rdBo6EXug_qe5BcTEBTyVCXG3L6jSMpbudEYHVAGIo6JeH-EjdguAFO8ULvshRGgpxnSy_aKWApVe9Msqa9Iys4CBGXTtziuxCWHtdHdCfg3OmoNxtHC3Qg_kZ2sBs-CmRq5FDuT2VLWGAuTJtT9GwX0rzLwrzMPA7ziOX2xI_KXDFNTOfIOzxL7Gj44VGnGK6B3PMMhoVRbSud4RQ0rzH8ZlWJgvGQokPUwFI4D02EmHA0MJa_tZOzFvjJ8AxGo5rmu04ylXdWUesbxoqoxIZzZe9jXPsDbnAmzFkGLIw9mDOFWV9c4vpb2KD_JqUG179_38lj2aOqfw0HDcqI-1YBgt5vBbIfZDGoex0D-yhIuti64XSfxVXwfWuJmX3uUBszf9V5gVskrqpZwbIQUHiVp6B_84jz9Gs33TmA0yMi9IqwrwizW1WU2a2z_aWUgmhSAssEiX7SDdI2ErIe1G1gzITpP3Hnjjk3RBsdBycdLFEaBqMV3R9ny5ROJL4IpDuwXw9bDTN9ecWcBA-ZfMBzuvJF3-6gRp19574BUQZhi-aOGhdNa3czjgtPJGr3iHtXjPMVvuNsCZ14rraxF3iFnJ4lmRlEkKqXP_X20T-0JP5gg_k-3L0FzbQpSrFcdAOuLAuXqEc_Bopd76JZgLS6cEBh8GADOifLna66cFQF_Q2xLSOghYGvHFfF2QRxhPl4gx-Y9sophY-xpvFoRx4ytwHov2UxWcyejrjx8CkmcskKzcLV_Aqu63XlXoDGdlkOiqnPBYRxLfLp840Cfns8lRGCh_nGHSP6fhCKOdnTM1kUwaHfSpZ4RlSf6ZyS_RQPCF2ZLIHpHdx92xrcN8WxpTelC71-t8eflRNRHhkP7ABKNMiHx4iDysFcAJebGYIp250X1vOiEP7X559G2iObbBG3_3qEewoRO6_lENi9t2xmBepu2QmEm6n_6IxdaSTLSgPJ_GBsW43K57nJ4raqpvR73biCENWxlb-D100qJqATCRA8Fy6RqqAgGnWb_z72xLmm36FwhugUIrVvevigulFr5Ngzo0BcZfE1DCpk7sIama_k5Yte-6cSooB6JWmfQNfTXU8es3hQFiG-cv8H3A&cid=CAQSOwBygQiDvEo3X0qqiZeqHZjRPcmx0OgXpQ2dmdGGyXdmpsctNtsamd9Bevx8doQg3UybmmpwvzbH9P6BGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10310541982910760000&adk=212707235&idt=249&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d316f80c6850b5b55e54c8a06e05522bd1b39bf41953008d3103c0e40be03f5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36565
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame 5082 350 KB
118 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfedc75cfe7b945bb38c0d7c7aa2c2e0cbbb53be3b787c051cb1efc06cb32fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120274
x-xss-protection: 0
server: cafe
etag: 11768213732084284165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 83A3 261 B
122 B 82ms
81ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNX44VW4mC5ITW6_JZaVVGgao9h0aMO9eTOrhcRDNqr3KlekEAiMTDN40gGNmrfw89S-PwsT_XsN-fVCyKGSH0GlSjsJVj0D3khgzI6AQS-0cQpmuthYbhTqXi1NPH7b6uKsYm_0onYQ1earKXF__iHnAZrfkQXKBJVE8HTLCPOX8nt_co0

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ECD2 78 KB
27 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECD2 42 B
63 B 76ms
75ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CpKZ93_yHKYFpfgJIYvCwvwn8EkSu-EvW6fyZa4YUCanQF1SEerz_WMhcLFvvfWt-KvRPid8gD24WLFHUTSy_0Yz74bTTMhlfw0kP8NyAhfLammTI

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECD2 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5950535954152209919&x=8&ct=76

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/69587979/xbbe/creative/ Frame ECD2 250 KB
76 KB 36ms
35ms Script
application/javascript 52.50.83.81

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-CRPAqhf-KSeIwbh1a7LHhaJdR5rtxeuJKcrkr2Zc9KPa9C2jvggygTLYtWCWkB-xXpuRUwrN8717rdlI5X1fPJKHmKFKsrGOOTLCzOhaV67luhoErzoBxQpnG3jP4ztSVl_CHBKRqSDfLy83BlGMdiBEATIOeGvVYvaw93CQiHSewRu1wSuQ4AoCZ_4B_LJJ0yG1szVZrKpQwFEPkDfxUgCNBsu_kKDFAwI-R17nxdO7JAbb5mGUDumV27O-Z_GirJcDe0su6aW1ggDCZEMxcq6bWW-dyhQBSXL1RsZI75hU9ORbnAQf0vJ4A_dHg6uYb_veFXr4cReQlij1LvPGmY38zIIP1MMVFNH2OltxQKCShW-i83vO9QJJfteQg3phQOVqWeVYMf5Vb7M7ZgS-dfUMDEJaAdhUl3KUnrMWn-3uHiuHlKv4V6FDUjhKDdWLyrc9hRGFyByjBM5TaLLBEUsRE4lrBazN-AyutuZp-b05MnmiNv5mjlI5Q00-sKqCBvtUNcOp-BfKbAaukDFajQTFXYYAYK__hwO3BRGRSvsDX7s_UR2SFUJyXf2SZ3S4qs26cRpCrr-dV0er6WfqX5iQ3wgtv3vVi8c7CnEAIofYyQLY9HHWu5tSYO_1SYhNf1PLsgTozlHHWQqEFwH3XyqpFT-7JDse-ouSZtJ9xcNtNqAtQk086-D02ESDl9noUckywyDI0BuKxCNx15bG4YhG6fWc897M-DNr_kiYLG2mNeuzav8FmlJwL84eWEwizuPKoKhTkiwPxOngV3w8OI3fE1XRp7xFvpaMHGEsm6MSerARncxgdN8vNj_J1AhJciXghmfHFpyVm5ynuWPtUSlFCsHaz9EtbWdkPmy90TGD_OWEoXbmto5fnjB1jnbaBawlr21wj3ImK-5XTOtHYS6zFQLa2XJZ9alCzuTks2cXIoDiQOWNdVE-qio6ofebv9CdRJH7wnfWyjqHLsz-Om9mVs5eptec9pYVYUgTH-qu9QKMFaadrpd-RDfhr7CgTUJsUcLNkQkNlK_WMY4vIM_Crf5PQSstRyw_A_jQHoLWNqF12UKGNYcoIlDNSQvDgob5HaM5ZucudfACnk4liX8Y8fkAkk4wNWuf15qzpfOVjoRPq0Ql-oVfCvwy1-0EhSjPliy8NoK-Pva7439uibDwcErF1fHjr2Xu3BBY3XvkaCuHmfj6tceOMLzXIiq2Y2Wt4egeoDSsoWPMDc4XdHtZF6udWs8B74q1ZSFYUw0bcofpyM0teIJ0fguTcnAFI3RSPtplljvjRL48g66AFzTMA-QcRGje_OSjKg1CQjNX48i3NMd0YD3pKk94HRQEmeUnXZ8wUWt7zq_cdTA_IVJ98C18a2QwmVU6ALJ2kbsFKTfKtGyJ3hNbECK1VCaKVpNDF11AyjqlX1CZP6N2ISJYYX3W7NOk7s15NXPLfXXt5ObRbJxxOt1yVhpdrsypslPiTJFL8Z88CrKsr20rmGrAQmHXAHlXDn4d3upK1Q_6sUM6ALbFZ4okbgmiGnpWXC9_3f40-yIIt5KxM_v-D3ED-r15DEKxq5p-JgepqtPpposmN_B6sFHDS8SYhsn05YsdKvtgyYOabaV0OQ1aA2QHt-ifsMJodPfkN2tr5cleuyBcJ1y_uGi3-0sFGhVXpx0oGy__IpzkMK_TclDMOfLdHK1PXRAJHqDNcROxWv0Td7vbR2_oAva1fg7K1l3qpuTF6eoZWHFfqdKpiZlWvZonAwI7OKke6hKCWpwDdGgov_ixA_Pp3qTmvu1EwpyzoZbgj3-qC_2UOxdSCaVPVW78oZ2_sFlddbt7g9fmKqUvb13LndvHBEcpK_WIWWXKg8sONdCH3fySb4Od1FeekYC8hiffTf3SIO5rzmb7SzbW471Un8h-pQ0yPEjHAo30FLld1TusRi-7ywNq6GXR-9-OuNrZYwBK8CSpYi9FkPAGOLMH9wiRnyuJZ-UpJF4_AFndct158RuH393ILWfhcSohJjCBJSl1jdrGBDL96sixYUj1g5Heey08WuILgkmoYzAJcuHkeExUNnNU2fxSHZ7CV5TCbW4CdiD_PcTHZbKjTiXLt7N9qNk85FUtA7QRES_khN4RICIjK3HIyhUDE-BJHyHzTcrfE52L-ZKBUEL06jALHjbH4S954lh72FbpUL1hz_U7J_n-yxTt-sr1pJ3nvVdU1Ymx0roPDYeGk69e0SyPbYtAGTU8ibl2tB4axEaoxRc6WMayy_HjpRJWqs1MiVqJAcmXKPGA2uO6iWXDOGO6iVGc36YxqNKh5SVtiMK2Ch8y9REUHyn1ohmACQig9Vv4iB-kX56zALsTSMIWUz9R-m0iYXYGiGc8FFW2OgJiGcxtFFTsr6opJItreokAl1h89tikrXHYkHyeJwIc5ngz9xU_vgPijlJAfkNBVkDpis5CMS0rFwzBXNBd13Lccx3_lwBZ--Dkh7NKHnw3Rje8SI8Ql_yEbPVRTn0LcmKiZ2-9pZnDa29IsqqFRer7JIEhzj6GdHGUIagycC4Kq7IFFX6V-5nHBVt_pTZo7FBygkPAPeJjrF4FU0azftNqekFa_qW-XHaTsCdDsFan94SOpzxluMHD0e-SR_ilRPryAlOhmOBZp_akbwNawBGjgIBBIyAHKBCIOm9zKCR6SVnLgFsAU3f1mrviK0_HAMRV3eanAPjHt78BvTMMEmREqLui077J0YAWAB&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=13760&ias_chanId=8&ias_placementId=19674771036&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jHCxdzxHJEsQ_m36XsTJ8K
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.83.81 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b2373f09a41cdc3dda6caab55d05159fab0c3aeb11cbc6f13888e92c087ea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 c583d42e-16d0-4e7d-bb2c-99449cccf084
beacon-ams3.rubiconproject.com/beacon/d/ Frame ECD2 43 B
228 B 114ms
19ms Image
image/avif 2602:803:c003:200::37

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/c583d42e-16d0-4e7d-bb2c-99449cccf084?oo=0&accountId=13760&siteId=333016&zoneId=1746730&sizeId=9&e=6A1E40E384DA563B513F9D9AF7824D43EC6BF5595C32A03C0DE41B4CF16ED368771500D9C96FF54A2A0FA189B2FF892006ED6754DDB432155E41B19897677B2EAFB8B9FED89D2DCE78D19A898A3F8F4B6C48C4D2C14B850C9F561049DD16C3D1C67714FCCD22DFB3BB123233EB469B1DC50EDE302AB295B0909586532929299D2605645952F60178092B8EF4ACA4F99F20B63E303EBBC2218C9FE9EC17677663C2709E8798967B9A3752BAD3DE90E3F98660B4DE9BBE55C4E82A954C1004678A

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 -, , ASN (),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 53FD 0
210 B 45ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685379355953&userId=vnetc82ceb5c-bd3e-46d7-ba07-b1bb203c91af
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 29 May 2023 16:55:58 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame 0225 350 KB
118 KB 168ms
167ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcb2c317157400911fb255504ec406ba65fc4f4fc4f4e01658f7fb88f01844c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120275
x-xss-protection: 0
server: cafe
etag: 5250500649334964394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 16:55:58 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame 53FD 89 KB
29 KB 79ms
37ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 30 May 2023 16:55:58 GMT

