pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On June 11 via api (June 11th 2023, 11:35:55 pm UTC) from TR — Scanned from DE

Summary HTTP 356 Redirects Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 46 domains to perform 356 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
3	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2.19.224.115 2.19.224.115	16625 (AKAMAI-AS) (AKAMAI-AS)
18	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
72	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.110.17 18.66.110.17	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	52.57.24.240 52.57.24.240	16509 (AMAZON-02) (AMAZON-02)
5	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
3	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
2 5	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::2 2a02:2638:d::2	() ()
1 2	2a02:2638:d::d 2a02:2638:d::d	() ()
1 4	52.209.23.15 52.209.23.15	() ()
1	178.250.7.13 178.250.7.13	() ()
7 18	142.250.185.162 142.250.185.162	() ()
2 4	185.80.39.216 185.80.39.216	() ()
2	35.244.159.8 35.244.159.8	() ()
2	2.16.97.41 2.16.97.41	() ()
2 3	185.94.180.125 185.94.180.125	() ()
2 2	3.71.149.231 3.71.149.231	() ()
2	185.86.139.94 185.86.139.94	() ()
5	2600:9000:223... 2600:9000:223f:9600:8:48e:53c0:93a1	() ()
6	2600:1f13:800... 2600:1f13:800:7781:a9:f316:c651:5d12	() ()
3	23.197.128.137 23.197.128.137	() ()
2	2a00:1450:400... 2a00:1450:4001:831::2006	() ()
3	205.185.216.42 205.185.216.42	() ()
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	() ()
1 1	185.29.132.245 185.29.132.245	() ()
1 1	35.190.0.66 35.190.0.66	() ()
2 2	213.155.156.168 213.155.156.168	() ()
1 1	85.114.159.93 85.114.159.93	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3601:7391:985f:3e9d:2132	() ()
1 1	69.173.144.165 69.173.144.165	() ()
1	2a02:26f0:480... 2a02:26f0:480:9::210:ee04	() ()
1	172.217.16.194 172.217.16.194	() ()
356	55

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.224.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.24.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-24-240.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::2 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.209.23.15 (None, ) 1 redirects

ASN- ()

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.162 (None, ) 7 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (None, )

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (None, )

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.125 (None, ) 2 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223f:9600:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7781:a9:f316:c651:5d12 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.197.128.137 (None, )

ASN- ()

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (None, )

ASN- ()

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (None, ) 1 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:7391:985f:3e9d:2132 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9::210:ee04 (None, )

ASN- ()

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
121	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 154	1 MB
58	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net googleads4.g.doubleclick.net	364 KB
43	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 834583 cdn.ye-mek.net	652 KB
18	virgul.com static.virgul.com — Cisco Umbrella Rank: 57050 ng.virgul.com — Cisco Umbrella Rank: 53427 ng2.virgul.com — Cisco Umbrella Rank: 58973	231 KB
15	adsafeprotected.com 1 redirects pixel.adsafeprotected.com fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	212 KB
15	google.com adservice.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 3	5 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	493 KB
7	rubiconproject.com 1 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 983 fastlane.rubiconproject.com — Cisco Umbrella Rank: 526 pixel.rubiconproject.com	5 KB
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	5 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com mug.criteo.com dis.criteo.com Failed	8 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 443	61 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	ftstatic.com ajs-assets.ftstatic.com agen-assets.ftstatic.com Failed	80 KB
3	flashtalking.com servedby.flashtalking.com	4 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	1 KB
3	spotxchange.com 2 redirects sync.search.spotxchange.com	2 KB
3	teads.tv a.teads.tv — Cisco Umbrella Rank: 1474 sync.teads.tv	707 B
3	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 54137	424 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1518 mp.4dex.io — Cisco Umbrella Rank: 2625	25 KB
2	de17a.com 2 redirects d5p.de17a.com	647 B
2	quantserve.com cms.quantserve.com	928 B
2	2mdn.net s0.2mdn.net	59 KB
2	smartadserver.com rtb-csync.smartadserver.com	227 B
2	openx.net us-u.openx.net	420 B
2	criteo.net static.criteo.net	59 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4174	1 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 101165	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1966 feed.pghub.io — Cisco Umbrella Rank: 2626	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12975	6 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422 imasdk.googleapis.com — Cisco Umbrella Rank: 489	154 KB
2	cloakan.co www.cloakan.co	1 KB
1	doubleverify.com cdn.doubleverify.com	4 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	travelaudience.com 1 redirects ads.travelaudience.com	555 B
1	mathtag.com 1 redirects sync.mathtag.com	726 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 724	495 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 545	109 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2185	362 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	47 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	turn.com Failed r.turn.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	emxdgt.com Failed hb.emxdgt.com Failed
356	46

	Domain	Requested by
72	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com tpc.googlesyndication.com ye-mek.net securepubads.g.doubleclick.net www.googletagservices.com pcloak.blob.core.windows.net googleads.g.doubleclick.net
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
39	tpc.googlesyndication.com	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ye-mek.net pcloak.blob.core.windows.net securepubads.g.doubleclick.net googleads.g.doubleclick.net
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
19	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com www.googletagservices.com
18	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
10	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	www.google.com	tpc.googlesyndication.com 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
9	www.googletagservices.com	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
9	ng.virgul.com	static.virgul.com ye-mek.net pcloak.blob.core.windows.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	dt.adsafeprotected.com	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	static.adsafeprotected.com	pixel.adsafeprotected.com 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
5	ib.adnxs.com	2 redirects static.virgul.com googleads.g.doubleclick.net
5	fastlane.rubiconproject.com	static.virgul.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	ajs-assets.ftstatic.com	servedby.flashtalking.com
3	servedby.flashtalking.com	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
3	sync.search.spotxchange.com	2 redirects googleads.g.doubleclick.net
3	cpm.programattik.com	static.virgul.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	ye-mek.net	www.cloakan.co ye-mek.net
2	d5p.de17a.com	2 redirects
2	cms.quantserve.com	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
2	s0.2mdn.net	pcloak.blob.core.windows.net s0.2mdn.net
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	static.virgul.com static.criteo.net
2	ng2.virgul.com	ye-mek.net pcloak.blob.core.windows.net
2	adx.adform.net	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	googleads4.g.doubleclick.net	pcloak.blob.core.windows.net
1	cdn.doubleverify.com	s0.2mdn.net
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	mug.criteo.com	pcloak.blob.core.windows.net
1	imasdk.googleapis.com	c1.imgiz.com
1	ap.lijit.com	static.virgul.com
1	a.teads.tv	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	www.google-analytics.com	www.googletagmanager.com
1	s7.addthis.com	ye-mek.net
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	agen-assets.ftstatic.com Failed	ajs-assets.ftstatic.com
0	sync-tm.everesttech.net Failed	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
0	r.turn.com Failed	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
0	dis.criteo.com Failed	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
0	x.bidswitch.net Failed	61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
0	hb.emxdgt.com Failed	static.virgul.com
356	70

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-21` - `2023-06-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-11-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh

This page contains 53 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 14FC6B6E2736D8988FBF6ED14F0C7AB7
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 6408E910D4E21E855F47A074CC7D16CB
Requests: 116 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: A2EB0F588106D4C60E71D98B53484051
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 1269394A089B42DE358A6ED49F65C95E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: FC26362CF1872E9CF1942D7C62307AAF
Requests: 1 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 08223A5B727E76C64DEEDFDB9ECAF296
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526551596&bpp=5&bdt=1115&idt=350&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=3979164214347&frm=24&ife=1&pv=2&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075205%2C44788441%2C44793497&oid=2&pvsid=4040297006971483&tmod=317818420&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.izt4po4npv1&fsb=1&dtd=367
Frame ID: 02548D2C838A8E7D258404E469B7B000
Requests: 1 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 201F67A1F9FD7DACCD5B7A8CC27A019C
Requests: 12 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5FD47A44E796A672B78A041697450910
Requests: 13 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E59ED0EBCFB449282588E67E005084BE
Requests: 13 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D30712CEE4EDCE706EE371ADF9798EED
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552444&bpp=10&bdt=258&idt=210&shv=r20230607&mjsv=m202306080101&ptt=9&saldr=aa&nras=1&correlator=6161049798103&frm=8&ife=1&pv=2&ga_vid=320576623.1686526553&ga_sid=1686526553&ga_hid=1918151790&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2482980165&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C42532279%2C42532277%2C44759842%2C44759927%2C31075206%2C44788442&oid=2&pvsid=452794801102797&tmod=1132426197&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.4y4fl7pvhmrx&fsb=1&dtd=228
Frame ID: 7EEBEA298CA24058458448EFAE715FAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552454&bpp=3&bdt=269&idt=241&shv=r20230607&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6161049798103&frm=8&ife=1&pv=1&ga_vid=320576623.1686526553&ga_sid=1686526553&ga_hid=1918151790&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2482980165&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C42532279%2C42532277%2C44759842%2C44759927%2C31075206%2C44788442&oid=2&pvsid=452794801102797&tmod=1132426197&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.17vogbqmgowd&fsb=1&dtd=248
Frame ID: B67A7E38480BB7E4A311116CD762AAAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552490&bpp=3&bdt=263&idt=227&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=3465044917989&frm=8&ife=1&pv=2&ga_vid=2068353659.1686526553&ga_sid=1686526553&ga_hid=1441067302&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075178%2C44788441&oid=2&pvsid=4039166777054377&tmod=902744900&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.gtrfssukgzdb&fsb=1&dtd=243
Frame ID: 29A0FA2461073EBBE9ABC2238FFD18BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plaf=7%3A2&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552511&bpp=4&bdt=168&idt=231&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=2385628098696&frm=8&ife=1&pv=2&ga_vid=690943029.1686526553&ga_sid=1686526553&ga_hid=1242267805&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2430322527&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074583%2C31075068%2C44772268%2C44788442&oid=2&pvsid=1392620260193569&tmod=1891852344&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.3r3mohrcg5da&fsb=1&dtd=245
Frame ID: 0094F88BF40BC0BC8DC8658B73D97DE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=4198791085&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552493&bpp=2&bdt=266&idt=266&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3465044917989&frm=8&ife=1&pv=1&ga_vid=2068353659.1686526553&ga_sid=1686526553&ga_hid=1441067302&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075178%2C44788441&oid=2&pvsid=4039166777054377&tmod=902744900&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.f8xns1md909l&fsb=1&dtd=271
Frame ID: CECDE19970B997C17C2B877CC91D83A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791702&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552515&bpp=2&bdt=172&idt=253&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2385628098696&frm=8&ife=1&pv=1&ga_vid=690943029.1686526553&ga_sid=1686526553&ga_hid=1242267805&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2430322527&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074583%2C31075068%2C44772268%2C44788442&oid=2&pvsid=1392620260193569&tmod=1891852344&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.2chvw9jo48nf&fsb=1&dtd=257
Frame ID: 08A0A386C59BBFD6BB3604870371DB96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407253290&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552844&bpp=4&bdt=166&idt=144&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=366215390978&frm=8&ife=1&pv=2&ga_vid=1005243704.1686526553&ga_sid=1686526553&ga_hid=1170364648&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C44788442&oid=2&pvsid=1793475076705859&tmod=1049127540&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.cp5kz7urmx8x&fsb=1&dtd=161
Frame ID: D828E80BF3D399B69D0B47C06B8C2942
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=4198793183&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552848&bpp=3&bdt=169&idt=159&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=366215390978&frm=8&ife=1&pv=1&ga_vid=1005243704.1686526553&ga_sid=1686526553&ga_hid=1170364648&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C44788442&oid=2&pvsid=1793475076705859&tmod=1049127540&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6kdessdezxek&fsb=1&dtd=165
Frame ID: 1007CD1A9A0F670EED79A89C50E81032
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD0E3BEBC12CE795414D3CFFDFC8DC3C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89747BAFE79C5DAEE5805F83CD052997
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F82F661C112B945E0BB23A9EB7FA0E7C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FD2B1CD372968329CBF427DE8952BB9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4432B252CC6AD7DB7811AC25E20541A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3692038906F61AE2547622F6EA54628B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47D00A092DC6F4538283867B56626721
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1928E560B7A6BE7A890F1847D9A31CFF
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: FD5F9F8315CE1312AC1850993A9AEC40
Requests: 2 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 82C15AA1C8E98C4D0DC17DE8E72A14EC
Requests: 27 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 62CA674FF1612B1CFA4BC0F00502AAFD
Requests: 17 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 49B64C69CC4CF8EE6120BFDD93909ED2
Requests: 16 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B9B2AEF19E461F1FB12241EFC40CEEBD
Requests: 18 HTTP requests in this frame

Frame: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4E30B97BC43649EC7F5B039563DC65EB
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYmvKZvQEwAQ&v=APEucNUv3sZa8RbOtfULAsdwZHvVZpFih0snma7FGvGr2R9ozM3HZQINOxWr2WpnLhrOzmtb1JmsmW4zp6ysYuvK3I9bxOba-90ZtpE9B7v2cxQvndMQof4u16NT-iFrJ5tugngwb_Xtnh9CgaE_Eaz0VbnHL9q70BMKp75VnFJSSsSE9ER9rck
Frame ID: 1FD0BC97A6B9CC7F5AE3C49B4E91703B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGJW-5eoBMAE&v=APEucNUAFeUCnTCkKAWBL9OsZVdSbTneBLCkv3VeFUQ7fujf_e9HK61cJagmUHr2MA3dwXWklqEf-h0lzjieBUOzADYimlTHk4GiSW1-cwS5VsE_SN1jXkvU6xapuNn9N3qAIKAqp3ZMYlP7zXxnD4YbIIQlLNsDsKn3FVePJJVuKfH3yjjgAXQ
Frame ID: 5C0A92308F204A33D3E67F5391123D28
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGI7x5OoBMAE&v=APEucNX5JMC2wDXPF1-AAdIBFU5Agq8SzpU5qzAJjbRkHB_hhLj02DBtnjpwCCylKwxz1bdApYc1Hzs8bVWid-ipJ7FTzG8XAP0lXyIsGNpc9MJmeQn3Gr_5MOqAahkTu9e6Ifjf3WJoaBLgVtq_tA-qrqTzSPxWkkWLVzH2L1bQ9KVzQxDQRfQ
Frame ID: 246B7E9528B884927E08F89D88DA9424
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNUcIBqBfbDY_Wyi37YEUzMFv5Z5DJm8x3hlAZKnHn0BMPrlK6ARg2xUvSyryCXWzVPOqdi8-mmlCvLaGdbII1UiVTyh_WCgKFaGBUH6BvmJfejiDphp7vGdql7u5zUqnhb3oiViDEcVl3OViWfgXsYgq2bYXTB5AN1HNAlgmJl0aH_riPQ
Frame ID: 38F83413D3CB893CEEDBF8C28E34E051
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGI7x5OoBMAE&v=APEucNWglSQvP0Ig4lI2hRN8foQ2Gi0U5vdYyRLwSNPkh9XCtwkHBM30XpXuUo67E9ctn1S-kNoBOvCTFvFJKbdzFf5YjnHKw2JA-AGoMuj0XIAt9WbK-FzHPSReKFfItHQOTdLEGC_7_oJPjxFDTOmhQgwoHoEiSBK0c4ks5PAE4HEbkAXZJX4
Frame ID: F11C21C760B4D52E39AA625D98B4A3F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4BB32ADE530BE83D2BBEB78D02131FCF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D987F8F7397B2DA2284CBEB79165E130
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5DA49D24DE69C9DC45EBE33B4670EBE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BAA9182C4216DA0BD3FA0A88033E913B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8B503DD850108D396E675D642691F6EE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 280CE436AB09804982145908D1EC7365
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 57173E3D71EE72C350921DC57E9B7545
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 83E3F993FEABC3C4614D28E7DF7F16B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 00B042FB32586B3330DDA3F44058E4DA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D6DFB7C040AF005AD6C5A85C6514DCA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 771BE77DFE38F1217DAA3C8EB7430EE8
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=KqN5Ckr55a&t=1&renderingType=2&ev=01_250
Frame ID: 5AF55C41BD7F9039529ACC68331762D6
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2EFBB07A52EBBCA27BCCC11CEDF99D58
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E130ECC3B1A5726356E161AB4D826D5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A65AB1BC91E2686241783C70425AE50C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