GET
DATA 200
OK truncated
/ Frame 5388 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef4bc78b187394a0a715384f75a57b3c2ee21240990a3412a4879ff0559bd1b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame B9B1 29 KB
11 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQ2Au8uCNqBlRHTzK53bZE2sPXx9KkDawKINkkwVdwTOkNbVMV_r_2AchjG9skbC2eGXE24sYYUIGzc3lEO_bxgU4QJfTRxdFyep4dAn5ftNz1n3_Y_RbDcdxRKIA0mkOsS5UMnpHObWpVHgsHk3RKlC9P-qPZBtkuVZG1rkhYbMEMcN4&dbm_d=AKAmf-BAvBlvsU_-PI64Xw8Ffh_RbHRgQStp61A-9dyaz1rHrKAsiSd0FpZ3Xb2ZhcExn1LjgZ5bj35wCUVlBVLeB24PN3QBeE-OwwN2a9u3-2GuLscx2SYPysAVBRTKLc1Nvsyoz7DM4MkZaGJhNDpXgF34MVsWR3tAnT9SxnFbo306-O52QKnP5xwrwq6F6eI5jhljb1YJX2zguz3nt1bobFV4EjGOIKnj8gS5qXRpbMYHMXuhDw7SKpvhgT1liH2Opmd_Jjsl0J4V3LxxGdyrGeI77FYsU48_Nb3CY1rvkG16Ad_tYi3oV8GA6TB7wMS_wXZnLNXqMteTbvxNhBMQn0WEEozfIR67KO-l1Z_t_KScxtliqW7x3miF6ClemiXiFNfsyDdC7DfxH72qazgKFIGEUjV-yaB4g8rdl7kmVyaXDuXwbZ7Z571J68eYXRILS43qzaJnJeZ0cq0YjgoVsw4VBwvroSUd9BGz-UmXIA1i8P_s48az75isp25qxgXQFZY50_1dF9na-KBA-o0v0hFR_gguoImXaYZe-SYcNIoS1TGLcsxL7LQY2sABxMxpzGxDNxpu2F38s12hHKdgbiW4Jf3y1lNr8ejPMoufJmF033zhIJVAkPeGI7vOMpLl14k_KX48jfMRzR78z34tUokQnGxrwvEDkweFbpQ7GwRo99EOB-VUTBx52lO63zCkO0qEjaxQRppWeU9r4pGeCQVB8aFIqdMt1wVoQ0_JmFPe5CY3jp8Xs2ihV9i2Mzy4kBgJSGEu5V1XoGEFSSl_umvjpAAsOjxidxyt11tYknBKUUOvnQdm8AkEochjNlU1z2xdRxiR1lhRla8sBT34XiY04cax0efHUbsrIPb-0CncO4YdDubTaQWp-Z8sFEOapIaHpLTPPachvGr4Av4JyLkqjkXtiLYRqj99SeWOCH28KmmdbvJ04jdwmIi0cmMt96NiNxkBQGVEWj1kYlkJ1tIMHHvpvP4HdEdeC5g4OYaf03ekysCwxDqGeb_ReJU3Abl2zVx5jOsAVGecyqvh7YGbdEvD0vI7peAHWsCbEo6ZEjv9Ka6hZ2Esc_27TUV_k5A0QYIaCMTnBGqSugnAcvbfYCi19b_QiKPIPI4Cu4ITiKgn8H4wY8bMNMhapeOomsx6hu_2VyHCfm89cyNONbFE3fkYHFA_r0XaL-YZ9UCYUv4kC0PfMpMYSE9g3-EpOsdY2tVHm1Vi7ny0yBimkYHwmmEqsPjjsSDBOW8Kqs02_cJxxQNbjKQKYRkVaKVOCRmTUn32mcpJy0UwqNLq62Y14pA5HCvlR-9ZLE8WF0Z8dRIaEoLz8ftg3sgdhYZIKmrj--CjIVN3b8Wk7Eru9_on5iHT6yGsIZWzvBAXaGL1wVMAWqdaX7wa0DeMQZPUH6MYUn9MMnpzPEwPlq8lc-5C6N021yh9fNF5r01hcN97mJnIFlZ_ctjmyJS3J25O29jbxeCBMRJE8rhKFXTrHQmC6YUq_Ghc6u4nYagFl3yCSCIwfOm18ddA7NPT-irWakrY4gkjg5u5JVR7dAZv0yAzq2ZwhPlyL7Z-JRWHiHaixk611jIpqvjhuOXkXPybDZFv6gSN-SU5efAnN6zLESDxilERPB_Cf-Q_F58psId4-ZqyMoYZIyCunv2dY_6V4G4Un49ekBO4wjozBjDdowMj_s-tfTvH-TvLtqigphu0PuPujmWdbb1yC97SakqCwNNlyob-xw1H0rEhyPnginFNQVi5814JwtvSFEuhX_Kct_BbCfg1iY6dqS4tRqq4mdqhRJYxLckynw6ehkBNDEsfOqIeCR2a22wa6_xye5AH-NIaOFTV2P9LErZD7nz6AlQvCRgRkmvs-vYACACY-g9_EgA2pYUaZP-CicLklM5POYlrf1VQGuqcJPdaHJiIMLzNzW8sMFnoqG2V98tkZSJxhAKwoAGL3pmi8xzUzAOp0P_ljco0DLIKv4GeOokzBieWxG9MH_fepEtov1StXkM46UgYo743JEhlVSuz1GGLYYzRCUzXqdazN6N6tEvx8ChSjbVnRYrO-lYus0EelHGm0NLl0eZAmsklAxkQzUJPrslzIvYZtEBGnaundeBtdZsWGukaHzxvt28R0Kvhs3MYfB82oCUbNLIeUk_ntkC1zztMLX5ajY7qcQ6t7LKVQxqu6fIUu2-gzc82gfv8K-FEvErSkI60EeZY3NIP2YYTGcXP_MmdYx12XpzLL25EvValxj7NhxuzyJ--C6s1eNzpd4w_Ty2tdOAw2r1zXV-wzWysHvkWxG2pIaoWcookftUkZ2Gh5r3Xu-7ZFnlIul5AA24Ye4kAQHtVtAbwRn-IUVuhZqxzO8VM2SFgsTNNCA1B-3JVey_rC9xvYyfK_hWGdMrLKl4i4j5g1la4CZy2k33kaBKQU0AmJFJjciow0YG18UYWo4bYBsgJ9_Lp20MNp0m4gKXQwsjMSId7VP76U5dsFwa33bmwHuurrk6wBnxbQwcXojxASEwKgxI6Vs7UgbopwfhffX3NQF1CI2SfVKAg2tes1xRLrq0TRD9-77GdfxYum2TFmfhploMOHt0vycO7QFjBYVO5rTCb59LOceKn4R2bbyzJWY5mgRYl3-zTlQag88w176AJsQEI-0SBJNDl01-eYotuTjhkf7ehwSh7kxbMcnpivH-n6QNBMpzOa5oQDvem4vTK-rysamzZ0xTxf8mrULaBJua15_MU5hpGz2YcnlqDMFsuUVCJbD3NG_0PJj9B2c2gwXHix1JXKd9ag59n0rkvIBm_DlnYR0CoujgDF_9cPGrXkrS1CBCUno4A7Ti2sHo4csiLMMyraz_0ZyMkmN1lK1gI9eFLRFfXlqvs0aryYG63OnUVzy1bhL5cU69V3lAIiODgdzRD9RzlTayngWIFb8r1ujmeu81i9gOtL4tMWF617fcSwzVPrlAFskag3LRnL8t-dOohOAGSq57rDIRkIRgvcRkaCbk9X_8Dxkq9ORm0QwELN8hH3R7of20NczJVXe__0p_XvjUD_fzhYC8oLxuf3pOQxu9R6JTTilHsau6V0IHNnYR3eYBELX_XyF3HWTyighW4T2pvQxsmcjmGlJvb8M8v6sZR39GhQ0aPaUqeWc0XN7_VBvEXNqy0jIoMGyYkCpeI06Ip8QuRjVJaps_Cd5MQt7lmBam7mDAWeQcrzQwV3_ht_MOfUwYU4hto7HOR-jOGNLo_ClLMsi1WQleHDFrtf7HUhb8J8vuDjXblLJh2SKVjSFgltgtNNWfkyoStMZUCfBx7VY86XqizfW1PqlxelX_tzXds2Sm4nBZzQ-T5G0xqZ9fkW09PIKlBuI2efPOKZIjxphbWJNNP7M3ozwPrbY2-UGMbWVJQXCHz05CSwfGykkCSnDVEiSTn9WFvYpdUotPpI7MRzjN2ngoCpT0hYwVms6G5Gaa04XOxK09U6dLrtZD-JuSWHpNC34OMxpVRw-xHJJEMtHYf08mYukQsRlPN3c2FG1hZZV6DwM1oC6_yQUYOD5DMZQdxKuP91oK6V11inb3KxUiWtV-b1lZKKDmgZsl3VGpfPFBd1CqzhGmCz8gMVTFO-CtOdEezdGqIswTmpYhWOH8UuJ_1MULrlqaGrAzt7PCeKTWX6tH57IOuRb2pWMS_E1i6gvQccdMse_0asVqWa3HV48IXqNluouzb4wW0iw2rXiO8UbNo0lIK3vzsOpTZtRZrMzk7zlPiGva-_0BquoLJ3MzJXrtimhszW0Fte7zvOVcaZdY1oDAYAKC18IPJJ2P6gLl3jubYhkSLdw&cid=CAQSOwBygQiDEPZ2Eij5UCxh8ltIkjUH2MBSjmFE2hZRykKxEDQ-Y6TLRX2oi0jHirKMcEbELqhA2IPjLTGXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=18022748924589722000&adk=2465470143&idt=237&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 16:58:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B9B1 41 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H/1.1 200 /
d.agkn.com/pixel/10690/ Frame B9B1 43 B
621 B 201ms
40ms Image
image/gif 3.124.42.161