356
Requests

90 %
HTTPS

43 %
IPv6

46
Domains

70
Subdomains

55
IPs

7
Countries

4206 kB
Transfer

11039 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 243

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-vq19nxzUzlRa0dUNUFCMVMrN1ZwaUgwZktDR2lNZ1RidGIwYXZNN2N2T1Z3Uy9ZWjdyN285ZDhqWXR5cVM2OTF5U3JFMDc4bEkvdU1UK1dIT0lWeVBJcnBNakFKZnRtK3h6WXVTTnIwdFcvTWx0Y3BUZklLbjNHMmxGL2RQU0pxOWlMQjhLTGRadWRaNDJSQjkzZXc4QVhDU3FDMFl3TE02a2lOWERoSnFRcEx2ckxIYmNKUE5HNStqRy9CaGxRTFZoSUJjT0pxYml5QTBvM3ppK3cxMHRBUzJIRnQ0aHY5a0JkTU10ejZRMUJsMmRMaThQZHBsUG5sU2FoMHVSUHhMU0M5ckxFeGdzNmdCd0JmcCtFM2duaXpUYTZ4L1Fobmx3T2RvRG1icnkyV2RWUT18&cppv=2

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1

Request Chain 245

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIZaWpSJrIxrN2muY0tR-QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENbDQ6uPnPDuxGJqa1ppsAo&google_cver=1

Request Chain 247

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MTU1NTk1MDc1MDYwNzExNg%3D%3D

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQGHWNEUlzFk2GQiLfNJBY&google_cver=1

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEO7jEmcnLKa-qMzuoX8uPyI&google_cver=1

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI9SgYi3YfRpz0oIFZJHkjQ&google_cver=1

Request Chain 256

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=b5308e26-08b0-11ee-8cf7-1f932c7f0206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUzMDhkZDktMDhiMC0xMWVlLThjZjctMWY5MzJjN2YwMjA2

Request Chain 257

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1LSVZiU1pkRTJ1RzFSMk04Z0dwb1l4OWdyRTg1RWc0SH5B

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPqtGKVAIIjWu61mhzYXwhM&google_cver=1

Request Chain 280

https://fw.adsafeprotected.com/rfw/bgd/1362481/69643702/xbbe/creative/adj?p=APEucNXZrPElzFvReJ5PgMoSpMzWEuBYLIPuDWOwXmOua944p_oS5Pg&d=CokBAKAmf-Cj1X6jsJfJsz1mpn28XA-XfApDKFYDAP5G2w8l9k-i6E4U06NAay-ihpOG8xfLvcF9SSgYREl0oE6Kv7Pdhl_oW6CVdrG9MJ5yalSrvhxwmIbG5qYPPslbC3yJ6JNJSeoqaTEVnFQrya7MiSg3SLpNpFAqa_bmvDVrbn6sRR9ktSENZtgS2RMAoCZ_4II5wU5FtnLNaKNuQVdOl7vF-1OFs0_-QcrGA4FR3wcbZV1teFGA8Mu5msb60BPetxIDayNjSgSvjebxxid_wZibBVnpHxxkOUBCPVakX3bHfsus01hVm5l4Yd0ppFvvPx1LrHVEWHPHmU3tX00C6LgDU3OqxnDOqBUzluCqpgG1QMIpkoEfXP85ewSGGQ0gujrYKM4DfFGpHFpwI4lQ6KmyBpUXHMqZOzgb26wXW6ciNYGkutnqQif2YGqVHhmpWVxvsydN_oo5OT9SWvdjPJxplZ8Gv2XiOVSlN-Gea2jIkULvQKWe130Ksivtr4beUedQOox_AAuKH-OuqUPjXm--8ouodBunIFBvmwpAuaamd27fBL4FxqtoqNUgYfwob65yc5qxVXk4yx83Tl4gwac9FZF3ZHSPklHJZTsaijoczKSL0qDqOM3wwmQy1ANasHY0AlhYoichdyTe3zckJI6g8N2yXR7jQLztKUt6AuBq0XIk0EOk4ma9WsJPBWuGsb4TqgU2H04Lb7q28YQwG83X2kJtFXepOTWMj43pWOoGcfRKsDYiAhjkHR-W4kcavMU3Fr3tuL_BeJh7DtGPgagYF9DivOCbDYUk9s0PjlMs70wvSzGwpAnkSaUqGFXtDxDtabz7MN_lCttxXnqWG6NMQh8TGonFc2sPope2iiDMssieNcmjqcJSUIyA6LcxBYwQ3IDdzl0hiORGTFeIs0UP9B_91V6KTPk4CW1j87Glaz6Sf_1Ysj_v3guHaPLgKYDd6ooegtmLrfAa0IRyoH3TxuN-P_gP53p-bKCpHuSvLj8LOgFIMTDfEv7_0DYeE6kABMuw1ICmDxLk_UcUWHzsIrH1cBmF57qBDAjCZtxLrxxG8oAK1WGIOlKXvv8bPQPPRUpjfzKV5IZibZgg4KEeYoHDmJFOorPFdw8J3EbfZNL8yBFs4Zrzcf84xj5G0l-UtTU1q6T-hLtZbR_kr_zJW4hl-EXd8gVwTj8guo1pRZ-KyskFmEIGDz5sQ-Ht9V0mKBnKzb7rUW_3yoA0NgjyLIw_iuzatcABpTomJsx2Av9q5NSls4KhPUBbTVryznTYCrHa2plu4uzb6nEs-lq6JoCFl2WhXmZgBY6rbqYqSCvn6UWmoXD1t317zc1kDhIqAHRaUrty6FAMPYFU-42hitEV2YoMQQu3BPrl3vh_F1cYPyxHnvs1ZqR-95LX7S-FvSiFIPrPAWT65d-XKryLCt0AkDr3IMDd7us9zcCXNj6PHgm8CeK5z15yE45BpQItEs-AgO76WaPZkB8c2uobLA4rzm47a7aAnzZu0K-aUpNqOK1LTG9rMgbsvn3uv_9iFGLF6Hhz-ZnkQAbCEbPiU_X_qYgv8D4RkULEgFXJSpHLHDmHNh1050TWGAM6IF_kgytypXi9FTZp7UGZghxs77UAfJ-a4GbfrhHRRm8WXnDZr55aDbIl9tqJP2xhs_-4HNZrtpvYpg6x94vuDx0_vVZ_4Ty2gT3w-ZCm9gNG8_S7xiw1SYaZcheb0np4wOV9DIlz2oFb_MkLljGC-_GJ86WFghaKf3bHfI5Rr5-aWAoWrU3Sh0UyyMmmz51qmJ7jLSXiYM_DZ8yXbZWNcc6iVCiVWXjsyo0AQn49BmG7zn4DgzW4_AOqBqI6NDahLS7INCHJBJJQLJ-y7xHCZNKQEQPsBCwsCrKcl3UHsJ5OvMVIbBhw2RgWchEP1OmeQyMKjCuXzweo4RKbVIAMLXQfDrJu3ZGKOVguC4PiCCU5cb2Jyi4sMsdDpKTEN0fcpDFIJyAqusojaCUlzpfT_UjRLHczVN1qZkp_p_4LPStFfONHQIXmYMM511NwpFDXMViSIvIJ0BDqHG0rxPTGLIG18aMopw6fx7nFN5IfbwIhmBnAqv9LZabq-02gwAqi-cIFF87K5ddxn5lZZdBe_-9fJfXHPVcjVvmTvZVXcQnrPqIPqRIKYUIDxjWCzTfAzw5pWfpk4WBKymocf-kFYtQX2XqNQpf6HrVRFg-ciIy_tXoIunJxd4EJEUhFdIdpMIOBTUBuivj8X_oqkXj9Fw55hFDBBoy8OKsnaT2gyKGMqZPa3OY1egB5FyCk6CSGO5361pED5cc8m_8premLY8JhC6ILBU3XqmPHiyM3Y5n2w3BwgvXnzmAz-wqGQHEJHgpo1p7MnEdjoAK9qKAb_hj-QDw1H39WXtZEyUTUtlgNKyqTJpMglBxmc8vunvVrbO_G-lFCjax0wZWYLXLlo07nrLr-GICLuJFvzMX_ruRwuogdbsMiaa65t7__wuCa97WkWqlyyV6ziLzRJc6LFecGBYD_ELuGliP40RAp-GsbAbeN1vFZ_WNf1VPNHmhuxzpDK0hcsQ67ix-xbMcCOE61YdUN5EjdnvKADytMTX4ZkoWr8DXzySRSAlX6KAiUdS1tvNloXGscn65GHugUKmkp_YKbI4NAwjFqldnTn-65_58OO9VCoL62RJu3om2k4xQO58NFptxQ-keyF7o1-Ndwwx_m1GBFI4R6RjyQ8R6nPJjEVEFkhKlj-2Y_59YTZ1aHtuUHlyF4C1shNy-SP4mgQC1_B2Z_rIJzADv9W6XRN3zFEs-xW_Jih1EDAltAqZQ907-WKjzRFwqxNoXAdnBNGUnHZqG00_R_BjXGGCWSo-13yXeWDv5JMa89MvhnqPzFODa-hMbJsrWHKjEd6GEyvHf3pPCWzmGLkEJKPePLDvdR98YauoRLGbKd1nL9EGRllbtgS1dhjc0oIRiXH8QUZ35PS4vetjMhz3ACtw-gddBd9ZXI4IlIZVkOQf2hdkkvVggM-u0IjyT1RhdJvvetVmu5HyW3pTlZvXmSCTv7n5qutOWElS2QcQyfta9TJAY1T0zNwU_Ske-RWaEB0YqGSykWxNL-blEJ4sES8J4LEok4kEhLnWNSaC1LrdACtLahiYW5vLX94woDbzvpsKYdnPA9FfyCTcEIb1xp65vktBlj6NkNDlwW0axzHFJB_ZcTopbkgRdQ4mIGoABDFyeG1AVBEAUqIIOOCXoq51x-E7_7iJUN2B9VdGjPE5zmJftTMwzIGFwXqv_45BCRfy3RJNY487A3_KVpqNpFXI3-iqUMsQY4iZLvtVUywYQFUlEgwFTrtS2yX4lXiV9btFznbn-fCkYr3EzLgiR9Mv6VO5jL47d8cZcfHmtJHa30UYUeKuE1JdxDYFYZZc-yu8IdGh_4Xmkz4pSaZ-V8B1X1CN8zL9ui3x69_S0eQEmNi4IKE-xGSg5Myj4yCJVvklBaG3YNkQccE_q5zF0f16W48U6MiMmCnP4_7GHoVSP3zMvY9IcTZunv5z7DL8vsWqU2I0BlGkEIBBI7AHKBCINHiNT9s0wxPzoJr2KDw2jfsyi0l2N0yEOHhneCrZjATOqP5unEzOG_c1_cPX_AfyRcf501xLQYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25663049&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=15571779515&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iBWPj39u-1oWTE0cNpzs95&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:c33575e3-ba44-4406-24e5-3d43dac86f0e,c:fh94XH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c5d9cf586-vws4b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tGUZxWC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C1194%7C11a%7C11b*.1362481-69643702%7C11b1%7C11c1%7C11d1%7C11e1%7C11f1%7C11g%7C11h,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:32,oid:b51459b2-08b0-11ee-9061-a6340cece0ce,v:19.8.417,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

Request Chain 326

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDajQLFT-AUfR8eFcY5BcZw&google_cver=1&google_push=ATf1kGMGFV3rVs5KjSaMb5HMzIpFUE2AEg-xfZ2gII8VTlyo7xWbbZsQvpCXb44AU4e8l3IvANh1nX5EBoRuu2KUKvwpho0oiew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMGFV3rVs5KjSaMb5HMzIpFUE2AEg-xfZ2gII8VTlyo7xWbbZsQvpCXb44AU4e8l3IvANh1nX5EBoRuu2KUKvwpho0oiew

Request Chain 327

https://ads.travelaudience.com/google_pixel?google_gid=CAESEH9UuI2AzfvBJ-ftB9d7Z3Y&google_cver=1&google_push=ATf1kGOtLALdpjfdIf-wSLKSVs1xMniY2T6kqXtcYoJIhOuWHrn4wDxAlaOAIs8niMtZxkP_qu4oWuJObpuXLIdqb_RlAbs2gN9k HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=T5MqgKCfS4-hzibTyPrPiQ2&google_push=ATf1kGOtLALdpjfdIf-wSLKSVs1xMniY2T6kqXtcYoJIhOuWHrn4wDxAlaOAIs8niMtZxkP_qu4oWuJObpuXLIdqb_RlAbs2gN9k

Request Chain 328

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENNH8TftYZfHgHpvIfQVU3g&google_cver=1&google_push=ATf1kGPvKJUUp8_Owi9liieZblgdSfSvRYxUNespMp3nAyxc0JuLtJ1u9vE-UxUmEI68irYbR5caFYf0pXQ62rYyXKhkRxI44p3i HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENNH8TftYZfHgHpvIfQVU3g&google_cver=1&google_push=ATf1kGPvKJUUp8_Owi9liieZblgdSfSvRYxUNespMp3nAyxc0JuLtJ1u9vE-UxUmEI68irYbR5caFYf0pXQ62rYyXKhkRxI44p3i

Request Chain 329

https://d5p.de17a.com/cookies/google?google_gid=CAESEKmZa40G8K4MResPY7200vs&google_cver=1&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsFm0CDjkx HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKmZa40G8K4MResPY7200vs&google_cver=1&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsFm0CDjkx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsFm0CDjkx

Request Chain 330

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEOSJ0S_cVVorNev1L19GbNY&google_cver=1&google_push=ATf1kGOwpTKXZxDrqwx5zf32h8MsSThwkdvRYg60hzg2Nh2dRcQKc13W1YQuc6TBbwABMTs__xuLvdX-Ce81AMBY8jxX7YG1J50p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-HYvPK64kwTwk91i7Tz0FezQ-ff5saUO3t8wu3w&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 331

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGO3SpvwAno8o5nkKEybMIMztwJbeOSv615thqzISY9wdCP74m3pVSM0FmPtDFKYQECGf7-sKIEAa1rPO7l9WK-noaRyVgzL HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGO3SpvwAno8o5nkKEybMIMztwJbeOSv615thqzISY9wdCP74m3pVSM0FmPtDFKYQECGf7-sKIEAa1rPO7l9WK-noaRyVgzL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM0NDYwNjczMzUwMTY0MjQ2NA&google_push=ATf1kGO3SpvwAno8o5nkKEybMIMztwJbeOSv615thqzISY9wdCP74m3pVSM0FmPtDFKYQECGf7-sKIEAa1rPO7l9WK-noaRyVgzL