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=2344988866&cmid=24601696&sid=4128031&pid=293420623&cgid=486686202&cid=144549364&aid=9533159&gdpr=&gdpr_consent=
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.42.161 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:58 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E8E7 103 KB
13 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7x3tmfgeqq81h17sfwyk7m8rbycyp1aqh12f6hdasdj0djxkk6me0q32e9cxfedsbvxzyde7pfjj1b3yynt6yz0kwd613btaqtz4g78sd8n4e68f9b6910ankh4knfp2ms5qpkmyx455p1ca0jazypwcs60n2ehz0xcfxa4mckj9k92cn3ww790msep1ta6mhmqcvdxr0qsv5zmza53wz7978z6bbq5mbwxt65nj8kp9r6k322gqwjaqtb7x7k86r48qgn5rmrccg2xvgh079241ncwvzmwachfpgsrvd2axc5ebv1d1w0ky1g41b34zb6g14ng799n884kvgyhwf4btcskccgk4x77an3y8gqk0z319qy00gp6979hw8mx54rac4q63w6metnpe9gd4xstpycv8kepazfa3v04326r876ehfy62wyepf9xajnwjs8kv72&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKmocHdl0ZIaLG4bitwfpzLuIBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApaduozx97E-qAMByAMCqgTVAU_QRz_UVU6YhuOng5asQosAtMTe-rN21NYaLRnqMHKv3NU2L7Mld2bF25uEveZAyiKLo9dvtBAVWClDs_KFCu4W_HoqJW-ghietSZRTsjqerxGKgsZC5Ld7EqHP8fM861fOuPlmD7dAp4EqWhYBgiTdcfVzRa7YlmFmwTiqiXdQWp90vgXItNBBZk_fTUtAwbPU6weyhqy0YBP2Wi9IYL2J3gEzCAqmznJ0u0d6NJP48l46q2Ze1M7ggLdTwrxDyp9mE375HHqqGcIK4OFP4606u3Hk64AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3bcXPDUhbyo0n9wQEbYBtU8XX7Cw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h7x3tmfgeqq81h17sfwyk7m8rbycyp1aqh12f6hdasdj0djxkk6me0q32e9cxfedsbvxzyde7pfjj1b3yynt6yz0kwd613btaqtz4g78sd8n4e68f9b6910ankh4knfp2ms5qpkmyx455p1ca0jazypwcs60n2ehz0xcfxa4mckj9k92cn3ww790msep1ta6mhmqcvdxr0qsv5zmza53wz7978z6bbq5mbwxt65nj8kp9r6k322gqwjaqtb7x7k86r48qgn5rmrccg2xvgh079241ncwvzmwachfpgsrvd2axc5ebv1d1w0ky1g41b34zb6g14ng799n884kvgyhwf4btcskccgk4x77an3y8gqk0z319qy00gp6979hw8mx54rac4q63w6metnpe9gd4xstpycv8kepazfa3v04326r876ehfy62wyepf9xajnwjs8kv72&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKmocHdl0ZIaLG4bitwfpzLuIBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApaduozx97E-qAMByAMCqgTVAU_QRz_UVU6YhuOng5asQosAtMTe-rN21NYaLRnqMHKv3NU2L7Mld2bF25uEveZAyiKLo9dvtBAVWClDs_KFCu4W_HoqJW-ghietSZRTsjqerxGKgsZC5Ld7EqHP8fM861fOuPlmD7dAp4EqWhYBgiTdcfVzRa7YlmFmwTiqiXdQWp90vgXItNBBZk_fTUtAwbPU6weyhqy0YBP2Wi9IYL2J3gEzCAqmznJ0u0d6NJP48l46q2Ze1M7ggLdTwrxDyp9mE375HHqqGcIK4OFP4606u3Hk64AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3bcXPDUhbyo0n9wQEbYBtU8XX7Cw%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 328060
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PPjo3qj92pKoHmJvPF0%2BUjBHVZSKqgHF%2FQGsJKP1pZFBKNhqwOPEA9kyTNDVeO8T9cLLLI3bNqQqbFatzenYIdUp20zCi%2BcRXn%2FksVC4Y6k0deJ9dblEh2QTbpYoqDmKdmbJ8dv0e4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7cf0449c5bbc240f-LHR
expires: Mon, 29 May 2023 17:55:58 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E8E7 25 KB
10 KB 49ms
29ms Script
application/javascript 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7x3tmfgeqq81h17sfwyk7m8rbycyp1aqh12f6hdasdj0djxkk6me0q32e9cxfedsbvxzyde7pfjj1b3yynt6yz0kwd613btaqtz4g78sd8n4e68f9b6910ankh4knfp2ms5qpkmyx455p1ca0jazypwcs60n2ehz0xcfxa4mckj9k92cn3ww790msep1ta6mhmqcvdxr0qsv5zmza53wz7978z6bbq5mbwxt65nj8kp9r6k322gqwjaqtb7x7k86r48qgn5rmrccg2xvgh079241ncwvzmwachfpgsrvd2axc5ebv1d1w0ky1g41b34zb6g14ng799n884kvgyhwf4btcskccgk4x77an3y8gqk0z319qy00gp6979hw8mx54rac4q63w6metnpe9gd4xstpycv8kepazfa3v04326r876ehfy62wyepf9xajnwjs8kv72&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKmocHdl0ZIaLG4bitwfpzLuIBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApaduozx97E-qAMByAMCqgTVAU_QRz_UVU6YhuOng5asQosAtMTe-rN21NYaLRnqMHKv3NU2L7Mld2bF25uEveZAyiKLo9dvtBAVWClDs_KFCu4W_HoqJW-ghietSZRTsjqerxGKgsZC5Ld7EqHP8fM861fOuPlmD7dAp4EqWhYBgiTdcfVzRa7YlmFmwTiqiXdQWp90vgXItNBBZk_fTUtAwbPU6weyhqy0YBP2Wi9IYL2J3gEzCAqmznJ0u0d6NJP48l46q2Ze1M7ggLdTwrxDyp9mE375HHqqGcIK4OFP4606u3Hk64AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3bcXPDUhbyo0n9wQEbYBtU8XX7Cw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 498957
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3DzekGvuX%2FkubKaT%2FM8AHAigNgiIbidi%2BtWfoo7jIKgMKpSiLYgTH%2BZKw%2FqnJ%2BGie7drPVWXxVLTdh5gd1kDhosq1oWdJjVPr5HzKo1Mudt7s4OHcicruR6%2FoTUFDhtiDO5GCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7cf0449c7c00240f-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 May 2023 13:46:09 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 83A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDJ8fHn7BfY-kObcLLgIklo&google_cver=1

0
400 B

99ms
46ms

Image
text/plain

23.209.234.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDJ8fHn7BfY-kObcLLgIklo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNX44VW4mC5ITW6_JZaVVGgao9h0aMO9eTOrhcRDNqr3KlekEAiMTDN40gGNmrfw89S-PwsT_XsN-fVCyKGSH0GlSjsJVj0D3khgzI6AQS-0cQpmuthYbhTqXi1NPH7b6uKsYm_0onYQ1earKXF__iHnAZrfkQXKBJVE8HTLCPOX8nt_co0
Protocol: HTTP/1.1
Server: 23.209.234.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:58 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 28 May 2023 16:55:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDJ8fHn7BfY-kObcLLgIklo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 83A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECgG8jOGeLYYiR-WwRw2CmA&google_cver=1&adform_v=1

43 B
164 B

93ms
27ms

Image
image/gif

37.157.6.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECgG8jOGeLYYiR-WwRw2CmA&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNX44VW4mC5ITW6_JZaVVGgao9h0aMO9eTOrhcRDNqr3KlekEAiMTDN40gGNmrfw89S-PwsT_XsN-fVCyKGSH0GlSjsJVj0D3khgzI6AQS-0cQpmuthYbhTqXi1NPH7b6uKsYm_0onYQ1earKXF__iHnAZrfkQXKBJVE8HTLCPOX8nt_co0
Protocol: H2
Server: 37.157.6.242 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
last-modified: Thu, 11 Apr 2019 08:33:12 GMT
server: nginx
accept-ranges: bytes
etag: "5caefbc8-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECgG8jOGeLYYiR-WwRw2CmA&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6D55 35 B
466 B 79ms
14ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELWit_MYHyZA2ZzF4Fc6Aug&google_cver=1&google_push=ATf1kGOC-iJ9xlc2v-t6W6uPFsCCc_sSqyyDy2e9QX2ivHGw6khN31QpXNW9ql7Z8OEqtnrOTgjZ6b6Ig8YH6x21akPb97bFtZyi

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6D55 0
105 B 87ms
29ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF37tI21V9VKb_35eOBATdg&google_cver=1&google_push=ATf1kGMuVjEt4KaliIz9B8hc1Lu5dEow23Fn38U4d9TWZH0IqPrgg65vCVosUJkfZBL6dQElr4PT_pMuREJlFix7BlBevMIyesxI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379357136&bpp=3&bdt=161&idt=253&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3386230955750&frm=8&ife=1&pv=1&ga_vid=1116954865.1685379357&ga_sid=1685379357&ga_hid=991838600&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759837%2C44788442%2C44789779%2C31061690&oid=2&pvsid=1402955186140294&tmod=823662434&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a0kvkxex2sca&fsb=1&dtd=258
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D55
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI8nr7Jk1db0NSXT2sudPds&google_cver=1&google_push=ATf1kGPijSzl_fE6JEKM76wEcxsGfiJv3_ExsyeeLoXZdTA0LufvrwHhn6ty0s6LKY1w2ZI9pdF19ZvAiWj_s5Lo1ewoWbJ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPijSzl_fE6JEKM76wEcxsGfiJv3_ExsyeeLoXZdTA0LufvrwHhn6ty0s6LKY1w2ZI9pdF19ZvAiWj_s5Lo1ewoWbJMTJQ&google_hm=eS03VkZ3ZVp0RTJwSEcyNDJ...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPijSzl_fE6JEKM76wEcxsGfiJv3_ExsyeeLoXZdTA0LufvrwHhn6ty0s6LKY1w2ZI9pdF19ZvAiWj_s5Lo1ewoWbJMTJQ&google_hm=eS03VkZ3ZVp0RTJwSEcyNDJGZDVBMzdXdWVoRDFWZTh4NX5B

Requested by

Protocol

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 29 May 2023 16:55:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPijSzl_fE6JEKM76wEcxsGfiJv3_ExsyeeLoXZdTA0LufvrwHhn6ty0s6LKY1w2ZI9pdF19ZvAiWj_s5Lo1ewoWbJMTJQ&google_hm=eS03VkZ3ZVp0RTJwSEcyNDJGZDVBMzdXdWVoRDFWZTh4NX5B
content-length: 0

GET google
d5p.de17a.com/cookies/ Frame 6D55 0
0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6D55 43 B
363 B 66ms
16ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESELnLLFqmxXXmwqM6bMIgEXE&google_cver=1&google_push=ATf1kGORfGcUsR4xB_uxPJEsab3fs05zeoVsWKfp1m4kHrdmhqP-GKEhiM3XgjgYygnT0nlfzHBYwerqUM3U1hzaWGlQXQkfB6s

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 242646
expires: Mon, 29 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D55
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOgbsuIVZL1Pk3McsGC3jEs&google_cver=1&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQstOLx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOgbsuIVZL1Pk3McsGC3jEs&google_cver=1&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE2MTUyNDAwNDQwNTczMDAxNg&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQstO...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE2MTUyNDAwNDQwNTczMDAxNg&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQstOLxSNJaylJ-HQPD0jC6L92c

Requested by

Protocol

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE2MTUyNDAwNDQwNTczMDAxNg&google_push=ATf1kGOOPcI0CWIstiByuAtTNeq--TrBNFa6OJ1OP8w2kVL-xoaYwV-574zX-xMTFNZuJ6c7WQQstOLxSNJaylJ-HQPD0jC6L92c
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D55
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMwwhWOe_SbA5uLVD-1o8YA&google_cver=1&google_push=ATf1kGOJRPIxHfHVPiRIXd1w0CxR7CE3_VpMdRjVLCUWtDe9shdut3qHSpwpwDXl6iztNwkbgJOAnyV6NLSX...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOJRPIxHfHVPiRIXd1w0CxR7CE3_VpMdRjVLCUWtDe9shdut3qHSpwpwDXl6iztNwkbgJOAnyV6NLSXVVagPHtkxxX3D_Y

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOJRPIxHfHVPiRIXd1w0CxR7CE3_VpMdRjVLCUWtDe9shdut3qHSpwpwDXl6iztNwkbgJOAnyV6NLSXVVagPHtkxxX3D_Y