Request Chain 333

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM9jG1W8oUUOrqu0kT057aY&google_cver=1&google_push=ATf1kGNGES5x0Bw1sHjiJ7i8JsdMulVSQyBPXhJzr1umRh5i-l0uoScvTagyKp3G2bTDung8lxLBeGZc6WMml9Yt-Z1dbyB0vvft HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA5MTg4MzU0ODY4MjU5MzAxMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9jG1W8oUUOrqu0kT057aY&google_cver=1

Request Chain 336

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAhOzquF7p_8N1M27-GBEbo&google_cver=1&google_push=ATf1kGMAU36cM4Txk2_IFj-Zh5zMLNMjzzy5dN0QhqHKGn8QGaBddsrlEK0wkLLHNjvLWISi3DbDJ542ivBhvb28IYkYBtHAu9_N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MzU3NjM5MzI4MTEwODEwOQ%3D%3D&google_push=ATf1kGMAU36cM4Txk2_IFj-Zh5zMLNMjzzy5dN0QhqHKGn8QGaBddsrlEK0wkLLHNjvLWISi3DbDJ542ivBhvb28IYkYBtHAu9_N

Request Chain 337

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIf0tkPxDPpl8cTo-I8AAQQ&google_cver=1&google_push=ATf1kGMHMdB9L_tj0mAzZNHYYathA_cmHtOOKCLckGBvt1OdUDMD0rqK-3h0H9_VAi-8A5wi5AbDcPeCzli3jEFoZBVETa5FCZk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMHMdB9L_tj0mAzZNHYYathA_cmHtOOKCLckGBvt1OdUDMD0rqK-3h0H9_VAi-8A5wi5AbDcPeCzli3jEFoZBVETa5FCZk&google_hm=eS1kVE9OeTBORTJwSFlQXzZoY21zcEwuY3NWMzlaNlVOSX5B

Request Chain 338

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGN4O_9PXD9cGkP8SoeFbEhH4JERLKdxLxrJZ0pWAlwMadHLaK8EImupRlcVZUTKnNEuBhmtm45AlTI9jq4T5m6veD5KbT2Z HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGN4O_9PXD9cGkP8SoeFbEhH4JERLKdxLxrJZ0pWAlwMadHLaK8EImupRlcVZUTKnNEuBhmtm45AlTI9jq4T5m6veD5KbT2Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYyNDY2ODMzODQ0NjQxNjEzMg&google_push=ATf1kGN4O_9PXD9cGkP8SoeFbEhH4JERLKdxLxrJZ0pWAlwMadHLaK8EImupRlcVZUTKnNEuBhmtm45AlTI9jq4T5m6veD5KbT2Z

Request Chain 339

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFhaevugGuOVMpkGYO1d3S8&google_cver=1&google_push=ATf1kGNGtK7S4J3744HSI-s3QndLQqzbjOzeKd8e-AsDhe7PeDQ4C6kx0HEeDBAoH_dxhq9oXMxP35AIfjsdm2Mf7dTT4TUZLyZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTMkQ0MEotUy0yMTlM&google_push=ATf1kGNGtK7S4J3744HSI-s3QndLQqzbjOzeKd8e-AsDhe7PeDQ4C6kx0HEeDBAoH_dxhq9oXMxP35AIfjsdm2Mf7dTT4TUZLyZE

356 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 482ms
115ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Sun, 11 Jun 2023 23:35:48 GMT
ETag: 0x8DB5ED08476F0C5
Last-Modified: Sat, 27 May 2023 16:36:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: da80e68e-301e-001a-70bd-9c23d2000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 115ms
115ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-request-id: da80e6b5-301e-001a-12bd-9c23d2000000
Date: Sun, 11 Jun 2023 23:35:48 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 347ms
115ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 11 Jun 2023 23:35:48 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: da80e73d-301e-001a-07bd-9c23d2000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 232ms
116ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 11 Jun 2023 23:35:48 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: da80e701-301e-001a-53bd-9c23d2000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
682 B 372ms
165ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:46 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
386 B 353ms
175ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:47 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 6408 77 KB
77 KB 329ms
83ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d143c39ecae7fbaf31995f743f2b73f00ac1651a1f374638866b6051a777e6c

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 78659
content-type: text/html; charset=utf-8
date: Sun, 11 Jun 2023 23:35:50 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 6408 90 KB
33 KB 194ms
60ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 14:24:39 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 6408 10 KB
2 KB 142ms
141ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sun, 11 Jun 2023 23:35:50 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 6408 40 KB
12 KB 96ms
28ms Stylesheet
text/css 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 4717108
x-accel-date: 1681809442
x-77-nzt: AZySIYgImZb/NPpHAA
x-accel-expires: @1713345442
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: f6587a1da5a57d82565a866418b95c21
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6408 120 KB
47 KB 201ms
73ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38bdae94dc66b00a3a0cfdac71fcc937459eed3ec97776abb75702910f2a18ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47528
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Jun 2023 23:35:50 GMT

GET
H2 200 WebResource.axd Show response
ye-mek.net/ Frame 6408 23 KB
23 KB 73ms
73ms Script
application/x-javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sun, 11 Jun 2023 23:35:50 GMT
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
cache-control: public
content-length: 23063
expires: Sat, 04 May 2024 23:14:43 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 6408 542 B
895 B 29ms
29ms Image
image/png 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4717160
x-accel-date: 1681809390
content-length: 542
x-77-nzt: AZySIYgroij/aPpHAA
x-accel-expires: @1713345390
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: f6587a1da5a57d82565a8664e3f54d2d
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 6408 2 KB
2 KB 34ms
27ms Image
image/png 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4717108
x-accel-date: 1681809442
content-length: 1651
x-77-nzt: AZySIYggRw7/NPpHAA
x-accel-expires: @1713345442
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: f6587a1da5a57d82565a86648cce452f
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 arasi-elmali-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 6408 14 KB
14 KB 45ms
36ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/arasi-elmali-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0403acf352d97f4125629cb0d42e156490c93962f561f94d7f3c2f4816c8f415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5431
x-accel-date: 1686521119
content-length: 14260
x-77-nzt: AZySIYj6mvL/NxUAAA
x-accel-expires: @1718057119
last-modified: Sun, 11 Jun 2023 21:40:09 GMT
server: CDN77-Turbo
etag: "64863f39-37b4"
x-77-nzt-ray: f6587a1da5a57d82565a86647d77742f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pizza-makarna-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 6408 19 KB
19 KB 57ms
48ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/pizza-makarna-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7205777014978e168136f841b00836b5a9fa6c9dcc0674336483adfa571da005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 88744
x-accel-date: 1686437806
content-length: 19078
x-77-nzt: AZySIYheK5n/qFoBAA
x-accel-expires: @1717973806
last-modified: Sat, 10 Jun 2023 22:36:00 GMT
server: CDN77-Turbo
etag: "6484fad0-4a86"
x-77-nzt-ray: f6587a1da5a57d82565a866430d9792f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 balik-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 6408 16 KB
16 KB 71ms
62ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/balik-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 19eb8aa79e13101d907ddd5ef9d291cbc5d166d22b4c4961359e00f452f1621a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 170226
x-accel-date: 1686356324
content-length: 16229
x-77-nzt: AZySIYhI8h//8pgCAA
x-accel-expires: @1717892324
last-modified: Mon, 05 Jun 2023 20:37:42 GMT
server: CDN77-Turbo
etag: "647e4796-3f65"
x-77-nzt-ray: f6587a1da5a57d82565a86646eb97d2f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-kalcali-but-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 6408 15 KB
15 KB 83ms
74ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/tavada-kalcali-but-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e95ae6bc878c84c98ce8435e7546c02b847773de6053b098709bd28fce89dc0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 259276
x-accel-date: 1686267274
content-length: 15133
x-77-nzt: AZySIYiTrKD/zPQDAA
x-accel-expires: @1717803274
last-modified: Thu, 08 Jun 2023 23:19:39 GMT
server: CDN77-Turbo
etag: "6482620b-3b1d"
x-77-nzt-ray: f6587a1da5a57d82565a8664b859802f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-soslu-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 6408 17 KB
17 KB 83ms
74ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/tencerede-soslu-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e248fc933bd5b08289fa46b3e2629d9d6199a3e711b0d8e109aaf9f57541796d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4717117
x-accel-date: 1681809433
content-length: 17048
x-77-nzt: AZySIYjuYWr/PfpHAA
x-accel-expires: @1713345433
last-modified: Sat, 21 May 2022 22:49:52 GMT
server: CDN77-Turbo
etag: "62896c90-4298"
x-77-nzt-ray: f6587a1da5a57d82565a86641b0f822f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kilis-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 6408 16 KB
16 KB 83ms
74ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/kilis-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716962
x-accel-date: 1681809588
content-length: 16352
x-77-nzt: AZySIYjH5dP/ovlHAA
x-accel-expires: @1713345588
last-modified: Sat, 16 Apr 2022 14:03:03 GMT
server: CDN77-Turbo
etag: "625acc97-3fe0"
x-77-nzt-ray: f6587a1da5a57d82565a8664905a832f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-ekmek-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/03/ Frame 6408 12 KB
12 KB 83ms
75ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/03/tavuklu-ekmek-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 59641e17cbf2747c31456e5ac08ddd332816ebb6b9fc9273ed4989ef979ca5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4712975
x-accel-date: 1681813575
content-length: 12285
x-77-nzt: AZySIYixTiD/D+pHAA
x-accel-expires: @1713349575
last-modified: Wed, 01 May 2019 23:13:15 GMT
server: CDN77-Turbo
etag: "5cca280b-2ffd"
x-77-nzt-ray: f6587a1da5a57d82565a8664e138852f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 6408 14 KB
14 KB 83ms
75ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4711880
x-accel-date: 1681814670
content-length: 14064
x-77-nzt: AZySIYhPUUD/yOVHAA
x-accel-expires: @1713350670
last-modified: Fri, 21 May 2021 22:11:36 GMT
server: CDN77-Turbo
etag: "60a83018-36f0"
x-77-nzt-ray: f6587a1da5a57d82565a866456e98a2f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 misir-ekmegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 6408 11 KB
12 KB 83ms
75ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/misir-ekmegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 63d492638d445ece5c5162c245202c7a7a8db0fcc12c438e020c5128bd2164cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4714656
x-accel-date: 1681811894
content-length: 11439
x-77-nzt: AZySIYjRgt3/oPBHAA
x-accel-expires: @1713347894
last-modified: Fri, 10 Apr 2020 01:33:58 GMT
server: CDN77-Turbo
etag: "5e8fcd06-2caf"
x-77-nzt-ray: f6587a1da5a57d82565a8664dee38c2f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sikicik-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 6408 16 KB
16 KB 95ms
88ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/sikicik-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716899
x-accel-date: 1681809651
content-length: 16008
x-77-nzt: AZySIYgMt4z/Y/lHAA
x-accel-expires: @1713345651
last-modified: Thu, 04 Nov 2021 21:22:00 GMT
server: CDN77-Turbo
etag: "61844ef8-3e88"
x-77-nzt-ray: f6587a1da5a57d82565a866413faf030
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 saksi-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/08/ Frame 6408 14 KB
14 KB 95ms
88ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/08/saksi-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 27b521443caa2567c561c9a2bd377929f40cf7fb68113ccbc4b42669c6841e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716350
x-accel-date: 1681810200
content-length: 13931
x-77-nzt: AZySIYjYnaX/PvdHAA
x-accel-expires: @1713346200
last-modified: Wed, 01 May 2019 22:17:07 GMT
server: CDN77-Turbo
etag: "5cca1ae3-366b"
x-77-nzt-ray: f6587a1da5a57d82565a866495f8f430
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 6408 11 KB
11 KB 95ms
88ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4715593
x-accel-date: 1681810957
content-length: 10807
x-77-nzt: AZySIYiFD+H/SfRHAA
x-accel-expires: @1713346957
last-modified: Wed, 01 May 2019 23:24:41 GMT
server: CDN77-Turbo
etag: "5cca2ab9-2a37"
x-77-nzt-ray: f6587a1da5a57d82565a86642402fa30
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 6408 18 KB
18 KB 95ms
88ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716753
x-accel-date: 1681809797
content-length: 17964
x-77-nzt: AZySIYgexhn/0fhHAA
x-accel-expires: @1713345797
last-modified: Thu, 14 May 2020 23:54:34 GMT
server: CDN77-Turbo
etag: "5ebdda3a-462c"
x-77-nzt-ray: f6587a1da5a57d82565a86644357fe30
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cokertme-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame 6408 16 KB
16 KB 95ms
89ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/cokertme-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716184
x-accel-date: 1681810366
content-length: 15954
x-77-nzt: AZySIYj0SAb/mPZHAA
x-accel-expires: @1713346366
last-modified: Wed, 01 May 2019 22:16:47 GMT
server: CDN77-Turbo
etag: "5cca1acf-3e52"
x-77-nzt-ray: f6587a1da5a57d82565a86640d250031
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 6408 16 KB
16 KB 96ms
89ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716569
x-accel-date: 1681809981
content-length: 16315
x-77-nzt: AZySIYhxYe3/GfhHAA
x-accel-expires: @1713345981
last-modified: Fri, 22 May 2020 22:51:08 GMT
server: CDN77-Turbo
etag: "5ec8575c-3fbb"
x-77-nzt-ray: f6587a1da5a57d82565a866426bc0731
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 6408 14 KB
14 KB 96ms
89ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4715554
x-accel-date: 1681810996
content-length: 14222
x-77-nzt: AZySIYj065b/IvRHAA
x-accel-expires: @1713346996
last-modified: Thu, 07 Apr 2022 21:23:55 GMT
server: CDN77-Turbo
etag: "624f566b-378e"
x-77-nzt-ray: f6587a1da5a57d82565a866466190f31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/02/ Frame 6408 13 KB
13 KB 96ms
89ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/02/tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716528
x-accel-date: 1681810022
content-length: 13004
x-77-nzt: AZySIYiprl7/8PdHAA
x-accel-expires: @1713346022
last-modified: Sun, 21 Feb 2021 23:47:08 GMT
server: CDN77-Turbo
etag: "6032f0fc-32cc"
x-77-nzt-ray: f6587a1da5a57d82565a8664b9dd1431
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame 6408 12 KB
12 KB 96ms
89ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716415
x-accel-date: 1681810135
content-length: 11963
x-77-nzt: AZySIYilAiD/f/dHAA
x-accel-expires: @1713346135
last-modified: Wed, 01 May 2019 22:58:17 GMT
server: CDN77-Turbo
etag: "5cca2489-2ebb"
x-77-nzt-ray: f6587a1da5a57d82565a86641ec41a31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 6408 14 KB
15 KB 96ms
89ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716909
x-accel-date: 1681809641
content-length: 14751
x-77-nzt: AZySIYiRoEr/bflHAA
x-accel-expires: @1713345641
last-modified: Wed, 05 May 2021 00:03:16 GMT
server: CDN77-Turbo
etag: "6091e0c4-399f"
x-77-nzt-ray: f6587a1da5a57d82565a8664552d2031
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-tavuk-sis-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/07/ Frame 6408 15 KB
16 KB 96ms
90ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/07/tavada-tavuk-sis-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4bff962fb085bc7a7d81b7a59a2dceb2a6dd7f44a6d25af7040fd62f86393a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716909
x-accel-date: 1681809641
content-length: 15765
x-77-nzt: AZySIYj56A7/bflHAA
x-accel-expires: @1713345641
last-modified: Wed, 01 May 2019 22:26:43 GMT
server: CDN77-Turbo
etag: "5cca1d23-3d95"
x-77-nzt-ray: f6587a1da5a57d82565a8664ea4a2631
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mercimekli-pirasa-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 6408 17 KB
17 KB 96ms
90ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/mercimekli-pirasa-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0d8812f5547b313d30ae9c9b712b8fc50eafb19ab00a1658b484a35de8f78fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716011
x-accel-date: 1681810539
content-length: 17093
x-77-nzt: AZySIYg44bf/6/VHAA
x-accel-expires: @1713346539
last-modified: Sun, 05 Mar 2023 21:20:02 GMT
server: CDN77-Turbo
etag: "64050782-42c5"
x-77-nzt-ray: f6587a1da5a57d82565a8664e34f2c31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 semizotu-borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame 6408 17 KB
18 KB 96ms
90ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/semizotu-borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3a0fad2a356f8d50d02af3a5886e30e159cfa1474984f6fa5ae08d4639e9897f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716453
x-accel-date: 1681810097
content-length: 17623
x-77-nzt: AZySIYgmYc7/pfdHAA
x-accel-expires: @1713346097
last-modified: Fri, 03 Jun 2022 22:23:16 GMT
server: CDN77-Turbo
etag: "629a89d4-44d7"
x-77-nzt-ray: f6587a1da5a57d82565a8664b4523231
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 6408 12 KB
13 KB 96ms
90ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4715521
x-accel-date: 1681811029
content-length: 12609
x-77-nzt: AZySIYibNn//AfRHAA
x-accel-expires: @1713347029
last-modified: Wed, 01 May 2019 23:19:17 GMT
server: CDN77-Turbo
etag: "5cca2975-3141"
x-77-nzt-ray: f6587a1da5a57d82565a86643ef63931
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mastave-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/01/ Frame 6408 13 KB
14 KB 96ms
90ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/01/mastave-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 141361
x-accel-date: 1686385189
content-length: 13465
x-77-nzt: AZySIYiFMs/vMSgCAA
x-accel-expires: @1717921189
last-modified: Thu, 16 Jan 2020 13:07:50 GMT
server: CDN77-Turbo
etag: "5e206026-3499"
x-77-nzt-ray: f6587a1da5a57d82565a8664acc43e31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karamelize-soganli-corba-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame 6408 11 KB
11 KB 96ms
91ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/karamelize-soganli-corba-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 96da7cbd165c265c74e140817dda609aab677ad3738efac98ce863665dc3512b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4715059
x-accel-date: 1681811491
content-length: 10908
x-77-nzt: AZySIYiuHqf/M/JHAA
x-accel-expires: @1713347491
last-modified: Sat, 04 Jun 2022 21:55:07 GMT
server: CDN77-Turbo
etag: "629bd4bb-2a9c"
x-77-nzt-ray: f6587a1da5a57d82565a8664b1024431
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 anadolu-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 6408 14 KB
14 KB 96ms
91ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/anadolu-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716422
x-accel-date: 1681810128
content-length: 14404
x-77-nzt: AZySIYiPf5T/hvdHAA
x-accel-expires: @1713346128
last-modified: Tue, 01 Dec 2020 00:12:50 GMT
server: CDN77-Turbo
etag: "5fc58a82-3844"
x-77-nzt-ray: f6587a1da5a57d82565a866451824631
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 balkabagi-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame 6408 14 KB
14 KB 97ms
91ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/balkabagi-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4713509
x-accel-date: 1681813041
content-length: 13941
x-77-nzt: AZySIYipvNL/JexHAA
x-accel-expires: @1713349041
last-modified: Wed, 01 May 2019 22:51:05 GMT
server: CDN77-Turbo
etag: "5cca22d9-3675"
x-77-nzt-ray: f6587a1da5a57d82565a86646dd54831
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 havuc-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 6408 9 KB
10 KB 97ms
91ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/havuc-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c682503cceca1b904b22355c3303d0065985fd83992209d6d65f1ca4546033b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716097
x-accel-date: 1681810453
content-length: 9583
x-77-nzt: AZySIYh5Ao7/QfZHAA
x-accel-expires: @1713346453
last-modified: Mon, 15 Mar 2021 00:48:39 GMT
server: CDN77-Turbo
etag: "604eaee7-256f"
x-77-nzt-ray: f6587a1da5a57d82565a8664ac594e31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 6408 15 KB
15 KB 97ms
91ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4714581
x-accel-date: 1681811969
content-length: 15229
x-77-nzt: AZySIYh33eL/VfBHAA
x-accel-expires: @1713347969
last-modified: Thu, 11 Jun 2020 22:59:34 GMT
server: CDN77-Turbo
etag: "5ee2b756-3b7d"
x-77-nzt-ray: f6587a1da5a57d82565a866420715031
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hashasli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/04/ Frame 6408 10 KB
11 KB 97ms
92ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/04/hashasli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 24762ab428a6fcf11ff285c267ba773b0a63638dcee78a5cc3ea8406f092ad58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716909
x-accel-date: 1681809641
content-length: 10514
x-77-nzt: AZySIYgdp4f/bflHAA
x-accel-expires: @1713345641
last-modified: Wed, 01 May 2019 23:16:07 GMT
server: CDN77-Turbo
etag: "5cca28b7-2912"
x-77-nzt-ray: f6587a1da5a57d82565a8664cb285231
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 biskuvili-yas-pasta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ Frame 6408 13 KB
13 KB 97ms
92ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/10/biskuvili-yas-pasta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 25a120a3830417d169351a3985042dc4bcf6e490fbbe75794190d73794836ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4713946
x-accel-date: 1681812604
content-length: 13265
x-77-nzt: AZySIYisQab/2u1HAA
x-accel-expires: @1713348604
last-modified: Wed, 01 May 2019 22:49:27 GMT
server: CDN77-Turbo
etag: "5cca2277-33d1"
x-77-nzt-ray: f6587a1da5a57d82565a8664881c5731
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yaz-helvasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 6408 14 KB
14 KB 97ms
92ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/yaz-helvasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4532ed97c8ec16da3c9275a5345ba6406647074a9c078e609aa9f56c1a40f76b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716125
x-accel-date: 1681810425
content-length: 13981
x-77-nzt: AZySIYipGbXvXfZHAA
x-accel-expires: @1713346425
last-modified: Mon, 08 Jun 2020 21:41:02 GMT
server: CDN77-Turbo
etag: "5edeb06e-369d"
x-77-nzt-ray: f6587a1da5a57d82565a8664ebbc5a31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 uskup-boregi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame 6408 13 KB
13 KB 97ms
92ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/uskup-boregi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3984692
x-accel-date: 1682541858
content-length: 12833
x-77-nzt: AZySIYiAyF7/NM08AA
x-accel-expires: @1714077858
last-modified: Sun, 23 Aug 2020 23:39:16 GMT
server: CDN77-Turbo
etag: "5f42fe24-3221"
x-77-nzt-ray: f6587a1da5a57d82565a866447db6331
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cilbir-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/05/ Frame 6408 13 KB
13 KB 97ms
92ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/05/cilbir-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 97831ff1642b67d43154d0b76a95e26b0fd8ec1533c4ba30c37ea1c0bdfb30e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4716781
x-accel-date: 1681809769
content-length: 12850
x-77-nzt: AZySIYiDp8D/7fhHAA
x-accel-expires: @1713345769
last-modified: Wed, 01 May 2019 22:14:43 GMT
server: CDN77-Turbo
etag: "5cca1a53-3232"
x-77-nzt-ray: f6587a1da5a57d82565a8664e7b86531
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-ispanakli-kol-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/02/ Frame 6408 14 KB
14 KB 97ms
92ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/02/tavada-ispanakli-kol-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 681ab93dd0600e24018acefe10a3a2c960a04646fc477eb45f13088f9a8a65d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4714071
x-accel-date: 1681812479
content-length: 13911
x-77-nzt: AZySIYgKX0L/V+5HAA
x-accel-expires: @1713348479
last-modified: Wed, 01 May 2019 22:54:06 GMT
server: CDN77-Turbo
etag: "5cca238e-3657"
x-77-nzt-ray: f6587a1da5a57d82565a866485c36a31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 avokado-ezmesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame 6408 14 KB
14 KB 97ms
92ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/avokado-ezmesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d389d4e827b1df5e191df76750ebe767b7d290eaafc03264964e576b11b43cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4713052
x-accel-date: 1681813498
content-length: 14366
x-77-nzt: AZySIYhv7vX/XOpHAA
x-accel-expires: @1713349498
last-modified: Sun, 16 Aug 2020 22:36:31 GMT
server: CDN77-Turbo
etag: "5f39b4ef-381e"
x-77-nzt-ray: f6587a1da5a57d82565a866451606c31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 6408 5 KB
6 KB 121ms
38ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:50 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1686526550.cds296.am5.hn,1686526550.cds292.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 6408 56 B
362 B 750ms
36ms Script
text/javascript 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-115.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Jun 2023 23:35:51 GMT
server: Oracle API Gateway
opc-request-id: /6FF87EE93E04DB55E64FDDD09AA39ED1/DC92C522CF7F8E84C395B4290A2A54A4
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 6408 465 B
585 B 126ms
43ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:50 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1686526550.cds296.am5.hn,1686526550.cds214.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 6408 74 KB
26 KB 380ms
73ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 17:43:14 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 6408 3 KB
3 KB 97ms
34ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5808d723c40744b3cb0ed3a450513d5c387e7973a70623f927eb94b1ce981e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Jun 2023 23:35:50 GMT
content-md5: arFCdCoLC4Nf5tLu7x1yjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: C4slFZ19VGYOBiefNc8j1RVE23iNQCUgPAZHqoPfQcO1OrTMSDlRmNr7h1Poglv6Yj3lDnA1ZT8pXYMQ462dkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: e27d91385879e847eedc8a7870eeb51b
cross-origin-opener-policy: same-origin-allow-popups
etag: "9beb1f946be723bf47e365492dfabf30"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:40:59 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 6408 21 KB
21 KB 94ms
93ms Image
image/png 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 11 Jun 2023 23:35:50 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4717108
x-accel-date: 1681809442
content-length: 21525
x-77-nzt: AZySIYiZCfr/NPpHAA
x-accel-expires: @1713345442
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: f6587a1da5a57d82565a866439d67231
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 6408 307 KB
87 KB 65ms
35ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=ecfb132c0400cdd00d5753de03a3d30f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06d33fb628e8139b0ef85167cc2128e4299fae5ee83d7b3d215099b4c35343ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Jun 2023 23:35:50 GMT
content-md5: XAybmvMvl0VkAqlSPnzPdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88758
x-fb-rlafr: 0
x-fb-debug: OGBHv+D1IgQ2s5epT4oq5z0iUIDkBdPn2yemTx/BWFPpdueQk6fpc08q8K4a4xCqtBQ+IJ8b3simF5l3Ctl9+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2a0644b0c9b270a4d914953e281aaca2
cross-origin-opener-policy: same-origin-allow-popups
etag: "9fcf14d350bef6250ec71d1217adec45"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 10 Jun 2024 22:28:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6408 51 KB
21 KB 185ms
59ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Jun 2023 23:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1863
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 12 Jun 2023 01:04:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6408 76 KB
25 KB 233ms
73ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6856712b68ffba8c9a4860f563e6782b6dfdb87d50dd054b6753efa4ff7ba56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25531
x-xss-protection: 0
server: cafe
etag: 622 / 19519 / 31075209 / config-hash: 404984007886724395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:51 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 6408 120 B
306 B 71ms
71ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame A2EB 891 B
1 KB 70ms
70ms Document
text/html 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Sun, 11 Jun 2023 23:35:51 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6408 138 KB
47 KB 223ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aee6f0b4c43dec5cc9ffac79bb44b87ac17f24ef33979e7619315d1d9ca60cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47848
x-xss-protection: 0
server: cafe
etag: 18042188273379366429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:51 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 6408 489 KB
182 KB 76ms
76ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 6408 235 KB
57 KB 111ms
34ms Script
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 22:50:49 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 19:47:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P5
age: 2703
x-amz-server-side-encryption: AES256
etag: W/"22e740da4e2336def33bbd74ea6796a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: EZgGLU1EvJypIgs2jmd2DMut8fRgHfKudKYhLrkmDPiWCvE4TGUR1w==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 6408 34 KB
6 KB 144ms
131ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1686526551243&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7862389939167591
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: daa4ae74e63ad190e51df1d8695085c574d64ed718f8786485dbd61d7e7ad3da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 6408 12 KB
2 KB 70ms
70ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19519
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 14:14:23 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 6408 49 KB
5 KB 139ms
131ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468479
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: fc52f3986c0cd1bda4c019b4e561637241300ed3fa06d02f68e69a79da3827cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 6408 0
304 B 29ms
29ms XHR
text/plain 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 21:42:51 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
age: 6780
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: eXlj8ngHdVFA5fV0ubi2jxiWn5dcfA4h4WG17wh8u0xHloc5IecBag==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6408 6 KB
3 KB 88ms
29ms XHR
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
date: Sun, 11 Jun 2023 08:17:59 GMT
x-amz-cf-pop: FRA56-P5
age: 64276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: flPyIrs1IdGa6aaNDMUZnXFeIU9aZzJ7gA2Tux7LerlpNm4p65_qCA==

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 6408 9 KB
3 KB 71ms
70ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 18:40:24 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 6408 11 KB
5 KB 71ms
71ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468479
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 6408 17 KB
5 KB 120ms
40ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19519
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:04:26 GMT
content-encoding: gzip
age: 1885
x-guploader-uploadid: ADPycdvEGfUqUwPni0uXPKc6hRaSBbLbITmNyuu8aGwsWkDSuCDJ4ik5hmNgFM_AFV0LGyLZdL19vfHJDFDJWQZQGhCf5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 6408 0
209 B 71ms
71ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1686526551411&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.17287439673541183
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 6408 7 KB
3 KB 344ms
73ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19519
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 18 Jun 2023 23:35:51 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame 6408 0
209 B 84ms
83ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1686526551493&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5720320685267961
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 1269 13 B
257 B 157ms
45ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Sun, 11 Jun 2023 23:35:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/ Frame 6408 404 KB
125 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa58e6c55e790f1c83deaa0e2b30bb1a075acc2ed6ec0f50f928c0d42dbc472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 08:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55119
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127703
x-xss-protection: 0
server: cafe
etag: 12901696529074996400
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Jun 2024 08:17:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/ Frame 6408 352 KB
118 KB 208ms
86ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