Requested by

Protocol

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOJRPIxHfHVPiRIXd1w0CxR7CE3_VpMdRjVLCUWtDe9shdut3qHSpwpwDXl6iztNwkbgJOAnyV6NLSXVVagPHtkxxX3D_Y
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6D55 0
12 B 44ms
43ms Image
text/html 142.250.186.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kbd9FwWdAV3WgwpOdfcZZMBMCdZ7rUWez4hHSaHqt2zHFahl9wodvmeC88oUnWBjq2fNsU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 53C3 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De3p44z_toAPMx1wRNxnqOqphCfP0ifmMGwqRurXNLsZG1f-aQivQczDG7G_IWih4wNl8lO2oF3IDBviIcUC_9tel2wsnmG1fvUM4ESAkUO2cKTEZaL3BfF91A9fMMxUq0QPIdE3lBWLLGptN89GXR2kh1PulveZgfSTgFBX649qEUHhU&cry=1&dbm_d=AKAmf-AkLTk5s2oh239iefHcdykFN5bzxElQxac0HDorEQgGUXjmXqLPuOwfqJO8c2AZf5usII1966st1n4ZcjovjgN1-J0W0At9_kRyPt3Cjuqj50UsP_o0cRvkLrofHN9tFhbBoqtKKkwgfd08_1KIt87Lgvy5I0Bf3K0VTsm5NiKsFjzWGg-M1oVvKL2iLWRAuNYYevNfx_C2ot1D39fv-sQNTTtv8ftHPh61oa2L088Ub93ccqy_hUvAk2o9JhXYW91GklIKhjIjfy5co2SPbwrSaNTnoJFlQWE41UwS-Lt9fODrhCwmhU_LRU8p8FtApN0uxclC7bnTPOE4-OJVh4ORRQTVupExs1ao2JqmePMtBjJ4A2SoTu3kp4crZ8OHnGaTtp7Ew7OLQqzVC9sq6-kUgZG4XGoCxUojmsMv9esr-fccLoD_ZTBhrFLACHd1HjRwhI6-IivVDeebHv9t2O0hx5NWMNmeL7toBQqUMQ7UlQkuq7-INhwiyDTfMIdOghXtJSrkoNeSOcfoSxzPkBGXJsPzwg9hedEsAhIuyjlZxDB2YYHNnaq2YKPSIyMNuAtZgTExa76BnpNo3Vv5HYO5-_x9PlXuhuZET_UZh9pi3RV20gMIYj9Z_sLDSGp860ZD8nC27i0qlPPWH-8nRBCDrUnEY4czE1oLDMtQrXVZ39dzF3IKBpx91DgMVq-Kg-5gEtkYPKxZJWt5dYvC_wIRSvGfbvhbkrM1FxMvZaLF_c6AFipFgL_c3K1OCPAFVFAZ_0a9VjVfabkx1dMU0mgMARJaQbvZ0lhLl8ShbTR1fI2vrSgc66cGOwrQ-K-oXqZj0-HsR8z4BywHI3uCHwaob5_FOLC35fgMhhCtOyWtQA5dzFOb2niQY-c1A0uGnKRCG-HbkgkFUHPZiH5iTh06PQ0k18_1rUe9r2Qjv-r6-aV3dpXSMAWMaN51bUQZYJaXc9ceJSkQ3wX42Z1AGGs4JdxXg5Cbs7ozMCNmIGtXrE3f_j7-4Hr9U7cSWUucNOFFtQxUFzOwfktlAc34chDzEbpE_m6GmYclmbELckhdmYZ5uCq2nublFTRyMEO_rGkZA2Od6xDg-HPLbk1e18SaAlOVm_zm572dxq6T5f-_eVP5F5iaV07NYyRnV4jNJzfo0fmJFF7t6g4ZAircR8Mlg5WShsrGuOk6fEkAuXpeiKQTN_TC1ZXa1f6z93xbcMQLvZRXAE-f9teCL1ufZ53f6-dTT6J1dvAl7uEehzpO5Ntwg68_dWEnB1SDEG82mLAKn50yKJragaQW5bm7pOIS-4J8dbtCXMZA_Bpaxydps-cLz9xRKkgdsuVcZXSJo1KvhdEX73WXEhCjAepq3TWJmVRljjsH0wBVfcrYs_a9ISDNxLKClETym355CmuUmCF6-kXkALhwwxg3MchPovC4ej7DgOAYJkPiIRsAYVlOumhzhfsdBGStOJJyAShsOGjTqe-L35dxknCD6aSr323MNYtY2pnFHyJrqtTxtuZbv3apZEXk4EcjCp5iDR3obttK_-zLurudKYoP1CV9B02p0GPwr0LcLEXW-pRTbIxNAwMf3oTGFNqMfHuUYp-gB1TFPve7X33SBHDUfAHFcrqb_DqDK6XEiOEtFK1v9zVAeyFkgRLyDNmudL6YF3zOGAUd0okA0aWUjTFUAfCqN3IqTxdss1FuKSHzA0aeM1BNJX9Pkd-JWbRHqJTuCyR52XFiWk99tgo0-s5RBJP23Y4pHo0266wm_nl72NpuqxU6lqAhX1U4TfdD4JnKvPaCXMunfjMuNTnQr5DRGK_O78u2MvixvRuW8XquJjQrfdGJ4e2OKNpTBDjt6Y2Q9RPRopd082e8iQJBuNten27o0JDdZ6m1HiN25vdZTGwwzjXkbre18bcJclKO6zUZXCsPicyRjqeQh60o3iSRiTGtwcHz1cdHshpXrZxRsvUIbYdC5ZQDdkqsHBVuFoA6YCGcKKqVAQpWPGuLGNFPf7GtLrsqiCgdq3_01kQ2x32KokHrllNYle77q4_wLNXwht2DZfaTLLyr3W6wO0o1nc4QoRUWlnD77fDQ3Dr5sCMw5KxxgyA8GVfRxjhy6f5xluEA1e0Vk23g2VngU_zBd4k5jv05dCh5MCh8_g680IMOGGMaiwytFEnNItrHoToQQ2UDNh5tZzjv7owTSKNQg7MdiV24v2l4_C11BGfTa774PqDZbPYoEhvkf5kWsirUqtgVHxCpc9LAyvQR3zfQJhE1wR-VxoCcqOpq1pK4T5_z6tViUQksNfhhAqHD9jOtVdOStonQPBkqyaR8--8nXVIVOQMoljwfjLd0cnQiqV0ob5tfPcraQgTSXH1rfdHt5sdJba7XqvPw5J1stsZ2e-aIMDqT6Vu21UuKcYTi0C_gZy22h12i4kobOG1x0M_u_4iXecm6RcKiMnJckWzP0p2tw44HNx1qWTXJMV3TRMVi9mTWI3zKk-a4T_J01PBbA_8RCYjHjwC0Mrv-w2S1y4N1FZ_Nue0EXRb7ibSig2TBkURlj_mG2_Zx0WPpKtW5Bsz5GMpfidj8hSKbZfbkDQNiZGFm-2NGh5nFZTAwJKSgnquiWQpaNtJh-5Kq8GQH_c37UARSXJyZ0gP6pRdtusZHD_I-vPKmcgDXgvNuEJ8bcWMToEeEw5uvPtyAmyXowwq1SixfQDvbGXqPW7Q-RIlK-3qicj0qwxc00fwXG4fliIAHyK-9pJyTmCwy3FfqvOTCjr4Vexexmdzkj6EvZRS8OFaBMMrzJ4EXNvNtfwW0N9dx5DDvMfsepWXXPckab9AuTPYn3JwtlDsEv_fSlMjkDp2qDx6FSj1EXS91LEnGImY4c5aZ6fPgtgks64TL0h6nDVe3mZkOJHnReJpYVy03JDRVnLB_Z9Zkox3DAgtwBD8neA3n3q0UK03pcgZmuaCJS5Q1EahBiOHfRGGZm8wUOsdiRvTBakTuYCYjhyhtwpE1zVFd6Fd9rdyA2XizRmfonS3sxuvD6-NdWnDm2aIRCYd0wdStZ59L4WekVd3KWzK-2BeJjSGfRNKOoM9Eu6VUd7MtiRZq1LFDiWNEwHXiV_KzaTpOss9fNP7W0kg89mMZnthEH5flMw71-MQpK6c6E0zR2ggr&cid=CAQSOwBygQiDcvSYLHPEKTN30Wvxk5crjLOVwjSHIZaPEV2iPuaax-JMB-d3xZprl0KEfkIrcLTVUY5rgTa7GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2643076679039915000&adk=3860319555&idt=129&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1FD9 170 KB
59 KB 142ms
39ms Script
text/javascript 2a00:1450:4001:830::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Origin: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 1FD9 11 KB
4 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6M79UNWoMPde697Uxikh9optP9sxlwczv0MYVmQbXvj6_snlFKhPmHddulEGDvKnKzdb6JqFX9oNg-5fH7yw-JYWkwjwUzqXs3QxWyppSrIutPuhAgWbGpjSNejPweermeMOeAEyepg5a4eZvqiAa9Ugiz6npo6xJ-yB-PpmTj8QjmEY&dbm_d=AKAmf-DptKqMSMVp6xQbtrDyQGJ3roZ5AffClXL7nUxJIdls1AcWnlxrDexYK0GpCUe-6jvbBVftAra-LU20nDzhk5EseIXs9_UoiDC0mBFJuYi5TBs858HB6gPAPJ6wmghXI5Sw-vFax9p56DX9be8KQ57qktgODmum5EX3fDbZ4ge7tmCkaIc10XgP9PY1tvSOQdvj_alCHdh4JyhiY1TExBgmoqkbLZG_rklOOkdnlKmyT78I4IWRcw-RMFgu5qq0V5t3Q9m4XdQ2twPCn1X90mLIaSmcfiyZ1JHX6LWrC6HAv7MUB3O-aOTNy5BNjyEHhMOOR54hI7BcU4Os-D4GGKtFxZCWOL65yjykc09kNfWW3RrjLWESt_pyNnOTdsuub3C0qmsvF3pOBQJztrRs1zIgFxdaJcF2-iQmOp_VqsNF6xURlXIdIk03muia_EgF6GX8HL4eTAIBy77N_ywuDI_Gow1fi9X7FYPAEy1tEvYa1ahpYcSAgNY-y7ew6J5Kt2F6pcvU984UHsu9vS5nCQtT5xSWTRXSBPQRK8h-3r2fGWQYUXYIfSFmW6pwMI9_xPe3CWwOkcXAmpdYYB_FuIMJotrp4KJ31NR1LHrGWcuvKIxcWXPmC3ac-Dbnn9h6SPt7TPL4xoH_t9De7IDHTSQnjrfiwEZlFMQHZRxq6Jrk3VKoP1gxu7rCn_kKUzGHyOeqnJeJ8LKJ-A3Ge96S3k7xI2nNvOR08evaX-OJ7QZ5cGOAlm8Q3N4xnvpsIKUu4TWzOJ4AbuonMml_6pSoWKvP3VC6UL0FjnMDb_FBQ6kTxPiaITki3JlHvpPCTheuaxun79jTNz3-f7_obXmna2rOfW-GFAF69ZI1l-SYg-nQf58kzQWybgN76WC_SJXsIGBCmE8Wh2StAbjJANpPnG8jHJdfMbscAy6XpuDHTtGI2QOQaz5erjL5ayDi3OWRhJxiH9T1KwHCLuYalSaj2M0XG08uwpsDPuBEgnIlsoLqlxnSEkBMxXUXG_2Dss7LEm7w_iy6LjvU6rc0pQ-82W4MwUxWI69THeqdzS89AdX2a0xQX8lUsnI_kvmLCWW_euKjES6f64I5O60x8eZHWgpAYaXhpjmKDhwtYPHIM-UniCFl0Y9BV5kwmb3X7ePHWURYVk0S1mC0CnfNNergfRfAN9ybTyH56WZ2Ku54EJIkRvaktNYbM17WhJYTFqwzQ-QGb_JD_JvoOm5YnphZqqc7dZAWNXkPwZwZmVO4Ln5drTVqGXaLNvK4Pn7Fk8I4bO_M_w0KLEAFB9WQx3kb7C8InJHKXO3YhOR_UxP3vpI5xEVr5Kicw3ejUyA8ciOqLxYN1dF3-zpBdi-TowwyYC5WHabqEkPnuS7EyHKTStm8CyuIWvZ9Qp2G4bvVN9vrVeKi9qxO6PjGLzarr4bmmfwROwenQu2KUwryqCKJCJjoCxs5i2oqQghwHg_XFrXGhbijtX1hq7YRwCje4vTM58yYFq7eHwWEc7FwbX1FoJFofLw20jhcO9PNSg10D_W0nlWlcRHvN6Ep_Js3n1KYBQEJ7SgJOSszOj8fKiW7CAH6TDIuJPPGxzZJ0TOwUb-HpLYO7DxjA9MX4TrNj2z1j9KZ0beVdENkyl2UI822xJ-M6foDAW5HfYiOOv6kSSuBllW6Aw8zs6R325UsfX8ltx9oCb7Y6i6WDQJYsVSbbrd_IwtZvtTim6MeqQ_wWi4Of6lbAjtBfkkHeaDGXYYxEw1feQsRZXGd4RH9uAQ8Yo8ri9QPyZWChLJC9gmi8Y0RYvjvWsSxPRQGRJSFEc4dAiVfNTdGcqL0lBcsQX-u72NGbWK35796yEgmZepZVyaj12Pu97tu5cSV3MHim5xLmR7XoB_ZBoNuSLUGnR8X0lZ2WVW45tro_IeuEG9yv_TUQrAsckwcdr94JBI-xgkVCCQdj3pKPJG7qAxriirV1Ub0_3eu89nzVtFfzsc5ugdiTDzxxxGpd-dASHwmriv2_gkhwsFvj4OQCrBuCatNEe0qrSACTs_NiRC7DnLDOq5C6jDynhW085Nm-YCB8TyWUIZRGR1OtCbZv92HzLI-KS4wDDveo2jKpI6f5vzsEjDfXii16Gccs7XeqUTzFrE9-dKKwK3xizn3VKVQBUELRBJ7-13chVpxShsx3RoklHpFyzetIrUAHgU0dZUtk-vWWgLrOx8UnG4iAkpAk9jmbVA81FYqWes83Eh5C9-L09Pwnnk-mAJHH_JNuHC3_DU7FPoRPlIg3CVrUfVeWYKrgR5Is1vxJq3ENErKLxQ8T597ExFE3OTX9YNSwCTyJxoFdflk6gC8H-vW28Rx7hHbMEc4BAC-8lf_QXYW6zoESXCTCVIIZmUbxA4uyr2vGjiEykfj49rdBo6EXug_qe5BcTEBTyVCXG3L6jSMpbudEYHVAGIo6JeH-EjdguAFO8ULvshRGgpxnSy_aKWApVe9Msqa9Iys4CBGXTtziuxCWHtdHdCfg3OmoNxtHC3Qg_kZ2sBs-CmRq5FDuT2VLWGAuTJtT9GwX0rzLwrzMPA7ziOX2xI_KXDFNTOfIOzxL7Gj44VGnGK6B3PMMhoVRbSud4RQ0rzH8ZlWJgvGQokPUwFI4D02EmHA0MJa_tZOzFvjJ8AxGo5rmu04ylXdWUesbxoqoxIZzZe9jXPsDbnAmzFkGLIw9mDOFWV9c4vpb2KD_JqUG179_38lj2aOqfw0HDcqI-1YBgt5vBbIfZDGoex0D-yhIuti64XSfxVXwfWuJmX3uUBszf9V5gVskrqpZwbIQUHiVp6B_84jz9Gs33TmA0yMi9IqwrwizW1WU2a2z_aWUgmhSAssEiX7SDdI2ErIe1G1gzITpP3Hnjjk3RBsdBycdLFEaBqMV3R9ny5ROJL4IpDuwXw9bDTN9ecWcBA-ZfMBzuvJF3-6gRp19574BUQZhi-aOGhdNa3czjgtPJGr3iHtXjPMVvuNsCZ14rraxF3iFnJ4lmRlEkKqXP_X20T-0JP5gg_k-3L0FzbQpSrFcdAOuLAuXqEc_Bopd76JZgLS6cEBh8GADOifLna66cFQF_Q2xLSOghYGvHFfF2QRxhPl4gx-Y9sophY-xpvFoRx4ytwHov2UxWcyejrjx8CkmcskKzcLV_Aqu63XlXoDGdlkOiqnPBYRxLfLp840Cfns8lRGCh_nGHSP6fhCKOdnTM1kUwaHfSpZ4RlSf6ZyS_RQPCF2ZLIHpHdx92xrcN8WxpTelC71-t8eflRNRHhkP7ABKNMiHx4iDysFcAJebGYIp250X1vOiEP7X559G2iObbBG3_3qEewoRO6_lENi9t2xmBepu2QmEm6n_6IxdaSTLSgPJ_GBsW43K57nJ4raqpvR73biCENWxlb-D100qJqATCRA8Fy6RqqAgGnWb_z72xLmm36FwhugUIrVvevigulFr5Ngzo0BcZfE1DCpk7sIama_k5Yte-6cSooB6JWmfQNfTXU8es3hQFiG-cv8H3A&cid=CAQSOwBygQiDvEo3X0qqiZeqHZjRPcmx0OgXpQ2dmdGGyXdmpsctNtsamd9Bevx8doQg3UybmmpwvzbH9P6BGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10310541982910760000&adk=212707235&idt=249&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 14:18:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 1FD9 29 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 16:58:29 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1AF7 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u8_zig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame 53C3
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224181/xbbe/creative/adj?p=APEucNVrat-oZC2pbygOkMhuF-j3a6LRBYVFpEOlH3COZbeGa-IrCnw&d=CokBAKAmf-BXwkSUWHUwmEUAm1NRpAVeehMw8gLLLMnU6P1MxzFIpihiJ9uenpk...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
2 KB

9ms
9ms

Script
application/javascript

2600:9000:223f:8600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2600:9000:223f:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
date: Fri, 26 May 2023 01:03:14 GMT
x-amz-cf-pop: FRA56-P5
age: 395551
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: dXAUd_qi89_IgAhvBcFbUAabYf7U6Ur8YVwCI0Vz7dJwzd8ytFGUmQ==

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: nginx
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3407 91 KB
23 KB 48ms
8ms Script
application/javascript 2600:9000:223f:8600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21604782
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: KzzFMZqN74P_fS4cL1KIiJofT5_0ZOtalxsE2TL1skox1Vike6QJKQ==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECD2 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3310403405578&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECD2 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3310403405578&version=m202301230201&ct=76&x=8&cor=5950535954152209000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ECD2 17 KB
12 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAaMUaUBu-WO8Z_kqbLY38daF5HYJtb1w3M2gI-tPbPO5imrApLD-5u8PQb7h3SodiqsNd41NPEhWA1vt9ex2N_XtPJrlEnaeefEdIXI-PlgsoaHGjWBZEFrdYsD-6wMxkJLR8o2cKJJ-Bnk8dLRKU-6EHZbIGk1t-P_CkOi3MzEVWsEg&cry=1&dbm_d=AKAmf-AeygT8ZcM9gOGuppu6OPXKYewfKnqy7gyq4XzxjgJVitfGrKTV9Pu_lJ4mWgIUHAy0dEHi3Oc7ZUML7gzUHNWKUJhoVNon_FT5-4NBsWFPYy1y-T8oRaaCx2AklJmxbAmRVTi7o39cE_W9MXZtbgR54jl1ESH5r2D45bJA4M2Yn62y2lmVY-8WbVYVPEixzmS0kykjJZyXBNbZqH8ZhowVu64TRj94Mdp_ngJYtlvpsumxjvmgGiu097RdIjjdaOysAo6f4B4GhvxhETe-MfH4Tql1u2vU7Vx3LJSNnKPBZNTCbVYo2UHBxUSO05MHATeUb8j_-iaF5WRlkiQ21kdX615A9bLsnyClyMW_PD8yCpexWVy8xHNznpgvm9LTVHIbuctxnFl91qcYMJWIMImYwjLNVn6rxHfndUE_nWUZDlaq7Mw_yVEQDGciPIiZ51ki4Vc-kSxhm8_4a7v24cZMYWm5egm2J1vRSZMkXxU6Y-UQACzJZiBLixRvEDhkhwbKvbwyD58MaA-KMnNlKVgRrRF2F9E2fGWpLmHpTe17USxGmLxhIy_cC_hlDEOz8b_Mkp-Rh48zfwFWmkUI-9hNWGTaP_kbFQeGhyZx67hjP93LJtvucqRzef_w42Iu6np-IehXF1rdUQkXBNAnHfpxnHGIIQGbvbcwzBT56i57JtGnGezJzVPCu-kD1tMhYMgWRzxM7zuTbdiaGuCR7uPtsvVU1BtRvic3i5JLXxvtLSjdOrZCoXMaRpTsjNppJgQZFL705x0Ek5L2sVenZlEaph0uWdtnd_zJ6lMXfpk0QeDuVe8H2qw7TBhjF3Dv6V1E2c9zOxGFYriQvCvrF9lAveC7rcoXVyPcE0ZdU0ISUTPZ56JchqnYyhEsyuW2e65qmXq4sPK6a3XufOdqs2DTgdB3PGRHQQOTj4LVkmLV5-4u_NUdq8ESGsL4rE62RjR9i06yy9B8q0bG6W3vh79_O1ynquT4lD2EYjqOuhIqDhJuqP6fb3q_Dw2eOSNHSe2_DJ4gqYxCHqY3TBdYrKOwAGQTUN7kf7FdrAijreebHsvemWeWA0eqhjj-gbYJ80SccvWBEh_c-G-zgH_YJ1nUMhc-y1wIJxw1qOGRZbAiGVflpyquce_gyJhyeVeMs6ncaeNsQD7eN-Q3cvI9u0Yp83dibmZEvbEMoHoHylIB9eLRzlcpDqrTnQ6kTUsxwSdIXvs06oiAejWpBkkkulSXIShnMl8CNKqLOEVftpay_O-q2gq08_l1fPsr7nrwxG9EsV9CGFa38D-baod9ciGLhlAlx1nF7U6y419Y60eKX7EwWrkySTGqtwE83-iuRmQ0UL9EoyhPOLTPi--dggsbh6SzMvIJSysXOy5nwFKD__OwBX-9UTIZjrPiJWwfnSbEzmj4vMIldV0Vxq173Ac6L-RO-RL6m0Dpc_VCrSvTM6cz8qAm05RhOKzBb_fP6IvGoxI08AqsplGcW4ZXci5USw13ARRhAYUZPcEad_Q5AZTKuxdi-uqShYUux84lRZJIn0-4lSudVrn5xEaXw7qK9ycP3LM7lFRBa66nc443A7y-1QvaMrgDNkhxe2-Hh5gka0wHCwNLVxBD4e2255Hzi61qtpUALmShA2Mo4nVVZJbPThjueBc2J3lIfOQ4APeNqKcXSZKOgr4J2eAIg6uZCP75T-W0lzlRbqjlenFcxQ8lg9gsCZruIvKapendzzF5-6_WICBdV8HsJAmzO-LNEI9u_qUbtXFVvIfXJniKuc5yKC2rW88WoElTz10TiTWJhq0x4VNgWStEkQapxKYQhHETCLAxMACUoulXIg8dg3gIlT7THkaKFu5zQfDN4xHZmitQX9dkZYxlQdywdhxpWr2dfkKLh7qJI6-aNWYQcGvp8eG1BTpTGwlZmKm_skO0_EIViJ7nouE_20pZJYN1k8KqCvfL9LHodkkkCqrt1WlIzYWETVnEyV9K3z1-Wxjiw2xv9L2wBlsVXVqv6qG1QwUp-Fq5RRTtUqOGsVmvTG0wQZKUkJo0qr6zkTe7V1aPp70nYgTq4mVlksBoE46TBiQKiFSGoExDzVvQwKuNh1J0Ba29izGICPUmlb-IM2bGgB7C9J8a7t5568HesBouQDIqokvFzmPo2ZYdaNJ58y9P5ba3ktgeAocp7Cs1GYs9z73Ok24xJfq2udlyNyfq1dI1vsfEHkpBSnRc5h6XBopXryIcqlqqgefcxiJSvvQDvbVN8LDaaWAB57jX9SvCtT_REUEVFi65IQ4PsrCXcEV95OLNyCEMT7l__iXpV5jUAVNUaTt6nJTecY6ebc-nQuIhToARJUViYopIzKiSd1AUrwmzyoudZtElTm5Gsw497Uc_A01xNfdpPXkgi1LCHK1kCVX_U_L_-p_hSW1Bx8b3lmYkEa2pveNaKar_EBQGazjPe3V51l1VnYylBSkRWKLLn4lQf1o83rACIUVJ-6W1b4vSZ7seRUUZQ-M4AuObiKAVruUYmHKWL58q6BhDPXBElIxvb8Wr20hBu_-1t0iBprN0elu1EPRwF1iLeIlHupfi6waD7i4kZpjjMGxj1_gCQpBLmJiTMY0Cuga1BH3yz6Hx0r6nT4umrSxLv5H4qvBcOkX3wS37GlrpVDZr3qBdpZiBLJmFJITLKXcLn63qyHuCkGwyAt16yea-29Lmz9RoOGRq493GMkF5aI9D1bcZVdd_98Y11G-VOkbz-7ZALhfhp6lg44fukqiNOuRR95QDmqTrr0zgSdlsbWbAinlg5M8uSPMMMGRwn4ddIIBvt-0rAksuehu_HmnyFyicflqiYhTUlM1cyPjFBSPTRuMDT3QSp5muAFFLrd0tnJsLVW3FQey1f-1RsGoE0sj5-B61&pr=8%3A754EC9420F05CF6F&cid=CAQSMgBygQiDpvcygkeklZy4BbAFN39Zq74itPxwDEVd3mpwD4x7e_Ab0zDBJkRKi7otO-ydGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=5950535954152209000&adk=667499503&idt=165&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee05842d4ba6fa14f7579af653d3f7667852e36b3aea352fd2de821cc73f727d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12331
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 53C3 43 B
216 B 361ms
121ms Image
image/gif 2600:1f18:1aca:4281:ac44:4026:62a9:ef97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d5e567f4-b4b6-4e70-eb5d-4c6fd5450b13&tv=%7Bc:e1vyTe,pingTime:-3,time:70,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFFm1Rw+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C118%7C1191%7C11a1%7C11b%7C11c%7C11d*.1352960-70224181%7C11d1%7C11e1,idMap:11d*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&br=c
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:ac44:4026:62a9:ef97 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 53C3 43 B
216 B 343ms
107ms Image
image/gif 2600:1f18:1aca:4281:ac44:4026:62a9:ef97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d5e567f4-b4b6-4e70-eb5d-4c6fd5450b13&tv=%7Bc:e1vyTg,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFFm1Rw+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C118%7C1191%7C11a1%7C11b%7C11c%7C11d*.1352960-70224181%7C11d1%7C11e1,idMap:11d*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:ac44:4026:62a9:ef97 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame B9B1 57 KB
19 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba11