412987cc35c5247a10aff8bbe72a3e89da1540916e2a74667fa98d415c4ea5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120858
x-xss-protection: 0
server: cafe
etag: 17342399556986961810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame FC26 10 KB
5 KB 193ms
59ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 06:25:16 GMT
etag: 15057649708203361565
expires: Sun, 25 Jun 2023 06:25:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 6408 483 B
1 KB 116ms
35ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 23:35:51 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 468692
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1P5M8LLlXLxzcrMoiAMEDhDuqIC40l6N9lJdAMYAzm7khhxU9LzCFFgyskgiUk4eT%2BwWCSH8%2BL%2BH53wQ6tt6xVGt0M9zICSBtMIbOCTngfRmu%2FfM3pkjdT6Wcq%2FyxpPtMh%2BH7dFTN8seUTk"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d5dac45288830ed-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 6408 23 B
457 B 235ms
134ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=lrph5W4mBmXnC&cb=0&ws=1600x1200&v=23.605.2213&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 12J3T17S7KRFQY4Q0Q6K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: jI7MQJEal1Ir1QcxmKxKjgq80crRGXjjLNxITr3ulvhRJIFspG0hnQ==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6408 107 B
456 B 214ms
68ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 27 KB
11 KB 291ms
291ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=1411135270936242&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526551799&lmt=1686526551&dlt=1686526550482&idt=1255&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=quz208l23v5t&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4d1f7da56448f81503bcd2ab72c613162cd70db41e10d509df0cfa4ba061f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11520
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583933
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0822 6 KB
3 KB 249ms
68ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 6408 173 B
400 B 131ms
32ms XHR
application/json 52.57.24.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.24.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-24-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2c32bd2e5707e8daf52a5872eb1e14e558b6bfe1524b91a49b869f2e99fe319e

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
x-prebid: pbs-java/1.120.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6408 416 B
962 B 175ms
89ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d3436fc2-aa5f-492c-b399-29bf1082e774%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=eb886548-9643-4836-8471-406909375fc5&l_pb_bid_id=2f7faa8187099d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9322299573271324
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c9e5748c955dc3f587aa1284ee664b08fc3ecb02d39a487a2681e02d1487507b

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6408 410 B
732 B 214ms
128ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d3436fc2-aa5f-492c-b399-29bf1082e774%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=ddde21eb-24b5-4e4e-babc-69faa006f149&l_pb_bid_id=3e5bd29ede436b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8798598176935515
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ff6577c25cfa9bcdd46025d15dc7d424b62c30cdf246cd510d18f891703726ae

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6408 398 B
721 B 181ms
95ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d3436fc2-aa5f-492c-b399-29bf1082e774%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=e75e670c-2298-4335-b3d1-e6259141e7dd&l_pb_bid_id=4c40481ac86128&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5270976468295425
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d54481f05143fc81a2d0640b1bfbf78758e2ba857a271a932976d0f1f0e3fbee

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 398
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6408 397 B
720 B 180ms
95ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d3436fc2-aa5f-492c-b399-29bf1082e774%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=13125dd5-730d-4320-9d49-897b0bb0a903&l_pb_bid_id=5f7d011acd352&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03425388740525781
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ea3650b72b9136abc2f6bc432ff0cdaefb936ef5c4d7997871594ca8c5b7bab7

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6408 408 B
731 B 220ms
136ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d3436fc2-aa5f-492c-b399-29bf1082e774%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=b548a095-232d-4bca-a9d0-280c64d41895&l_pb_bid_id=796fc7efd308a7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5964335308028335
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c7ed967311254b1e5db3abf337cf94dbb498ab79a883a03f94b8c0612fd5bffe

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 6408 0
142 B 272ms
88ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 6408 0
141 B 274ms
90ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 6408 0
141 B 272ms
89ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6408 19 B
822 B 138ms
38ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:51 GMT
AN-X-Request-Uuid: 076f9930-66ee-4abc-be27-c5678d94a614
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.32.248.222; 193.32.248.222; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 6408 0
281 B 164ms
82ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d5dac45bcbb9a03-FRA
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6408 0
109 B 230ms
127ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6408 0
189 B 154ms
40ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=39098734282&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:51 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6408 19 B
822 B 128ms
37ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:51 GMT
AN-X-Request-Uuid: c27c3e10-72b6-4323-832a-30c23afd2ae4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.32.248.222; 193.32.248.222; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 6408 0
528 B 207ms
103ms XHR
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 6408 16 B
377 B 180ms
66ms XHR
application/json 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 11 Jun 2023 23:35:52 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 6408 94 B
495 B 168ms
87ms XHR
application/json 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: d6acbb5069d4885f40ca0fd5856950a62025639556ac569b356117156752faf4

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 11 Jun 2023 23:35:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 6408 0
527 B 356ms
255ms XHR
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST /
hb.emxdgt.com/ Frame 6408 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 27 KB
11 KB 367ms
366ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=3930524264010560&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=3&adks=1177303083&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526551888&lmt=1686526551&dlt=1686526550482&idt=1255&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=tfbl0q7wa2mj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a18ed040dd3f7879ce350862d16cc8e91cfd9a8b167bb978a58410eac4424a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11624
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583966
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 27 KB
11 KB 239ms
238ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=3930524264010560&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=2707750055&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526551894&lmt=1686526551&dlt=1686526550482&idt=1255&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=pyeq5tylfvmb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd8ff1a7c3a3f04569bce077003d0acd78098fa22a0027b2050cb1b0381e9180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11623
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583945
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 27 KB
11 KB 663ms
663ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=3930524264010560&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=5&adks=747500025&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526551899&lmt=1686526551&dlt=1686526550482&idt=1255&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=y6rdaq1uz4wy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e60c8e659b2db1c5061eb3dcfa2ce9724fe456e77a9df15646671616df65e4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11619
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425927815
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6408 361 KB
121 KB 210ms
68ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19519

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 6408 398 KB
128 KB 85ms
83ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/11/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19519
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:51 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 18 Jun 2023 23:35:51 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 6408 74 KB
23 KB 102ms
43ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 23:35:52 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 468497
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJaaSTO1ChhhUqKzsp%2FgXG45gObwVmm9VoSQGyIN%2FekwN1shQZ%2Burb394ulvU1jE%2FJiPcqzi7daA1Vvyk10ySTAeqa0WD8CXZbcR5lgzaUETXvHijrYtZWKxNzWrF31ZUdMyFeisgJIkZEZ0"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d5dac460b2f9b9b-FRA

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0254 603 B
218 B 116ms
115ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526551596&bpp=5&bdt=1115&idt=350&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=3979164214347&frm=24&ife=1&pv=2&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075205%2C44788441%2C44793497&oid=2&pvsid=4040297006971483&tmod=317818420&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.izt4po4npv1&fsb=1&dtd=367

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 201F 6 KB
3 KB 60ms
60ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FD4 6 KB
3 KB 60ms
60ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 201F 24 KB
7 KB 210ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jun 2024 08:18:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 201F 137 KB
46 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e57c8dbfd429ba259a12a50106b122a8ed2eac927b8451fb847bc1a98873bbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Origin: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47318
x-xss-protection: 0
server: cafe
etag: 5085675812411084831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 201F 175 KB
55 KB 218ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5FD4 24 KB
6 KB 175ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jun 2024 08:18:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5FD4 137 KB
47 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c2c91d429774fdbe77ca08fc01030d693a2ead6cb347d7a49b5890b5cc97132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Origin: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47636
x-xss-protection: 0
server: cafe
etag: 4066488911593703953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FD4 175 KB
55 KB 270ms
166ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E59E 6 KB
3 KB 62ms
61ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame 6408 0
209 B 73ms
72ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686526551243&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:52 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E59E 24 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jun 2024 08:18:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E59E 137 KB
46 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d156f75a2412bb1fe1f51f406e413fe5d4d9696cfba912fe267fae5dec3fb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Origin: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47370
x-xss-protection: 0
server: cafe
etag: 12585169105175068456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E59E 175 KB
55 KB 207ms
206ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 201F 0
0 100ms
99ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto94dmY-bSfDtsn6DkPPjWhdL22cueoWlZiCHiNYlGX6QcgoMpOI-yU7PW5GTxXHLFBRZMA6ybisMH9Zy7llH642lse0ylw7yVG8C0NNESJbxT_eCsUT_ywNDD0w5gKv2Jsi7rsg__AG1yOCZmIMhxGjD5z-LIPcle-96gMaHcZYmX2i2bU6Rs-pNp45Dp64bmNscza0Y8PbrhPncWjbU0lhObk0XQwq1BZBaPvQlW9RtUTUX-zvp0m_dY-fySdRL9-HQLm8h2HjcOhxkZCMsquOJQSkim_WrX4HJT4mFpfEVZb5Z7l_LXpMU0-eA1CwmypMmz6_t5vNXkhjNgxk-F5eEendcH7SkYWw--2CzJyh1Ksux6BOMbpA&sai=AMfl-YSYNQ8hhZoLSaZ5VZZvGn4-U1SRuZC3qAcoJ67I9_Qmfq-OBS3tBNCjobNmIpWQz41Bqh8MmyJaY94oz7myULT6XXSyLXNozgzNh_NpTzU&sig=Cg0ArKJSzJXGs_rYkgprEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ Frame 201F 352 KB
118 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com&bust=31075206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1360cc417273b056ca8087a28233c0034a17dfd5e4b5435cdb704213a614e64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120777
x-xss-protection: 0
server: cafe
etag: 12924563127622203858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FD4 0
0 106ms
105ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstuZqnZ7um64kgIyW9RJ4eESqaiUG2S8hCg32AibH6XY2gzcKgkyqlIB7waIftgrzHFL0DHdq2V33U6uZSL7U7JfwFcz0yAa3jPOC-BMnqWyZAEbz_LRdlpbXPRjEtj5RAF2g_5uNDGfN0BopqjKzhmGA95I3Juc0X9pAH0jtU5ZKNzO3Ef4n_MVoCXNoJBNFu_DvYBqIxg29uigC0Y0kR0-bD-eg_keozuQg5izvzKMI4o6iKqh-RH2Pinqd6OSvdOUpNWRsKkuqKJkC0_ybZSrseUuak_JvEmpyPHA3OFsIr-EklnedL22FaDtHtn7HpuHUo3wEV6zKAMW_LNuRN_JihhLePiZBKrjtu&sai=AMfl-YTHbcs5z2PX4h-Pt2In8-nclm7gOaJOemDp-Y_Uy8H5VavMqA6o1eAA5ho99Dt7J_f7qtbufFvq05MQu7d1TnmQwi6DYK3r8wwDDL-bumm-C79KhF3WogDZ1PhGSxfkHXMXVPmUQaUV0XxKznxywEJE3-0MAhDJN4FJq87iqrI9TEC4wy6XEYESEMcMZh3L&sig=Cg0ArKJSzGD86akxaV_NEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E59E 0
0 101ms
100ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus_IlDqVDYZlcJoCHoPX6szOgiV7FYi8SqI94Pbme7M4WAT8TBy4e5sQtcWVURvrX1uCYZQeWfFOVqk4ZbDoUOAv5XCatveQXKgw0QDTwkQKOw6-iHdYoBS3JjBpFzx4ZoCsv7GDQEYhGNh-D9cyqNbnc4klCaFvV2XiqJg_xT07LtS49ei0vx83lalg2H_c2hHQMO-f--LcjDoEAzFm1rxlUKlsizmM-fTJnMmjY8CB4TWKWWzyUSnXk6RtDir2IhjJ5APMUCR6m7BXZjHhnCTl_DOVPhJ6xDtcjtEsWWHnRnQMQaAwx8e98Zzp5nSrtKQgX-fGw1Ckn_pKcM6FqRBTnGyWyMMJMPjoCe&sai=AMfl-YRkV9gVcpzBWL4_8Tz6y3zsuOPLPVIaL-UlsB5NH_K-7hzDmPro9QlytMJCjmqapm0mxMMrpRcEDwAE1l2xi-y8GA-9acgkN_uEUzNy2uwCx55jJpne0l5p8TEQlXyM5oQK7_CSq0bVTGxHSi_gmZ-_CKB9uX5h1iGq7xk7YO77sxg5qf8MmCXo9GzZ3Q__&sig=Cg0ArKJSzNIEoMy8TA2XEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/ Frame 5FD4 352 KB
118 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com&bust=31075178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec656a26f02b08ba71eddbaa4e9a26769522a59466e33ef135c7a803d67d2cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120870
x-xss-protection: 0
server: cafe
etag: 7455500053524981749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ Frame E59E 352 KB
118 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1ab0e914bd956d5d9275e862b1b90da60920a27247ae7d969410b927fbccb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121041
x-xss-protection: 0
server: cafe
etag: 9702424247122926039
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D307 6 KB
3 KB 57ms
57ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 201F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dfc69dee43bbe722a79600a220b02ed583c291a950f6323c15826e508e3810d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5FD4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfb71392b907b56bd7e87e29593e2c97cca1d1cd3f77b798148d26c8e29dc6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 201F 107 B
165 B 69ms
68ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com&bust=31075206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EEB 0
16 B 144ms
138ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552444&bpp=10&bdt=258&idt=210&shv=r20230607&mjsv=m202306080101&ptt=9&saldr=aa&nras=1&correlator=6161049798103&frm=8&ife=1&pv=2&ga_vid=320576623.1686526553&ga_sid=1686526553&ga_hid=1918151790&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2482980165&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C42532279%2C42532277%2C44759842%2C44759927%2C31075206%2C44788442&oid=2&pvsid=452794801102797&tmod=1132426197&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.4y4fl7pvhmrx&fsb=1&dtd=228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E59E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b415d33192a3edc717e805f1f534786c78a14315a2965a0b7fa36cf4c2f817b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B67A 436 B
232 B 208ms
208ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552454&bpp=3&bdt=269&idt=241&shv=r20230607&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6161049798103&frm=8&ife=1&pv=1&ga_vid=320576623.1686526553&ga_sid=1686526553&ga_hid=1918151790&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2482980165&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C42532279%2C42532277%2C44759842%2C44759927%2C31075206%2C44788442&oid=2&pvsid=452794801102797&tmod=1132426197&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.17vogbqmgowd&fsb=1&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95579738b64fa8740a8b7138e359a644e8e9c1da616eee92166212aa66ee0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D307 24 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jun 2024 08:18:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D307 137 KB
46 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3362ede9b3228efef8559e55e4d0560046a33143ffeee5f782e6809d4632fcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Origin: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47371
x-xss-protection: 0
server: cafe
etag: 10436201447043887763
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D307 175 KB
55 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5FD4 107 B
165 B 68ms
68ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29A0 0
16 B 149ms
148ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552490&bpp=3&bdt=263&idt=227&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=3465044917989&frm=8&ife=1&pv=2&ga_vid=2068353659.1686526553&ga_sid=1686526553&ga_hid=1441067302&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075178%2C44788441&oid=2&pvsid=4039166777054377&tmod=902744900&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.gtrfssukgzdb&fsb=1&dtd=243

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E59E 107 B
165 B 70ms
70ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0094 0
16 B 112ms
112ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plaf=7%3A2&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552511&bpp=4&bdt=168&idt=231&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=2385628098696&frm=8&ife=1&pv=2&ga_vid=690943029.1686526553&ga_sid=1686526553&ga_hid=1242267805&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2430322527&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074583%2C31075068%2C44772268%2C44788442&oid=2&pvsid=1392620260193569&tmod=1891852344&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.3r3mohrcg5da&fsb=1&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CECD 436 B
233 B 249ms
249ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=4198791085&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552493&bpp=2&bdt=266&idt=266&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3465044917989&frm=8&ife=1&pv=1&ga_vid=2068353659.1686526553&ga_sid=1686526553&ga_hid=1441067302&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075178%2C44788441&oid=2&pvsid=4039166777054377&tmod=902744900&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.f8xns1md909l&fsb=1&dtd=271

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd448a69a97f85a3b2b217776ef0635be209bf14abc4ed36d7bcc818e416996f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08A0 436 B
232 B 163ms
162ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791702&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552515&bpp=2&bdt=172&idt=253&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2385628098696&frm=8&ife=1&pv=1&ga_vid=690943029.1686526553&ga_sid=1686526553&ga_hid=1242267805&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2430322527&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074583%2C31075068%2C44772268%2C44788442&oid=2&pvsid=1392620260193569&tmod=1891852344&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.2chvw9jo48nf&fsb=1&dtd=257