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=QN94gh&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0h6Z7K0Cj6F-TDsLrc3olzv&DVP_DBM_1=1861733&DVP_DBM_2=26833064&DVP_DBM_3=16280343071&DVP_DBM_4=327231027&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43561248725&turl=https://ye-mek.net/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 16:55:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H2 200 syncframe
gum.criteo.com/ Frame 748D 15 KB
0 51ms
16ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 383357
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 53FD 93 KB
30 KB 59ms
25ms XHR
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 30 May 2023 16:55:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 53C3 43 B
217 B 307ms
106ms Image
image/gif 2600:1f18:1aca:4281:ac44:4026:62a9:ef97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d5e567f4-b4b6-4e70-eb5d-4c6fd5450b13&tv=%7Bc:e1vyTS,pingTime:-2,time:110,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:617,beZ:618,mfA:621,cmA:622,inA:622,inZ:626,prA:627,prZ:635,si:642,poA:644,poZ:670,cmZ:670,mfZ:670,loA:689,loZ:692,ltA:727,ltZ:727%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFFm1Rw+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C118%7C1191%7C11a1%7C11b%7C11c%7C11d*.1352960-70224181%7C11d1%7C11e1,idMap:11d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:25,sinceFw:83,readyFired:false%7D&br=c
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:ac44:4026:62a9:ef97 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 16:55:58 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E7D5 22 KB
0 57ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 506167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:19:51 GMT
expires: Wed, 22 May 2024 20:19:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 337A 22 KB
0 41ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 506167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:19:51 GMT
expires: Wed, 22 May 2024 20:19:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E8E7 3 KB
4 KB 90ms
32ms Image
image/png 2606:4700:20::681a:61b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545
x-guploader-uploadid: ADPycdt4hPae30Q8PARFco60WFsnLOAC2KOe6gON_5N4Z5xxLjxxZqo1O3TlK5d80Q--v5Vpvv088IUd__vsMHtfSPFe-6Cwr_05
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8pqXJp%2FjPfrFXA33d20UX3CPW5RjR4QAnPtwpnpLPoy%2FseKYvv8PvDoFEGlGV4KAqkKTvzEBxxKUVI%2BQJ0IWWBOlgHi%2B0y2PKyatTcS6cGQ3YxVeHQYUeZ4XT7RZA5Pv4vXQOKFY1o03VhPpmClL%2Fm0"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7cf0449e3ab3dc2d-LHR
expires: Mon, 29 May 2023 17:08:22 GMT

GET
H3 200 integrator.js
adservice.google.de/adsid/ Frame 5082 107 B
0 47ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET integrator.js
adservice.google.com/adsid/ Frame 5082 0
0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 353A 0
0 244ms
243ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659805833&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358015&bpp=3&bdt=451&idt=341&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=5812767722331&frm=8&ife=1&pv=2&ga_vid=1552239155.1685379358&ga_sid=1685379358&ga_hid=772957013&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31071756%2C44788442%2C44790154&oid=2&pvsid=3898876265501106&tmod=1826080285&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.gbe39u2gwzz6&fsb=1&dtd=367

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js
rtb0.doubleverify.com/ Frame B9B1 680 B
0 140ms
39ms Script
text/javascript 130.211.44.5

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_166255289435&jsTagObjCallback=__tagObject_callback_166255289435&num=6&ctx=14526021&cmp=145089&plc=QN94gh&sid=45f3d18e47f96c&advid=&adsrv=&unit=970x250&isdvvid=&uid=166255289435&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.90&dvpx_strhd=0.90&brid=3&brver=113&bridua=3&dup=null&turl=https://ye-mek.net/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0h6Z7K0Cj6F-TDsLrc3olzv&DVP_DBM_1=1861733&DVP_DBM_2=26833064&DVP_DBM_3=16280343071&DVP_DBM_4=327231027&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43561248725&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=1&m1=13&noc=4&fcifrms=1&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauJ6%5C%3E6%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA4%3D%402%3C%5D3%3D%403%5D4%40C6%5DH%3A%3F5%40HD%5D%3F6ETar9EEADTbpTauTauJ6%5C%3E6%3C%5D%3F6ETar9EEADTbpTauTau4b5%60c4e27746_2d_5g76e2_35d7%60737a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauJ6%5C%3E6%3C%5D%3F6ETau&dvp_exetime=18.30&callbackName=__verify_callback_166255289435
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 16:55:58 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 05/28/2023 16:55:58

GET ads
googleads.g.doubleclick.net/pagead/ Frame 4A36 0
0

GET
H3 200 integrator.js
adservice.google.de/adsid/ Frame 0225 107 B
0 55ms
54ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET integrator.js
adservice.google.com/adsid/ Frame 0225 0
0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame CAC6 0
0 252ms
252ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659786642&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358054&bpp=5&bdt=436&idt=387&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=2160657135037&frm=8&ife=1&pv=2&ga_vid=1984505561.1685379358&ga_sid=1685379358&ga_hid=1523132542&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=1100520840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071756%2C44788442%2C44789779%2C44792013&oid=2&pvsid=801645483293196&tmod=852172452&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ktfzjmq1tbiq&fsb=1&dtd=409

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 16:55:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 53C3 10 KB
10 KB 8ms
8ms Image
image/png 2600:9000:223f:8600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Wed, 24 May 2023 01:55:13 GMT
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 486046
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: F8VXbOeLdHvjKKyBLTp7fqPu5fjk8P_56ENzFDLWgOMA8lWs68WI-A==

GET
H3 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1FD9 41 KB
0 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F801 1 KB
0 40ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Tue, 30 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1FD9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 508d627d6f5646a4fd56f978bd74635be426d4a0828554827ae8df32221cfc5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html
ad4m.at/ Frame C916 2 KB
0 30ms
29ms Document
text/html 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 759280
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7cf0449ef83524d8-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 29 May 2023 16:55:58 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRD2H%2Fr7TYeaN%2FTuNSlQf%2FbegVEe9SZQzEQ%2BTso8Kh27fgAqj0muUaqu%2FX7QWNxnEyTdYiJ2anGoR0voG0X0FWD4%2Fio87B1%2FfvP2%2FG7789ohJSJc2vaA8UjdBnVAIdsIySV%2BdNE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ECD2 41 KB
0 40ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAaMUaUBu-WO8Z_kqbLY38daF5HYJtb1w3M2gI-tPbPO5imrApLD-5u8PQb7h3SodiqsNd41NPEhWA1vt9ex2N_XtPJrlEnaeefEdIXI-PlgsoaHGjWBZEFrdYsD-6wMxkJLR8o2cKJJ-Bnk8dLRKU-6EHZbIGk1t-P_CkOi3MzEVWsEg&cry=1&dbm_d=AKAmf-AeygT8ZcM9gOGuppu6OPXKYewfKnqy7gyq4XzxjgJVitfGrKTV9Pu_lJ4mWgIUHAy0dEHi3Oc7ZUML7gzUHNWKUJhoVNon_FT5-4NBsWFPYy1y-T8oRaaCx2AklJmxbAmRVTi7o39cE_W9MXZtbgR54jl1ESH5r2D45bJA4M2Yn62y2lmVY-8WbVYVPEixzmS0kykjJZyXBNbZqH8ZhowVu64TRj94Mdp_ngJYtlvpsumxjvmgGiu097RdIjjdaOysAo6f4B4GhvxhETe-MfH4Tql1u2vU7Vx3LJSNnKPBZNTCbVYo2UHBxUSO05MHATeUb8j_-iaF5WRlkiQ21kdX615A9bLsnyClyMW_PD8yCpexWVy8xHNznpgvm9LTVHIbuctxnFl91qcYMJWIMImYwjLNVn6rxHfndUE_nWUZDlaq7Mw_yVEQDGciPIiZ51ki4Vc-kSxhm8_4a7v24cZMYWm5egm2J1vRSZMkXxU6Y-UQACzJZiBLixRvEDhkhwbKvbwyD58MaA-KMnNlKVgRrRF2F9E2fGWpLmHpTe17USxGmLxhIy_cC_hlDEOz8b_Mkp-Rh48zfwFWmkUI-9hNWGTaP_kbFQeGhyZx67hjP93LJtvucqRzef_w42Iu6np-IehXF1rdUQkXBNAnHfpxnHGIIQGbvbcwzBT56i57JtGnGezJzVPCu-kD1tMhYMgWRzxM7zuTbdiaGuCR7uPtsvVU1BtRvic3i5JLXxvtLSjdOrZCoXMaRpTsjNppJgQZFL705x0Ek5L2sVenZlEaph0uWdtnd_zJ6lMXfpk0QeDuVe8H2qw7TBhjF3Dv6V1E2c9zOxGFYriQvCvrF9lAveC7rcoXVyPcE0ZdU0ISUTPZ56JchqnYyhEsyuW2e65qmXq4sPK6a3XufOdqs2DTgdB3PGRHQQOTj4LVkmLV5-4u_NUdq8ESGsL4rE62RjR9i06yy9B8q0bG6W3vh79_O1ynquT4lD2EYjqOuhIqDhJuqP6fb3q_Dw2eOSNHSe2_DJ4gqYxCHqY3TBdYrKOwAGQTUN7kf7FdrAijreebHsvemWeWA0eqhjj-gbYJ80SccvWBEh_c-G-zgH_YJ1nUMhc-y1wIJxw1qOGRZbAiGVflpyquce_gyJhyeVeMs6ncaeNsQD7eN-Q3cvI9u0Yp83dibmZEvbEMoHoHylIB9eLRzlcpDqrTnQ6kTUsxwSdIXvs06oiAejWpBkkkulSXIShnMl8CNKqLOEVftpay_O-q2gq08_l1fPsr7nrwxG9EsV9CGFa38D-baod9ciGLhlAlx1nF7U6y419Y60eKX7EwWrkySTGqtwE83-iuRmQ0UL9EoyhPOLTPi--dggsbh6SzMvIJSysXOy5nwFKD__OwBX-9UTIZjrPiJWwfnSbEzmj4vMIldV0Vxq173Ac6L-RO-RL6m0Dpc_VCrSvTM6cz8qAm05RhOKzBb_fP6IvGoxI08AqsplGcW4ZXci5USw13ARRhAYUZPcEad_Q5AZTKuxdi-uqShYUux84lRZJIn0-4lSudVrn5xEaXw7qK9ycP3LM7lFRBa66nc443A7y-1QvaMrgDNkhxe2-Hh5gka0wHCwNLVxBD4e2255Hzi61qtpUALmShA2Mo4nVVZJbPThjueBc2J3lIfOQ4APeNqKcXSZKOgr4J2eAIg6uZCP75T-W0lzlRbqjlenFcxQ8lg9gsCZruIvKapendzzF5-6_WICBdV8HsJAmzO-LNEI9u_qUbtXFVvIfXJniKuc5yKC2rW88WoElTz10TiTWJhq0x4VNgWStEkQapxKYQhHETCLAxMACUoulXIg8dg3gIlT7THkaKFu5zQfDN4xHZmitQX9dkZYxlQdywdhxpWr2dfkKLh7qJI6-aNWYQcGvp8eG1BTpTGwlZmKm_skO0_EIViJ7nouE_20pZJYN1k8KqCvfL9LHodkkkCqrt1WlIzYWETVnEyV9K3z1-Wxjiw2xv9L2wBlsVXVqv6qG1QwUp-Fq5RRTtUqOGsVmvTG0wQZKUkJo0qr6zkTe7V1aPp70nYgTq4mVlksBoE46TBiQKiFSGoExDzVvQwKuNh1J0Ba29izGICPUmlb-IM2bGgB7C9J8a7t5568HesBouQDIqokvFzmPo2ZYdaNJ58y9P5ba3ktgeAocp7Cs1GYs9z73Ok24xJfq2udlyNyfq1dI1vsfEHkpBSnRc5h6XBopXryIcqlqqgefcxiJSvvQDvbVN8LDaaWAB57jX9SvCtT_REUEVFi65IQ4PsrCXcEV95OLNyCEMT7l__iXpV5jUAVNUaTt6nJTecY6ebc-nQuIhToARJUViYopIzKiSd1AUrwmzyoudZtElTm5Gsw497Uc_A01xNfdpPXkgi1LCHK1kCVX_U_L_-p_hSW1Bx8b3lmYkEa2pveNaKar_EBQGazjPe3V51l1VnYylBSkRWKLLn4lQf1o83rACIUVJ-6W1b4vSZ7seRUUZQ-M4AuObiKAVruUYmHKWL58q6BhDPXBElIxvb8Wr20hBu_-1t0iBprN0elu1EPRwF1iLeIlHupfi6waD7i4kZpjjMGxj1_gCQpBLmJiTMY0Cuga1BH3yz6Hx0r6nT4umrSxLv5H4qvBcOkX3wS37GlrpVDZr3qBdpZiBLJmFJITLKXcLn63qyHuCkGwyAt16yea-29Lmz9RoOGRq493GMkF5aI9D1bcZVdd_98Y11G-VOkbz-7ZALhfhp6lg44fukqiNOuRR95QDmqTrr0zgSdlsbWbAinlg5M8uSPMMMGRwn4ddIIBvt-0rAksuehu_HmnyFyicflqiYhTUlM1cyPjFBSPTRuMDT3QSp5muAFFLrd0tnJsLVW3FQey1f-1RsGoE0sj5-B61&pr=8%3A754EC9420F05CF6F&cid=CAQSMgBygQiDpvcygkeklZy4BbAFN39Zq74itPxwDEVd3mpwD4x7e_Ab0zDBJkRKi7otO-ydGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=5950535954152209000&adk=667499503&idt=165&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET adj
fw.adsafeprotected.com/rfw/bgd/1352960/69587979/xbbe/creative/ Frame ECD2 0
0