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa5e1b731d147144fc93568668638f0bd46e23e1b758c2f0877380ccf7fad1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D307 0
0 98ms
97ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste2v3MtKepjowO-2Drk3ma-glQ-nd7hJzwtD7H-lj9v2cNf1CM8dWt5dlWZw4p-Y3GxX4zPOWEp8CXfoRo6Kp3Y53FTt1meEfiR3QoJVjeTylBNWS8fJZDpD6hsOGduC9Qoux9EAL6tI9J9SYON3mAeS57imMt7U7F_f-RidoJTJSwAwsFVPfvYjKzoeyl5sPNeMxVgZEzEu-3lHlQjL1tMGvprbWHlC6EnZseztG1Ik71pcCIwpc-iUfTldtC15KaTW7v1kG0qQFu299yBA3EprqTSIfVZ9-IPJpzUBKhmG-oxXMjyBtXh57FF3JCkuxgBHzygt4E4agP4rzoCdsaQgx5Obty_Ht2o_O8&sai=AMfl-YTb1EPRsPvGeky0Hx9zsw7va5JRqPQTnYAVDpbKOKHnJWbeMw0nQKItEtgq7od0uVjkT22cwgoUmMjPsf2eFDSONERY1J50Zil7lT4fQh8QHAKON-otDCap8lx81IXnr1ejZ2iIgoDdgsVvscwt8IHsz3aWKppl5mgob81DUatgdjQ9SvQ4QKuJeqrQXqnW&sig=Cg0ArKJSzDjjQdUojuCVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D307 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db9cbcb9856f005cdb0e74dab780c46011bcc313731266a5f8ca60e4f1558af0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ Frame D307 352 KB
118 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0461930337d1715ec27c1c65b81d238a50d196232c3190ef62c090192ccfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121042
x-xss-protection: 0
server: cafe
etag: 3005298308360242013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 201F 0
0 218ms
98ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut9cIibj2Q8IvwPG2i8Dk4WYqIHNw39Mhmg8hXdxl39Ysq4lZKpBhUMfjMCx_74GyyuDE8fxLOxwP-k4zbHGIho4v15uU_ZS1xoITabpJc-PfpU12T1SrB1FYKbBp-D1BcPzlxu3bGH4Vkz8nX5u7tC30AY2n1PWNUxNNgrDuFjYm-EKCJd02BlsslsyGVXTXfiOnhl7w950LJ1I_yDzDDQl-O33ZzcrQk4Obh9gHKu4X2ypCz5UxbDNdfjXg5hKzGllum6gKxK8oEmjg1Jxyuy2s3YmSH5V5JM-7mx6zzVuPr6a16Dfv7yCdblcNm2-cmUqyYqs5s7y1jrzXW7TLiEqPaknpmsVl6W38H1Rvy6Wc31zpMpVN5A28I&sai=AMfl-YS36n08rZ-T9BA-uhEdBcBlLlscheHrLplbCPHaXgKcO-DDBFZ0-i2DLuDBjSbe8XlIRRIgijBcy70B5buPc8unK4OiR6Mt0V3LeQ2x08g&sig=Cg0ArKJSzFvkHgBcvOHNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 201F 15 KB
11 KB 73ms
72ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a28caea304288c782feaf69d771b59f1771bde1f2b0b9212d982a62d7ae441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11307
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E59E 0
0 200ms
97ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi8hoEtJubUtGU8JYv5YZWhoCgTP119jE0zS-f2h-QRN6Uz_dA4MTaYNxWx9HN3Az8Dhjr9aRRDNwn4G_65NtFPF3a5WSvb2NQhpbKROgFGtnUNfsSPElmjsdHkGtJWAgWDZMC04xQ4WhYGCI_5FVUk9_JWZFqRgl_nbo4zJWb0EDepHUwrrj1E9z2heESlDp8g59TGKP6u-wvL9-3EJlLGBIKKRtm99K7ALGCvTNmYRSPtXiOzZ2aHa47PjuW3UMjuD--NhF5MdQdzmc9HNNvwOI1jVUH4QPXtx-F46tZJt7Q27rNxzf07wYycyv4nsG9TPycKcdatykrYcFOs33Kcc9SzZH3ascEFhAweKQ&sai=AMfl-YRfkzzlY3Rkppy6bEuvqw93GsSLWGiPM8Gg4zGbWfjM_hYKwF2ytBmL_id_WV1zfq9C6jzX-syc1I9yonR9CRyx-jCfLVbnLSTKJYnrhN9UT0aXOCzivWk9s15NH0L_BeLynIyiTlGjNDhOFa0URv8wHIp7rGYVSBEpXm0QNyG4sbB59Ko019EYBWCxfEAP&sig=Cg0ArKJSzIVvjQTKm0qnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E59E 15 KB
11 KB 80ms
80ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96f645736860bb346ac3b89b631e501da98d6a452720d4c308c0e6f9835966f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11321
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D307 107 B
122 B 69ms
69ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D828 0
16 B 109ms
108ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407253290&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552844&bpp=4&bdt=166&idt=144&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=366215390978&frm=8&ife=1&pv=2&ga_vid=1005243704.1686526553&ga_sid=1686526553&ga_hid=1170364648&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C44788442&oid=2&pvsid=1793475076705859&tmod=1049127540&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.cp5kz7urmx8x&fsb=1&dtd=161

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1007 436 B
232 B 155ms
154ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=4198793183&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526552848&bpp=3&bdt=169&idt=159&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=366215390978&frm=8&ife=1&pv=1&ga_vid=1005243704.1686526553&ga_sid=1686526553&ga_hid=1170364648&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=1747929623&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C44788442&oid=2&pvsid=1793475076705859&tmod=1049127540&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6kdessdezxek&fsb=1&dtd=165

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26e27f9574b8ffee36d6729e677b5409413284419c12916726244b09f53c8e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 201F 17 KB
6 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FD4 0
0 123ms
98ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-g7gcN3setgcZnMqpcMcIFtjCc51b8uCNmaJIWMNgJMLcJAZK3GZZ80Cmubbbn5rYDrjwYl5P_2LdVK0CElq68DBh28rQbGOP0qD0SxSPBOBnZ1DoKiMt24s_qRHIKqHrlOkrGvrv794vQwHqDqFaDqgbYokGtyJR_E6fJsiVDlqqllVibp1JMnQQKsickrD_adGuEms5hUDxd8MXAGB_UtV-fhlAXouqOjgApPwSV0HJlkwPLK0rwgbOdVngpoQ9MZo1cMB7Ab39rQc-ZGdSRvYOLBRSz6miDT6IKUYu5-oTws1W3B0mtQmoSY72EMg8B6HsUBEtbk4FAFH-yPpFUvKIyEkbpCwBpcPFM8U&sai=AMfl-YRU29Ws6B6nTtHcV6P0wAzo_eVk8NoeNjQ5iNUvVuyWZopcOzjk0XXcOSqo4JqkKKK4GalQK9DSGuL6phpQZuPlSWcOBBku4nqXl3vS1fJuesFok3A9xwFA1BVFOy17NzJ0aRSG5bi4xLivD72BnYQHorhh3fWde40KpMPrfLVSbFLjrrjsUtgIEaJ3gE0H&sig=Cg0ArKJSzN3uZYzIfigyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5FD4 15 KB
11 KB 73ms
73ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56cf47f2d62303f47bd99b1ed14f8815fb86b5706c76d0e7dfd8384e931ea074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11262
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E59E 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD0E 13 KB
5 KB 60ms
60ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 14:43:08 GMT
expires: Sat, 08 Jun 2024 14:43:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8974 783 B
1 KB 189ms
66ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8405f8454d1eba9dbda7fee6a7bb9df60f3d302439cd23914a8a4b020973dd3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x56nS7clFwKAnG3a3d3ShQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-x56nS7clFwKAnG3a3d3ShQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
expires: Sun, 11 Jun 2023 23:35:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FD4 17 KB
6 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F82F 13 KB
5 KB 63ms
60ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 14:43:08 GMT
expires: Sat, 08 Jun 2024 14:43:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7FD2 783 B
745 B 178ms
67ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f400612faf6836fce12ceb451eaf1f232e10604a6149d762a65ae569df21582e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gNPRVOzpjl3vj55j9ADkAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-gNPRVOzpjl3vj55j9ADkAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
expires: Sun, 11 Jun 2023 23:35:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D307 0
0 98ms
97ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstcdOcig9-p5_HaIQ9JwRHyjvnRz4YhvNg5HvrSpK5nSGVm1p5CCXqV0y1iZqdRQ88u2w0IVEGnt4KaWt53V5ZpRusVRlzovHW-_DU5nnMZGYTsDXBx41DBs5A_cpTuRT_0wjRXNcLVEBXupSifW_lXhwhhoXMjtAAWFZQ3LgqtjQOtpnU8SN7Y_nwYtv-YkwL84a9w2wibWCNoz7EUMTECguy-2NTnvGiZz4r4zg0We07MfsCPVPsdLIHYeWmL0zlHW0PnMhy9EaJ5hG7dUdbswuOyITxEtjCga0S27b605LU7Wwa5_RbyHzgptZE0N7nayMUt_YZ-bnlv1_y-J1w5zityXd0YuOYfzM8aSE&sai=AMfl-YS24aF1Sx-gt5nt4jx0VKDOJY36kEG-Mze4lRBbyCQQjGkC2eFgDgzZiS4FFYDOuF1IaMNmJDolpjSgvfhxXHL1mdRFdaRbfbKxGIiOjy4WA-VMnYGV87opoaNesDwosakVcb-HFc7EwPFjc7IRKiTxAji6_saZmN7X4k6le4FBa47EpDZiqAO9-Cuxsfo7&sig=Cg0ArKJSzOwuSutji1eCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D307 15 KB
11 KB 75ms
75ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9fc3709f0637d50be88d5a36641e6e8c696938fe429b6d6326950f194f0d67b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11338
x-xss-protection: 0

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame FD0E 37 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4432 13 KB
5 KB 61ms
60ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 14:43:08 GMT
expires: Sat, 08 Jun 2024 14:43:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3692 783 B
741 B 125ms
106ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b05cb80f00e47f73dac07960063c835d60efbd503b302b4ba68ecd87c7f001a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i1pCZs8qefORXvHGKrdqtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-i1pCZs8qefORXvHGKrdqtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
expires: Sun, 11 Jun 2023 23:35:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame F82F 37 KB
14 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 6408 0
210 B 185ms
70ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686526551243&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:53 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D307 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4432 37 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8974 0
0 94ms
94ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=452794801102797&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6408 107 B
122 B 70ms
70ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 29 KB
12 KB 373ms
373ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=4025068966531422&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=6&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526553379&lmt=1686526553&dlt=1686526550482&idt=1255&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=b1vfvlvn3ztn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCviemCYkvAxqCSr5Ka6qtfqEDVZ1oLMPWGov6R1e5T_iCq6P_UMmgMbE8eE6cLZYW5BnRxDKmcqE_3CHc_rMfw%2CABHeCviUr-53JYRrL80aE-JPnJiS-PXoffJRjuzyShSLHFNhbxXmXT_sO-0toAebkYQd5Ss-WKTLkRLr5Ygrd_a5lQ%2CABHeCvgK24gSvZltYHT3D0EcvFs0R3t8nvo7RHQ_4lyC8y4kE4v6uO6Zc3jzh6AW20UCoEZJAkzxb4cNWyd2OPnMNg%2CABHeCvh_Ni4f2AnsoWa0YoxlWaFUQmDMA8lwPTMPGlPHWl_92gxcEinTyRt6l4P7k8E8JtWynTo7PVNbQD1S442w6A&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e187d00b054de9f51b5da18fb88a0fce6988a9744b9fc060345f2cffe6041a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12643
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 34 KB
14 KB 287ms
286ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=4318816949382677&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526553383&lmt=1686526553&dlt=1686526550482&idt=1255&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=zas1rn2dulel&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviemCYkvAxqCSr5Ka6qtfqEDVZ1oLMPWGov6R1e5T_iCq6P_UMmgMbE8eE6cLZYW5BnRxDKmcqE_3CHc_rMfw%2CABHeCviUr-53JYRrL80aE-JPnJiS-PXoffJRjuzyShSLHFNhbxXmXT_sO-0toAebkYQd5Ss-WKTLkRLr5Ygrd_a5lQ%2CABHeCvgK24gSvZltYHT3D0EcvFs0R3t8nvo7RHQ_4lyC8y4kE4v6uO6Zc3jzh6AW20UCoEZJAkzxb4cNWyd2OPnMNg%2CABHeCvh_Ni4f2AnsoWa0YoxlWaFUQmDMA8lwPTMPGlPHWl_92gxcEinTyRt6l4P7k8E8JtWynTo7PVNbQD1S442w6A&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6d572e96dbe704d689bfc583913e365435d2cbac0a603840cd9832cfc78230f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13888
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 28 KB
12 KB 411ms
410ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=3240156969804193&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526553387&lmt=1686526553&dlt=1686526550482&idt=1255&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=2i3asb9xcv4h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCviemCYkvAxqCSr5Ka6qtfqEDVZ1oLMPWGov6R1e5T_iCq6P_UMmgMbE8eE6cLZYW5BnRxDKmcqE_3CHc_rMfw%2CABHeCviUr-53JYRrL80aE-JPnJiS-PXoffJRjuzyShSLHFNhbxXmXT_sO-0toAebkYQd5Ss-WKTLkRLr5Ygrd_a5lQ%2CABHeCvgK24gSvZltYHT3D0EcvFs0R3t8nvo7RHQ_4lyC8y4kE4v6uO6Zc3jzh6AW20UCoEZJAkzxb4cNWyd2OPnMNg%2CABHeCvh_Ni4f2AnsoWa0YoxlWaFUQmDMA8lwPTMPGlPHWl_92gxcEinTyRt6l4P7k8E8JtWynTo7PVNbQD1S442w6A&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8ab34ea5af27c357910a99e5080ae21c12b64c33c57fcdd4ce80f95a38224c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12657
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 29 KB
12 KB 365ms
364ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=1668898167562210&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526553390&lmt=1686526553&dlt=1686526550482&idt=1255&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=3upotkzhc4tv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviemCYkvAxqCSr5Ka6qtfqEDVZ1oLMPWGov6R1e5T_iCq6P_UMmgMbE8eE6cLZYW5BnRxDKmcqE_3CHc_rMfw%2CABHeCviUr-53JYRrL80aE-JPnJiS-PXoffJRjuzyShSLHFNhbxXmXT_sO-0toAebkYQd5Ss-WKTLkRLr5Ygrd_a5lQ%2CABHeCvgK24gSvZltYHT3D0EcvFs0R3t8nvo7RHQ_4lyC8y4kE4v6uO6Zc3jzh6AW20UCoEZJAkzxb4cNWyd2OPnMNg%2CABHeCvh_Ni4f2AnsoWa0YoxlWaFUQmDMA8lwPTMPGlPHWl_92gxcEinTyRt6l4P7k8E8JtWynTo7PVNbQD1S442w6A&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d35a5ccbc18efc3702da9ff8a9e21022073d35bc84502c310cb41c8845f555f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12684
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6408 23 KB
11 KB 397ms
396ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4040297006971483&correlator=216339068743737&eid=31075209&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=10&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686526551243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetb7ca5edb44084cc48369d7dd06ba1101&sc=1&cdm=ye-mek.net&abxe=1&dt=1686526553394&lmt=1686526553&dlt=1686526550482&idt=1255&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=w4qtutd93bt8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviemCYkvAxqCSr5Ka6qtfqEDVZ1oLMPWGov6R1e5T_iCq6P_UMmgMbE8eE6cLZYW5BnRxDKmcqE_3CHc_rMfw%2CABHeCviUr-53JYRrL80aE-JPnJiS-PXoffJRjuzyShSLHFNhbxXmXT_sO-0toAebkYQd5Ss-WKTLkRLr5Ygrd_a5lQ%2CABHeCvgK24gSvZltYHT3D0EcvFs0R3t8nvo7RHQ_4lyC8y4kE4v6uO6Zc3jzh6AW20UCoEZJAkzxb4cNWyd2OPnMNg%2CABHeCvh_Ni4f2AnsoWa0YoxlWaFUQmDMA8lwPTMPGlPHWl_92gxcEinTyRt6l4P7k8E8JtWynTo7PVNbQD1S442w6A&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c74a491603e953fbcf238e6f4d4042f2df90e4dec560bca87d7772805b82fa6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10897
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7FD2 0
0 98ms
98ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=1392620260193569&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame 6408 89 KB
29 KB 181ms
90ms Script
text/javascript 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 12 Jun 2023 23:35:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3692 0
0 94ms
94ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=4039166777054377&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 47D0 13 KB
5 KB 61ms
59ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 14:43:08 GMT
expires: Sat, 08 Jun 2024 14:43:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1928 783 B
738 B 71ms
70ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4cb046f211f818761360beba677e9a1467919ee47473d6aed9df63af6aaea684