GET sca.17.6.2.js
static.adsafeprotected.com/ Frame 66A9 0
0

GET json
gum.criteo.com/sid/ Frame 748D 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 039F 0
0

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B691 0
0 39ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
URL: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Tue, 30 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET view
securepubads.g.doubleclick.net/pcs/ Frame ECD2 0
0

GET
DATA 200
OK truncated
/ Frame 53C3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET dt
dt.adsafeprotected.com/ Frame ECD2 0
0

GET index.html
s0.2mdn.net/sadbundle/9170381621892120779/ Frame 0D40 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1685379356493&src=pbjs

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/cookies/google?google_gid=CAESED7SFvajpxa5aqN423F13zQ&google_cver=1&google_push=ATf1kGMoN-uowVckUtQFTVigC2Z5epgg0X8xe162p6jhZ0aETM8bf2U9IyN1WMcLkO3E4t3cgKDn2Ez8CZPRHvIh1ZA3QgkJ-Mlk

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=3171367898&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358018&bpp=2&bdt=454&idt=398&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5812767722331&frm=8&ife=1&pv=1&ga_vid=1552239155.1685379358&ga_sid=1685379358&ga_hid=772957013&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1956086155&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31071756%2C44788442%2C44790154&oid=2&pvsid=3898876265501106&tmod=1826080285&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.2rhws2hemhe0&fsb=1&dtd=404

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com

Domain: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-CRPAqhf-KSeIwbh1a7LHhaJdR5rtxeuJKcrkr2Zc9KPa9C2jvggygTLYtWCWkB-xXpuRUwrN8717rdlI5X1fPJKHmKFKsrGOOTLCzOhaV67luhoErzoBxQpnG3jP4ztSVl_CHBKRqSDfLy83BlGMdiBEATIOeGvVYvaw93CQiHSewRu1wSuQ4AoCZ_4B_LJJ0yG1szVZrKpQwFEPkDfxUgCNBsu_kKDFAwI-R17nxdO7JAbb5mGUDumV27O-Z_GirJcDe0su6aW1ggDCZEMxcq6bWW-dyhQBSXL1RsZI75hU9ORbnAQf0vJ4A_dHg6uYb_veFXr4cReQlij1LvPGmY38zIIP1MMVFNH2OltxQKCShW-i83vO9QJJfteQg3phQOVqWeVYMf5Vb7M7ZgS-dfUMDEJaAdhUl3KUnrMWn-3uHiuHlKv4V6FDUjhKDdWLyrc9hRGFyByjBM5TaLLBEUsRE4lrBazN-AyutuZp-b05MnmiNv5mjlI5Q00-sKqCBvtUNcOp-BfKbAaukDFajQTFXYYAYK__hwO3BRGRSvsDX7s_UR2SFUJyXf2SZ3S4qs26cRpCrr-dV0er6WfqX5iQ3wgtv3vVi8c7CnEAIofYyQLY9HHWu5tSYO_1SYhNf1PLsgTozlHHWQqEFwH3XyqpFT-7JDse-ouSZtJ9xcNtNqAtQk086-D02ESDl9noUckywyDI0BuKxCNx15bG4YhG6fWc897M-DNr_kiYLG2mNeuzav8FmlJwL84eWEwizuPKoKhTkiwPxOngV3w8OI3fE1XRp7xFvpaMHGEsm6MSerARncxgdN8vNj_J1AhJciXghmfHFpyVm5ynuWPtUSlFCsHaz9EtbWdkPmy90TGD_OWEoXbmto5fnjB1jnbaBawlr21wj3ImK-5XTOtHYS6zFQLa2XJZ9alCzuTks2cXIoDiQOWNdVE-qio6ofebv9CdRJH7wnfWyjqHLsz-Om9mVs5eptec9pYVYUgTH-qu9QKMFaadrpd-RDfhr7CgTUJsUcLNkQkNlK_WMY4vIM_Crf5PQSstRyw_A_jQHoLWNqF12UKGNYcoIlDNSQvDgob5HaM5ZucudfACnk4liX8Y8fkAkk4wNWuf15qzpfOVjoRPq0Ql-oVfCvwy1-0EhSjPliy8NoK-Pva7439uibDwcErF1fHjr2Xu3BBY3XvkaCuHmfj6tceOMLzXIiq2Y2Wt4egeoDSsoWPMDc4XdHtZF6udWs8B74q1ZSFYUw0bcofpyM0teIJ0fguTcnAFI3RSPtplljvjRL48g66AFzTMA-QcRGje_OSjKg1CQjNX48i3NMd0YD3pKk94HRQEmeUnXZ8wUWt7zq_cdTA_IVJ98C18a2QwmVU6ALJ2kbsFKTfKtGyJ3hNbECK1VCaKVpNDF11AyjqlX1CZP6N2ISJYYX3W7NOk7s15NXPLfXXt5ObRbJxxOt1yVhpdrsypslPiTJFL8Z88CrKsr20rmGrAQmHXAHlXDn4d3upK1Q_6sUM6ALbFZ4okbgmiGnpWXC9_3f40-yIIt5KxM_v-D3ED-r15DEKxq5p-JgepqtPpposmN_B6sFHDS8SYhsn05YsdKvtgyYOabaV0OQ1aA2QHt-ifsMJodPfkN2tr5cleuyBcJ1y_uGi3-0sFGhVXpx0oGy__IpzkMK_TclDMOfLdHK1PXRAJHqDNcROxWv0Td7vbR2_oAva1fg7K1l3qpuTF6eoZWHFfqdKpiZlWvZonAwI7OKke6hKCWpwDdGgov_ixA_Pp3qTmvu1EwpyzoZbgj3-qC_2UOxdSCaVPVW78oZ2_sFlddbt7g9fmKqUvb13LndvHBEcpK_WIWWXKg8sONdCH3fySb4Od1FeekYC8hiffTf3SIO5rzmb7SzbW471Un8h-pQ0yPEjHAo30FLld1TusRi-7ywNq6GXR-9-OuNrZYwBK8CSpYi9FkPAGOLMH9wiRnyuJZ-UpJF4_AFndct158RuH393ILWfhcSohJjCBJSl1jdrGBDL96sixYUj1g5Heey08WuILgkmoYzAJcuHkeExUNnNU2fxSHZ7CV5TCbW4CdiD_PcTHZbKjTiXLt7N9qNk85FUtA7QRES_khN4RICIjK3HIyhUDE-BJHyHzTcrfE52L-ZKBUEL06jALHjbH4S954lh72FbpUL1hz_U7J_n-yxTt-sr1pJ3nvVdU1Ymx0roPDYeGk69e0SyPbYtAGTU8ibl2tB4axEaoxRc6WMayy_HjpRJWqs1MiVqJAcmXKPGA2uO6iWXDOGO6iVGc36YxqNKh5SVtiMK2Ch8y9REUHyn1ohmACQig9Vv4iB-kX56zALsTSMIWUz9R-m0iYXYGiGc8FFW2OgJiGcxtFFTsr6opJItreokAl1h89tikrXHYkHyeJwIc5ngz9xU_vgPijlJAfkNBVkDpis5CMS0rFwzBXNBd13Lccx3_lwBZ--Dkh7NKHnw3Rje8SI8Ql_yEbPVRTn0LcmKiZ2-9pZnDa29IsqqFRer7JIEhzj6GdHGUIagycC4Kq7IFFX6V-5nHBVt_pTZo7FBygkPAPeJjrF4FU0azftNqekFa_qW-XHaTsCdDsFan94SOpzxluMHD0e-SR_ilRPryAlOhmOBZp_akbwNawBGjgIBBIyAHKBCIOm9zKCR6SVnLgFsAU3f1mrviK0_HAMRV3eanAPjHt78BvTMMEmREqLui077J0YAWAB&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=13760&ias_chanId=8&ias_placementId=19674771036&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jHCxdzxHJEsQ_m36XsTJ8K&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=bedf&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&adsafe_type=c&adsafe_jsinfo=,id:f5bb48f3-1c64-fbf9-6072-472879d268c8,c:e1vyYH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-76dcc6f68d-kbspv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tFFm1X7+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C11622%7C117%7C118%7C1191%7C1192%7C11a1%7C11a2%7C11b1%7C11b2%7C11c1%7C11d1%7C11d2%7C11d3%7C11e*.1352960-69587979%7C11e1%7C11f,idMap:11e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:63,oid:aefcddee-fe41-11ed-917e-8230e7891bde,v:19.8.415,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Domain: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/sca.17.6.2.js

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=3171362771&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379358059&bpp=1&bdt=441&idt=602&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2160657135037&frm=8&ife=1&pv=1&ga_vid=1984505561.1685379358&ga_sid=1685379358&ga_hid=1523132542&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=1100520840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071756%2C44788442%2C44789779%2C44792013&oid=2&pvsid=801645483293196&tmod=852172452&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vs7zqiiq9lqx&fsb=1&dtd=612

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbK-T9gx_jFYRAVzT7N3T20UuV23dACp_JffjNqr6ceOjT8NTHFw4d7r1XMbfFslgSkssXE7oNUzAkUg2wTjJPY67b_qUZNuL2ZMGLyLWAkDM4_h_7V9f2DV4vNhExdNLudY5cRrRt4_5WSyMYyUOq8b8ZBx6uA8QWJhVVS4k5tI9fiXUA8s89x2iszUvT-1LJqC-B_7rJwpO0Gd2MIYYlgctW_PruYbC_CZGy_HIAZk8MguD_MG62xK_x6CQPwH75DWvei61ZWrDevIN5PWsAwUhJW9iCJ521aCH9HvPdBWaB5ome477c_nAnHoaiY_-H-vqyjFJsyfs1sz_M8Xg&sai=AMfl-YRKSr19QPmOuHbNkGN-CBW1_HT01WPjh23cj7LZRR2u4SMzCe7mnGTHGwnaNwSzPHIw0nWd3t6eV9L8r_yGsTnWdx6rw5U3oM7zXWbWyuyrhn7u9W5HxNQKlDivHQ&sig=Cg0ArKJSzJ7LVDb4J5DLEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f5bb48f3-1c64-fbf9-6072-472879d268c8&tv=%7Bc:e1vz1k,pingTime:-3,time:225,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:225,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B217~0%5D,as:%5B217~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFFm1X7+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C11622%7C117%7C118%7C1191%7C1192%7C11a1%7C11a2%7C11b1%7C11b2%7C11c1%7C11d1%7C11d2%7C11d3%7C11e*.1352960-69587979%7C11e1%7C11f,idMap:11e*,rmeas:1,rend:0,renddet:IMG.us,siq:64%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f5bb48f3-1c64-fbf9-6072-472879d268c8&tv=%7Bc:e1vz1m,pingTime:-6,time:227,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:227,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B218~0%5D,as:%5B218~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFFm1X7+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C11622%7C117%7C118%7C1191%7C1192%7C11a1%7C11a2%7C11b1%7C11b2%7C11c1%7C11d1%7C11d2%7C11d3%7C11e*.1352960-69587979%7C11e1%7C11f,idMap:11e*,rmeas:1,rend:0,renddet:IMG.us,siq:64%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=tSCNG8jTrF&t=1&renderingType=2&ev=01_250