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ll8UnFtsP3uCTGXnqm8RYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ll8UnFtsP3uCTGXnqm8RYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
expires: Sun, 11 Jun 2023 23:35:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FD0E 0
10 B 59ms
59ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?S7x-EQ
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F82F 0
10 B 60ms
59ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6T0VFg
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1928 0
0 94ms
93ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=1793475076705859&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 47D0 37 KB
14 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4432 0
10 B 59ms
59ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kY-1uQ
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 6408 94 KB
30 KB 176ms
87ms XHR
text/javascript 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 12 Jun 2023 23:35:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6408 14 KB
11 KB 72ms
72ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15305e76634408c6cb742bb0fd118b53e8ebaf7a76e17e4b720b0515adbd0541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11178
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FD5F 15 KB
6 KB 160ms
48ms Document
text/html 2a02:2638:d::d

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 325377
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 82C1 6 KB
3 KB 62ms
56ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 47D0 0
10 B 59ms
59ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BekrCg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62CA 6 KB
3 KB 61ms
57ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49B6 6 KB
3 KB 61ms
57ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6408 17 KB
6 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9B2 6 KB
3 KB 57ms
56ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E30 6 KB
3 KB 57ms
56ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:52 GMT
expires: Mon, 10 Jun 2024 23:35:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1FD0 624 B
242 B 73ms
69ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYmvKZvQEwAQ&v=APEucNUv3sZa8RbOtfULAsdwZHvVZpFih0snma7FGvGr2R9ozM3HZQINOxWr2WpnLhrOzmtb1JmsmW4zp6ysYuvK3I9bxOba-90ZtpE9B7v2cxQvndMQof4u16NT-iFrJ5tugngwb_Xtnh9CgaE_Eaz0VbnHL9q70BMKp75VnFJSSsSE9ER9rck

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 82C1 78 KB
27 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82C1 42 B
63 B 97ms
95ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9vW58_vox4wbKEVoCH1Gqar-RkS91jNWiZICEQ6qK2hojqMRlbdZAMddnvcQL0igymiUNPxejNKUFqmnBZ1sckP6M3HBV9Ga-L9fm6cVm7fuTw1w

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82C1 0
20 B 98ms
95ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3885653740047012860&x=1&ct=76

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 82C1 47 KB
13 KB 180ms
49ms Script
application/javascript 52.209.23.15

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818504392&campId=15571779515&pubId=1&placementId=396785946&adsafe_par&bundleId=&dealId=&bidurl=https://ye-mek.net/
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.23.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9156cdc023ad08fc1cb378752629c59a5d1e7179747ac3f447b2c9738e7457e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1362481/69643702/xbbe/creative/ Frame 82C1 253 KB
77 KB 171ms
49ms Script
application/javascript 52.209.23.15

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1362481/69643702/xbbe/creative/adj?p=APEucNXZrPElzFvReJ5PgMoSpMzWEuBYLIPuDWOwXmOua944p_oS5Pg&d=CokBAKAmf-Cj1X6jsJfJsz1mpn28XA-XfApDKFYDAP5G2w8l9k-i6E4U06NAay-ihpOG8xfLvcF9SSgYREl0oE6Kv7Pdhl_oW6CVdrG9MJ5yalSrvhxwmIbG5qYPPslbC3yJ6JNJSeoqaTEVnFQrya7MiSg3SLpNpFAqa_bmvDVrbn6sRR9ktSENZtgS2RMAoCZ_4II5wU5FtnLNaKNuQVdOl7vF-1OFs0_-QcrGA4FR3wcbZV1teFGA8Mu5msb60BPetxIDayNjSgSvjebxxid_wZibBVnpHxxkOUBCPVakX3bHfsus01hVm5l4Yd0ppFvvPx1LrHVEWHPHmU3tX00C6LgDU3OqxnDOqBUzluCqpgG1QMIpkoEfXP85ewSGGQ0gujrYKM4DfFGpHFpwI4lQ6KmyBpUXHMqZOzgb26wXW6ciNYGkutnqQif2YGqVHhmpWVxvsydN_oo5OT9SWvdjPJxplZ8Gv2XiOVSlN-Gea2jIkULvQKWe130Ksivtr4beUedQOox_AAuKH-OuqUPjXm--8ouodBunIFBvmwpAuaamd27fBL4FxqtoqNUgYfwob65yc5qxVXk4yx83Tl4gwac9FZF3ZHSPklHJZTsaijoczKSL0qDqOM3wwmQy1ANasHY0AlhYoichdyTe3zckJI6g8N2yXR7jQLztKUt6AuBq0XIk0EOk4ma9WsJPBWuGsb4TqgU2H04Lb7q28YQwG83X2kJtFXepOTWMj43pWOoGcfRKsDYiAhjkHR-W4kcavMU3Fr3tuL_BeJh7DtGPgagYF9DivOCbDYUk9s0PjlMs70wvSzGwpAnkSaUqGFXtDxDtabz7MN_lCttxXnqWG6NMQh8TGonFc2sPope2iiDMssieNcmjqcJSUIyA6LcxBYwQ3IDdzl0hiORGTFeIs0UP9B_91V6KTPk4CW1j87Glaz6Sf_1Ysj_v3guHaPLgKYDd6ooegtmLrfAa0IRyoH3TxuN-P_gP53p-bKCpHuSvLj8LOgFIMTDfEv7_0DYeE6kABMuw1ICmDxLk_UcUWHzsIrH1cBmF57qBDAjCZtxLrxxG8oAK1WGIOlKXvv8bPQPPRUpjfzKV5IZibZgg4KEeYoHDmJFOorPFdw8J3EbfZNL8yBFs4Zrzcf84xj5G0l-UtTU1q6T-hLtZbR_kr_zJW4hl-EXd8gVwTj8guo1pRZ-KyskFmEIGDz5sQ-Ht9V0mKBnKzb7rUW_3yoA0NgjyLIw_iuzatcABpTomJsx2Av9q5NSls4KhPUBbTVryznTYCrHa2plu4uzb6nEs-lq6JoCFl2WhXmZgBY6rbqYqSCvn6UWmoXD1t317zc1kDhIqAHRaUrty6FAMPYFU-42hitEV2YoMQQu3BPrl3vh_F1cYPyxHnvs1ZqR-95LX7S-FvSiFIPrPAWT65d-XKryLCt0AkDr3IMDd7us9zcCXNj6PHgm8CeK5z15yE45BpQItEs-AgO76WaPZkB8c2uobLA4rzm47a7aAnzZu0K-aUpNqOK1LTG9rMgbsvn3uv_9iFGLF6Hhz-ZnkQAbCEbPiU_X_qYgv8D4RkULEgFXJSpHLHDmHNh1050TWGAM6IF_kgytypXi9FTZp7UGZghxs77UAfJ-a4GbfrhHRRm8WXnDZr55aDbIl9tqJP2xhs_-4HNZrtpvYpg6x94vuDx0_vVZ_4Ty2gT3w-ZCm9gNG8_S7xiw1SYaZcheb0np4wOV9DIlz2oFb_MkLljGC-_GJ86WFghaKf3bHfI5Rr5-aWAoWrU3Sh0UyyMmmz51qmJ7jLSXiYM_DZ8yXbZWNcc6iVCiVWXjsyo0AQn49BmG7zn4DgzW4_AOqBqI6NDahLS7INCHJBJJQLJ-y7xHCZNKQEQPsBCwsCrKcl3UHsJ5OvMVIbBhw2RgWchEP1OmeQyMKjCuXzweo4RKbVIAMLXQfDrJu3ZGKOVguC4PiCCU5cb2Jyi4sMsdDpKTEN0fcpDFIJyAqusojaCUlzpfT_UjRLHczVN1qZkp_p_4LPStFfONHQIXmYMM511NwpFDXMViSIvIJ0BDqHG0rxPTGLIG18aMopw6fx7nFN5IfbwIhmBnAqv9LZabq-02gwAqi-cIFF87K5ddxn5lZZdBe_-9fJfXHPVcjVvmTvZVXcQnrPqIPqRIKYUIDxjWCzTfAzw5pWfpk4WBKymocf-kFYtQX2XqNQpf6HrVRFg-ciIy_tXoIunJxd4EJEUhFdIdpMIOBTUBuivj8X_oqkXj9Fw55hFDBBoy8OKsnaT2gyKGMqZPa3OY1egB5FyCk6CSGO5361pED5cc8m_8premLY8JhC6ILBU3XqmPHiyM3Y5n2w3BwgvXnzmAz-wqGQHEJHgpo1p7MnEdjoAK9qKAb_hj-QDw1H39WXtZEyUTUtlgNKyqTJpMglBxmc8vunvVrbO_G-lFCjax0wZWYLXLlo07nrLr-GICLuJFvzMX_ruRwuogdbsMiaa65t7__wuCa97WkWqlyyV6ziLzRJc6LFecGBYD_ELuGliP40RAp-GsbAbeN1vFZ_WNf1VPNHmhuxzpDK0hcsQ67ix-xbMcCOE61YdUN5EjdnvKADytMTX4ZkoWr8DXzySRSAlX6KAiUdS1tvNloXGscn65GHugUKmkp_YKbI4NAwjFqldnTn-65_58OO9VCoL62RJu3om2k4xQO58NFptxQ-keyF7o1-Ndwwx_m1GBFI4R6RjyQ8R6nPJjEVEFkhKlj-2Y_59YTZ1aHtuUHlyF4C1shNy-SP4mgQC1_B2Z_rIJzADv9W6XRN3zFEs-xW_Jih1EDAltAqZQ907-WKjzRFwqxNoXAdnBNGUnHZqG00_R_BjXGGCWSo-13yXeWDv5JMa89MvhnqPzFODa-hMbJsrWHKjEd6GEyvHf3pPCWzmGLkEJKPePLDvdR98YauoRLGbKd1nL9EGRllbtgS1dhjc0oIRiXH8QUZ35PS4vetjMhz3ACtw-gddBd9ZXI4IlIZVkOQf2hdkkvVggM-u0IjyT1RhdJvvetVmu5HyW3pTlZvXmSCTv7n5qutOWElS2QcQyfta9TJAY1T0zNwU_Ske-RWaEB0YqGSykWxNL-blEJ4sES8J4LEok4kEhLnWNSaC1LrdACtLahiYW5vLX94woDbzvpsKYdnPA9FfyCTcEIb1xp65vktBlj6NkNDlwW0axzHFJB_ZcTopbkgRdQ4mIGoABDFyeG1AVBEAUqIIOOCXoq51x-E7_7iJUN2B9VdGjPE5zmJftTMwzIGFwXqv_45BCRfy3RJNY487A3_KVpqNpFXI3-iqUMsQY4iZLvtVUywYQFUlEgwFTrtS2yX4lXiV9btFznbn-fCkYr3EzLgiR9Mv6VO5jL47d8cZcfHmtJHa30UYUeKuE1JdxDYFYZZc-yu8IdGh_4Xmkz4pSaZ-V8B1X1CN8zL9ui3x69_S0eQEmNi4IKE-xGSg5Myj4yCJVvklBaG3YNkQccE_q5zF0f16W48U6MiMmCnP4_7GHoVSP3zMvY9IcTZunv5z7DL8vsWqU2I0BlGkEIBBI7AHKBCINHiNT9s0wxPzoJr2KDw2jfsyi0l2N0yEOHhneCrZjATOqP5unEzOG_c1_cPX_AfyRcf501xLQYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25663049&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=15571779515&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iBWPj39u-1oWTE0cNpzs95
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.23.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ba2d08ef8d8f95f8a0cddefa0f4f838c563f5ea82cb385f22b1bfc08b7d2bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 82C1 3 KB
1 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 11:56:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 82C1 20 KB
8 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:36:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 82C1 0
0 68ms
67ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgRICShJaWWHNwW-qFOWUgFnu3DJXi3dxahWs-V3aQBWfaozanpZEhWHkMT40AP7U4YWEDFip-uY91l_m9tdGXisx45Q
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82C1 175 KB
55 KB 107ms
105ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5C0A 640 B
262 B 103ms
101ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGJW-5eoBMAE&v=APEucNUAFeUCnTCkKAWBL9OsZVdSbTneBLCkv3VeFUQ7fujf_e9HK61cJagmUHr2MA3dwXWklqEf-h0lzjieBUOzADYimlTHk4GiSW1-cwS5VsE_SN1jXkvU6xapuNn9N3qAIKAqp3ZMYlP7zXxnD4YbIIQlLNsDsKn3FVePJJVuKfH3yjjgAXQ

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 62CA 78 KB
27 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62CA 42 B
63 B 96ms
95ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKhhy11xayDPj1hAejpQMQd9_stXT6xQUxQYhCoo3a8hSvVM9HTRXWKMaIfA6lUxZ8IhSnLUiYLrIaTgoParHx1SpL3BQvNXVieJ5Q4JwJRgv5LZI

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62CA 0
20 B 97ms
96ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5263491173965770640&x=1&ct=77

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 62CA 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 11:56:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 62CA 20 KB
8 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:36:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 62CA 0
0 69ms
68ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAWBi-B4VeuZ6iimatBROUvg-2jaWBA_PdEppADdKMAtDlI2A1ygyK8AZ9rzZj87IQguyD0yJw4RYAXnQ8YuOS2Yr3Fw
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62CA 175 KB
55 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 246B 466 B
235 B 93ms
92ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGI7x5OoBMAE&v=APEucNX5JMC2wDXPF1-AAdIBFU5Agq8SzpU5qzAJjbRkHB_hhLj02DBtnjpwCCylKwxz1bdApYc1Hzs8bVWid-ipJ7FTzG8XAP0lXyIsGNpc9MJmeQn3Gr_5MOqAahkTu9e6Ifjf3WJoaBLgVtq_tA-qrqTzSPxWkkWLVzH2L1bQ9KVzQxDQRfQ