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 12:09:40	Name: test_cookie Value: CheckForPermission
.rubiconproject.com/	1970-01-20 20:55:15	Name: khaos Value: LI93CQGG-18-4J31
.rubiconproject.com/	1970-01-20 20:55:15	Name: audit Value: 1\|SDziDG3X/EjV8uVLVOlZNz5APvdogVCbaTd6KyMQnau+SmvwaNDOnnZdY8q6PTwbDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-51c60ec002340f16 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://hb.emxdgt.com/?t=1500&ts=1685379356493&src=pbjs Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685379356211&bpp=4&bdt=729&idt=317&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=3600406478333&frm=24&ife=1&pv=2&ga_vid=1790324415.1685379356&ga_sid=1685379356&ga_hid=1243564568&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44788442%2C44792646&oid=2&pvsid=2342975364104955&tmod=1258882640&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.3esyinmw544i&fsb=1&dtd=334 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1h7x3tmfgeqq81h17sfwyk7m8rbycyp1aqh12f6hdasdj0djxkk6me0q32e9cxfedsbvxzyde7pfjj1b3yynt6yz0kwd613btaqtz4g78sd8n4e68f9b6910ankh4knfp2ms5qpkmyx455p1ca0jazypwcs60n2ehz0xcfxa4mckj9k92cn3ww790msep1ta6mhmqcvdxr0qsv5zmza53wz7978z6bbq5mbwxt65nj8kp9r6k322gqwjaqtb7x7k86r48qgn5rmrccg2xvgh079241ncwvzmwachfpgsrvd2axc5ebv1d1w0ky1g41b34zb6g14ng799n884kvgyhwf4btcskccgk4x77an3y8gqk0z319qy00gp6979hw8mx54rac4q63w6metnpe9gd4xstpycv8kepazfa3v04326r876ehfy62wyepf9xajnwjs8kv72&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKmocHdl0ZIaLG4bitwfpzLuIBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApaduozx97E-qAMByAMCqgTVAU_QRz_UVU6YhuOng5asQosAtMTe-rN21NYaLRnqMHKv3NU2L7Mld2bF25uEveZAyiKLo9dvtBAVWClDs_KFCu4W_HoqJW-ghietSZRTsjqerxGKgsZC5Ld7EqHP8fM861fOuPlmD7dAp4EqWhYBgiTdcfVzRa7YlmFmwTiqiXdQWp90vgXItNBBZk_fTUtAwbPU6weyhqy0YBP2Wi9IYL2J3gEzCAqmznJ0u0d6NJP48l46q2Ze1M7ggLdTwrxDyp9mE375HHqqGcIK4OFP4606u3Hk64AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3bcXPDUhbyo0n9wQEbYBtU8XX7Cw%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax.amazon-adsystem.com
ad.yieldlab.net
ad4m.at
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ap.lijit.com
as.ad4m.at
beacon-ams3.rubiconproject.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
c3d14c6affce0a50d8fe6a0bd5f1fbf2.safeframe.googlesyndication.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.ye-mek.net
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
feed.pghub.io
fw.adsafeprotected.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
images.dmca.com
imasdk.googleapis.com
mp.4dex.io
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
rtb0.doubleverify.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
static.virgul.com
tpc.googlesyndication.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ye-mek.net
adservice.google.com
d5p.de17a.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
130.211.44.5
142.250.186.34
151.139.128.10
178.250.1.9
18.195.80.95
185.64.189.112
185.7.176.222
185.7.176.223
185.80.39.216
20.60.220.36
23.209.234.32
23.35.229.56
2600:1901:0:76b9::
2600:1f18:1aca:4281:ac44:4026:62a9:ef97
2600:9000:223f:8600:8:48e:53c0:93a1
2602:803:c003:200::31
2602:803:c003:200::37
2606:4700:20::681a:61b
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700::6812:372
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2008
2a00:1450:4001:806::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:26f0:6c00::210:ba11
2a02:6ea0:c700::10
2a02:fa8:8806:20::2040
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42::485
2a05:d018:d29:3602:d660:350f:5ea6:8858
3.124.42.161
34.102.243.38
35.241.45.217
37.157.6.241
37.157.6.242
37.252.173.215
51.89.9.251
52.222.208.154
52.222.253.136
52.50.83.81
63.251.14.60
77.245.159.14
85.111.6.48
94.138.206.83
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e9ceb91d310a8a3c6566b7fd1dd67cf812b47aadfa7e39e82a519b49e8277d
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02242d4f155564e1ebe14a1f8a40554087a4f0e40eb16b33471d334fb553b2cd
02aadefee382da56c324b7d20b37a3442871c5ba884280c4d1e999060c686a87
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c8597eb33ce87bcd380caf9216cbd93cd732d53c33e8010a2c462069ec7ae85
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
146ff2704eeb1b44f9c0bc0100b45f99bde389b520a2f1ea1d3a09e7398e3176
1620dfc736899f25202455ccbdbf70833c5534de0d972d5affda94ac458bd88f
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1b03fd3fa3f31290953a4de0da547b6f833489691c8f447fa19019095a60c8a6
1c70b2e784cf403ad66bba90f929d9f37269d99a9e79c285f993cecef58ebcc1
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20fccb0490daa3b838d6385f0db1d858ed9b3ec52f2aa8b2773bbbb70bb2476c
21b9d0b18ea32cc8ee1da6224d976f29896e40306351bb471cfd60ce9e17e6aa
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
23d58172a13a810fa151cb35f5f0bee205d2294327be9d8b7172553719cf3e66
25384b36677ec71b3678443817eb7d4876fdeb68a889bdd6ea15a16864f00308
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
353692ea41493ab1cf0ce7a126b05cb69937241143d9d359e4ea7afcd43a9632
3785a64ea212b675fabed56a2d69b001dde3a875471a6bb395493bc2321103d8
37b2373f09a41cdc3dda6caab55d05159fab0c3aeb11cbc6f13888e92c087ea4
3a55a81ee41fb052562bfb3751492caf7ce85c5c029a7a7b03fa55797707b85a
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45414429e2717d3503ff3c19b24c8559d615d0e3b1973722afc5e71de34cf94f
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492adf8c1a07f8a94b648c30ff706dea04aa46438beddc72b9de798656796260
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7d8df9fa70501dc1a1195b0c5511d140ccdd40988a4bd2bdcde13f498c26eb
4d0a27543c9a3893f798b3892a5dd46b9e15b69417b23229049df5f49caacb6e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508d627d6f5646a4fd56f978bd74635be426d4a0828554827ae8df32221cfc5c
52e4ef7a6185c0be960e4d73e85a4694f582a1c32d5d379d1c2fd02093b153bc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84
5912818a6cbf7dd28046251c26630e960975ee5cf7f18865a8524e0d40e8a558
592b6041dc50712e6562fd725a58a3aefd7f81327fae077be170fd00a9573601
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637bf6412d5c06ecf344715cb995ce75c7087dc4277c7ac9f47aafa29a3dc865
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
680026f318b1fd16bc8e7b24ba4e32073bc98978f5bd67f19c1b30019a6decf0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75bc511de07a9cc8d5a183cec87c2297db7970f013cc2e22ad2201e95634e293
78070c6d1eba7c2954e61212ceae1eddfbef773ea1da4e75bdf73bed138dd9aa
78da9db43c13878a83c2add982d64622874181fd479875d2ab4c4be7cff84fe5
79b38a235f327e607a6f59ab735cd78b4105a2e4164e2dd3f2c0415331e2d301
7b73aebaf7b805bbda6868ef315fa129c8a16ba4fd7d68dd9ab666ca5eca8049
7db39f0b9931b338e9cd0eabeef7fd618ace0e5bc5990061ce13a0a2ed8e8a0a
7de327885eb13552b4d8343d92108ecd9f34c139b358c2e2e4573227be944949
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
81edaeb1fa8ee92d6ff74b25c17ee3c4281188958a1e5506ccb8fca25469a639
8295ac4442becb97fa4d1acff351ac7f980d122907a3a886f89c033001cdbcd6
84d6f7027b6051c52cc116d010413c5975e6962debe802c6860a3d003fd2e424
84e751f2dc953e626ba17dbd4aa9f4ba4a62ed2239bbb48b4e2d485b4b3a9ec6
8717b6f058897e2211c83c7169f852ebc0e4e6e0b8911d4999168052eb307be8
876bdc822487b7f9a4a6387822d361c6d53d2f23583f938735c31cb6233f945b
895b747078615b23f6386c387ff4bafdc3a6c17676228fac66485d250ab87584
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
92f05f1a58fbb3fe0bf42fe1389ebcc863f2db3341c76951bcb365c813b83452
97c16ec0dcc4392637209277a53947e885ba5fbedd40a63be7448e8e00d5a4b1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ea145aa4baea99e348fcc09075af4bd78ff800cc053ccae693dd882d59c8d87
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00edad84346277b96b653b811514443abc1d1b477e7816a13d7f56b4753212a
a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23e962dcd1332cdef1b7b483843503c551c2b0c7989c15f6a3bd8b022ed5d0c
a2bd03a89a32099068ca9ca2a7f6a61ed04029d3f196d8ab9285d32de87a07f7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a620a71c44dfc26dc854e6dc221501c89ad63b7ad2e51bc06a3462bb62b512ae
a6da92fdbad2cbf7335e0189ffd8740e2d1b2bcee9542681b0049eff590536e3
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a7fe9caf3097b900fe4584c14eac69d82dcf3bccf9f53de5513dacc0b0c7e1d9
a824750b0b4c00060ba43dd544a11c953f3b13afa875d59082f8d50cc8a7d65e
a829afb793084ba036e062f62df25c19a246b6c08d59bfa24811ea9ec26b415b
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
acffece7892896faf2569dbdd15d0bedb4c09ac1f768697e83e3e6c85b07d7a6
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af7aa482d5c655acc59599f546343c71176f6a1fc8dcf58c4ee376e1616383df
b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245
b0fe92dc4ea02d09ee56e4b0e11f8618bb8310fc351cfaccdebfd25a9ea0884c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e95b2b1338e35cff9c68b8f62453fb3bc2bc74509dce3efe81d9ee0e615eb5
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bf375cc0cc38dc98d44b40d5807b4397acd75834c3b177e73d9f98a207e2edc4
bfc70fd67c3338f3f99e2c456e9143d56107b41d28dd6a29a841659cc60035bf
c09ef099dc07be358e7c594faa33ca344541380a094d0631060d5ed73792bb36
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c733e611ba1965b9caeedef9c8c580e149ed49ec27ffa58ad80a0dcb221374aa
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c7c25c3154b5fcf28395bb05b37919d613ac143cef9cda49322bd94f7b2982a4
c95864adde9fe8a23911034d261ca90d154b87611afb584416b2b317c1357813
cb52111dd9f956e7d4e7aedafd0bb0f1785509e9d242eb245a82f1a165e6462a
cd7d0bed50537d1011409512bec30d5b089520aa2669c4dd7dac714dfa8446a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d231cd7bf6c1228a6d8ab331f27c19403dbfc0f6636eb5f3e4abdd08ef6ddd1e
d316f80c6850b5b55e54c8a06e05522bd1b39bf41953008d3103c0e40be03f5e
d3345e17444e219afe479e1ce068c14dc111fedebd1ec1b20cc561fb452a4173
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d8d4f9aff01bf57bd9730e2a7dfded16812b7eed6e11e7c7fcdcd18aa62dd610
d98024e61787e1bdd709f051b35af56fad581b55527b74b00717435db4489828
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dcb2c317157400911fb255504ec406ba65fc4f4fc4f4e01658f7fb88f01844c6
de3d06ba46d343d5ce946e6fab1c0a1030669f7bafad177fdcd182b6e881fa08
dfedc75cfe7b945bb38c0d7c7aa2c2e0cbbb53be3b787c051cb1efc06cb32fb9
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e37db6d8f45ac721b8a5e4cc5367e23398c0a717118648ecb39ce936fdd1b459
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c870caeff593f3247187fe97c6888a3bd2c9a67ef4cf1d666b43665952a430
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb748b22199592ebf4ec606d4b836f3983d3dfa493da0d2a09d8da5b73270bd9
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee05842d4ba6fa14f7579af653d3f7667852e36b3aea352fd2de821cc73f727d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4bc78b187394a0a715384f75a57b3c2ee21240990a3412a4879ff0559bd1b4
ef7bc11180ede3049e699a3348a1eb8e1df6ed61c574e54ac95dbdf793995478
f3764f6186780697673ae9c1332e51fa903537d5b879f963ee6efc1fb75261de
f666b91a4bc5812fc2c44fe158c217dc88ffcdfa34b7dbb94028b382093c6d42
f9b00efa272f04561d93ec35d1c255090fa1e77d2b9c7d08b2ed1bea585dbb90
fadeb214cd5b14873918e6c90edabcb815e39a2fb90936a36c7b9b229819db90

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

273 Requests

88 %HTTPS

55 %IPv6

43 Domains

66 Subdomains

57 IPs

7 Countries

3496 kBTransfer

9277 kBSize

3 Cookies

0 Outgoing links

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

88 %
HTTPS

55 %
IPv6

43
Domains

66
Subdomains

57
IPs

7
Countries

3496 kB
Transfer

9277 kB
Size

3
Cookies

273 HTTP transactions
6 data transactions