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 49B6 78 KB
27 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B6 42 B
63 B 97ms
97ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BF1Jcigk8k35wlztL-JlMguW64CovV1JSzJKg3gDPIJQRfuVWWcKyJeRdOmFMBN1hsyXdU0hUSkOmfU7W5377_ou_lZZt1wGrynuyXNUXfLhu1nf4

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B6 0
20 B 98ms
97ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=187205904817446564&x=1&ct=77

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 49B6 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 11:56:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 49B6 20 KB
8 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:36:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49B6 175 KB
55 KB 155ms
155ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 38F8 398 B
222 B 96ms
93ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNUcIBqBfbDY_Wyi37YEUzMFv5Z5DJm8x3hlAZKnHn0BMPrlK6ARg2xUvSyryCXWzVPOqdi8-mmlCvLaGdbII1UiVTyh_WCgKFaGBUH6BvmJfejiDphp7vGdql7u5zUqnhb3oiViDEcVl3OViWfgXsYgq2bYXTB5AN1HNAlgmJl0aH_riPQ

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B9B2 78 KB
27 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B2 42 B
63 B 103ms
102ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABCRHeYdbj9DI2PjBUZteZACFlSiycFF9La5RhNkr10PStFMwBBTC_0GrzIb1uwvd1mjwM7wW5BX_-nxsJtQQIoXJC1qYUwoeq5QatvJN-Kr05gXU

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B2 0
20 B 102ms
101ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2240223710665804133&x=1&ct=76

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame B9B2 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 11:56:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame B9B2 20 KB
8 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:36:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B9B2 0
0 69ms
68ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzRylCxcsOKAOiWFzJ6EvysjJ2_gG1BnC1WRf5CDKc9gmJ7PnRMSDKiXMq_yk9taND5LOex2X2qASmzak1v0A87J1Cgw
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9B2 175 KB
55 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F11C 0
16 B 106ms
104ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGI7x5OoBMAE&v=APEucNWglSQvP0Ig4lI2hRN8foQ2Gi0U5vdYyRLwSNPkh9XCtwkHBM30XpXuUo67E9ctn1S-kNoBOvCTFvFJKbdzFf5YjnHKw2JA-AGoMuj0XIAt9WbK-FzHPSReKFfItHQOTdLEGC_7_oJPjxFDTOmhQgwoHoEiSBK0c4ks5PAE4HEbkAXZJX4

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4E30 78 KB
27 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E30 42 B
63 B 97ms
97ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVNOXRhBCkz6RqfkQgXOhOyrlVBwlgbQIcF-0Z2csbV-n51w0dIG6BxobK78-BRoQGCLiPz9zHhUfwj4dETVnxe0nz4wfE6x_KypxFxzo67Bx2foE

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E30 0
20 B 100ms
98ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10557674284562893513&x=1&ct=77

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 4E30 3 KB
1 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 11:56:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 4E30 20 KB
8 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:36:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4E30 0
0 74ms
73ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr2PIRocYr1RCbPItk_pI40aY5tnGz4IRiGntJYvAe40Zml3FAyZzx_P0uu-5KBerZPl3spI5tRplQoyuAzMN1PsrbIA
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E30 175 KB
55 KB 153ms
152ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4BB3 13 KB
5 KB 67ms
66ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 14:43:08 GMT
expires: Sat, 08 Jun 2024 14:43:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D987 783 B
536 B 77ms
77ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9196b5f2f35eb01152be06bd9edcedb8524301a82f97e443c1889bca80bb10b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8g7ZXMZ8nfoA6NqcPmgFKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-8g7ZXMZ8nfoA6NqcPmgFKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:53 GMT
expires: Sun, 11 Jun 2023 23:35:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E59E 42 B
64 B 93ms
93ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmR3V2sG3Ms9zD9o5bkcO9d6Qn7lDyu6P3MpmdFOrLycEwQgI9Gg3SgiOQmtE5otFnbf9qZUXGd6tW8-W0T8-4PyRZGJkF4xOhHhw5-ONwqUJAyFj-&sig=Cg0ArKJSzLjlFrFgVoSYEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1177303083&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686526552277&rpt=672&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FD5F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=-vq19nxzUzlRa0dUNUFCMVMrN1ZwaUgwZktDR2lNZ1RidGIwYXZNN2N2T1Z3Uy9ZWjdyN285ZDhqWXR5cVM2OTF5U3JFMDc4bEkvdU1UK1dIT0lWeVBJcnBNakFKZnRtK3h6WXVTTnIwdFcvTWx0Y3BUZklLbjNHMmxGL2...

430 B
654 B

162ms
45ms

Fetch
application/json

178.250.7.13

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-vq19nxzUzlRa0dUNUFCMVMrN1ZwaUgwZktDR2lNZ1RidGIwYXZNN2N2T1Z3Uy9ZWjdyN285ZDhqWXR5cVM2OTF5U3JFMDc4bEkvdU1UK1dIT0lWeVBJcnBNakFKZnRtK3h6WXVTTnIwdFcvTWx0Y3BUZklLbjNHMmxGL2RQU0pxOWlMQjhLTGRadWRaNDJSQjkzZXc4QVhDU3FDMFl3TE02a2lOWERoSnFRcEx2ckxIYmNKUE5HNStqRy9CaGxRTFZoSUJjT0pxYml5QTBvM3ppK3cxMHRBUzJIRnQ0aHY5a0JkTU10ejZRMUJsMmRMaThQZHBsUG5sU2FoMHVSUHhMU0M5ckxFeGdzNmdCd0JmcCtFM2duaXpUYTZ4L1Fobmx3T2RvRG1icnkyV2RWUT18&cppv=2

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Server

178.250.7.13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

9e5ba7a35e2068e38eb27f9b7e61da1120eb92d5da04c79cf018d759c3619218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1154139
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=-vq19nxzUzlRa0dUNUFCMVMrN1ZwaUgwZktDR2lNZ1RidGIwYXZNN2N2T1Z3Uy9ZWjdyN285ZDhqWXR5cVM2OTF5U3JFMDc4bEkvdU1UK1dIT0lWeVBJcnBNakFKZnRtK3h6WXVTTnIwdFcvTWx0Y3BUZklLbjNHMmxGL2RQU0pxOWlMQjhLTGRadWRaNDJSQjkzZXc4QVhDU3FDMFl3TE02a2lOWERoSnFRcEx2ckxIYmNKUE5HNStqRy9CaGxRTFZoSUJjT0pxYml5QTBvM3ppK3cxMHRBUzJIRnQ0aHY5a0JkTU10ejZRMUJsMmRMaThQZHBsUG5sU2FoMHVSUHhMU0M5ckxFeGdzNmdCd0JmcCtFM2duaXpUYTZ4L1Fobmx3T2RvRG1icnkyV2RWUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 297638
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1FD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1

43 B
766 B

36ms
35ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYmvKZvQEwAQ&v=APEucNUv3sZa8RbOtfULAsdwZHvVZpFih0snma7FGvGr2R9ozM3HZQINOxWr2WpnLhrOzmtb1JmsmW4zp6ysYuvK3I9bxOba-90ZtpE9B7v2cxQvndMQof4u16NT-iFrJ5tugngwb_Xtnh9CgaE_Eaz0VbnHL9q70BMKp75VnFJSSsSE9ER9rck
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1FD0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIZaWpSJrIxrN2muY0tR-QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1

43 B
766 B

32ms
32ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYmvKZvQEwAQ&v=APEucNUv3sZa8RbOtfULAsdwZHvVZpFih0snma7FGvGr2R9ozM3HZQINOxWr2WpnLhrOzmtb1JmsmW4zp6ysYuvK3I9bxOba-90ZtpE9B7v2cxQvndMQof4u16NT-iFrJ5tugngwb_Xtnh9CgaE_Eaz0VbnHL9q70BMKp75VnFJSSsSE9ER9rck
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIYKcxL-uP7tN0juO0XTZk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1FD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENbDQ6uPnPDuxGJqa1ppsAo&google_cver=1

43 B
1 KB

38ms
36ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENbDQ6uPnPDuxGJqa1ppsAo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYmvKZvQEwAQ&v=APEucNUv3sZa8RbOtfULAsdwZHvVZpFih0snma7FGvGr2R9ozM3HZQINOxWr2WpnLhrOzmtb1JmsmW4zp6ysYuvK3I9bxOba-90ZtpE9B7v2cxQvndMQof4u16NT-iFrJ5tugngwb_Xtnh9CgaE_Eaz0VbnHL9q70BMKp75VnFJSSsSE9ER9rck

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:54 GMT
AN-X-Request-Uuid: 8458f137-9989-413c-95a0-d91757a18c5a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.32.248.222; 193.32.248.222; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENbDQ6uPnPDuxGJqa1ppsAo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1FD0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MTU1NTk1MDc1MDYwNzExNg%3D%3D

170 B
244 B

77ms
77ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MTU1NTk1MDc1MDYwNzExNg%3D%3D

Requested by

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.32.248.222; 193.32.248.222; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8e6a76fa-9900-43a0-909a-f9a5c0136ba9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MTU1NTk1MDc1MDYwNzExNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82C1 0
20 B 94ms
94ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5652874007900&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82C1 0
20 B 96ms
94ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5652874007900&version=m202301230201&ct=76&x=1&cor=3885653740047013000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 82C1 15 KB
11 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOVvNCGbwEDVhNASp1HIUJUXQHoC9BWenInP_x3kAbQhD2OPVvM-kEjO9VNMk5OISLm4e0v3Xar67Z50wvEMlxVzAALs6cVib0bpNWN-TQa5jDEX6a7Gfy4eQUYJDd8Kygz31kMlynZ87dmsJNrC4W7cunjfVm0ZPot7t9xWlF4r8JDok&cry=1&dbm_d=AKAmf-DA20yxtEBGCRainKCrkF73gnyRabacqaPP9fGaoDXt1FWPD-0uaa2cs_YdLKjLgSUmbsCIx190LSfn2UO8RmGzix8BXzMAdee_O-7MsFYmm9P7aN6jFzsrWCkatkPc_AjcLSgK9M6PG33FcvIzZgdGshfH6ECxxlyVkWF2wZ_yANwNT9J3_ArfRwmQ6O99EpXXFr-Mkgt5JZs6bJKqpCBJ5CoSNSSYexu_n772dJEqpyO9XJOodiQ0_dFekGkWg3fddDVl31SpryZfriXe7pXkx2i17oJX7TODzbLZAevwXGMwQwcpuujkapnJ_zc4fAAW4-L3hs6z0lbAtl7hA8HW2-L1zq2sINDJuNBalPrhAFUurbVeVgxJXdzaC_9V7cguLkKH9zsUDKarTefxsAv6O3ocV8eW58AFoVPEdFdCJJd29MUp5el4DvBx69dIqMCklXGALVhwUPueQd53PrvSP3AURmIe4YTut-WfeetqD0wsDb1kFe5TMSDAFjWoD14hEg6tv9VMxgQvYdzKe3faxoS3QiDz1plLZxxSp5zT5yVNh_3PIkiPjwVTbW6G9UfcZvK45yKcFselhU6vvcObO6aCgVu3seLuz-Pa9dI80ahtt2ruq6gEn1Y1Do7yYllQkSugAbLZUZd1UCZYUXI1f8KYLyUklq-e4ejH_pBLQxzaMslGvgVGgKZ-47IHdiyt3cWSs9O0sCUyvMeiTomf7YGW1V01xD-nluSGAOhaNQp1ar0BxslPXuMB4rlkMceVy2GmyMq8gmUFkRw4AE439sUt2Wc3_nBLyxCz8T-guKsaRimxIBWO_u8cro_BSCVIHy5ZPH4i2AgK-VZElF8t1osPviU0OM47-WN2dryGoySj6WCxjKVoXET2LK-5pAMkX6b31hU7jD-rKwuBC4VksCTD0pynFkXNQ1Sl-aF2NbjWnq_TK1yngxApaTBhMUs2ae6UfM8Ya7UkMmdoCf8NE3EWr8ZIzlatCwUiZmKeOfjrj8GePgLJfRa6Tc5S5o2kpBunLScf7Zq576BYs1tUpati1rEAsj27usOckTMkhQgBmjxaVCwMTGt77SeGQyFthCy5pTj7klWfZva7tjRL1LHmHLNWLzYJIQyiODP8nO3xva8J6SJxRVBLkbjgG4wSbdEjx3dXQMe845qO9-w_IU5Deq0kPWZ8Q7pRUyuse48o44v57MVNTyxXrWTA8WU3GCq1JykELsne7-5jVuwERFouMpOkgoKuAJlt-mK41ZvsRGIu38Ev2m5dF8t238kkp0uggg3H4F-M9h0HnWU6FhibjZWefmjLSYfCl4nETnE8JhQI81NulxVugwBdaxouV-Wa8xeQADfzY6Q09n3XYA4-hJs1LFH3ccEbXZJR-9ToLJl8H2k6uaOvHuVs8ZoW46iy8bocXBhabMQRDWqSlxdFXfMwR_2dYRmPbNJlb4oNmy2QrGCqa-vbr0krDbKRQqiNFMg8Y_RKLMKFsxo5S8Y7kQXF8N6y051AT_P7lVmo7siPZlo00DUfHxojPQJAty43QUdG5LGD8MWmRIvfpA_wbKhnswA9VVipU-i4j8nDdfXOf0S3jrj1g8JfcuaVB6DbLTDrZv8--b1LXFEQX7DHkPmBYlC3fzS4FrgdHobk3Cxm07cZ2JrSV5POE8A1gvI8MPVW0jN2_NywpyXRiAiHCaGDGgJwAIijx47Pnwms9SzIn-_9qMIbq1GlyL5kjJwu1uqGlSTcG_kuGDiUQ86XEDIIfgBhVztaM1SDTqN23lJWsS13hhK7o-rJUdKrYxAHQXY_6-jzi54bow60ny8vtcR8aPtga-LXS2GDT-3SjDYYSroXfYv0bKgFUMnYkPTI1ef_sFxeQJ-a7EGJiXKbvTpQ8RhTI8agHHhUKImu-gqb6NO4-2iFfCDCQcE9ulF38FbX7l7EbPEPXCLWnpQFIQsC0s2C2pjJj0h4NK80ViQWGytfkMrv2diZ-QLlrZ3C4n4q-sHYXvAC2hUlwSPSjzjR3Nl86kcjqM9h-XRqO5Cv-RN-EWUl0rR-2hoFqR7Vcxemfq3WDBHZMf45xRtr-6r-NaAtElZ2p66iF_hlLRKnIPLd4AJ6GBje_pbUS7fHK8AYEyJnUNh_hzRZMhhg2n8ILZuvl3BpGw7Ug9-YIA_LX_fNLo8qPt8kVKyQw2GuZk0Fbu_oQh2EgRY3FTRL7dmrt5XvRp0htwI2QuxnkX6Yvhr5fOCT4K66uQIPCI4sHrQ0DXxqnPKrl_MZEs0y7KwnKxivPjS5-4vpxmDccrEp9Lq5JAcVMJYPYlBZNY4WfXkHRXnWtVVfACJnznTos1AhQBmaJ_aLH6HuuJWbw-rL__pxyp8VhZpsfEVOKeZ7LdxH6DWYKZBA-Q7Y6y_c9nIiP5SbcNsaWIqln78QuSNMFhluObrZEmIuNrMOIGE7T0dz1U-Vnavjl39y4X64r0sCiUzVl5wv7gLQItXjrzN87P4eZWgL6y-aSknWfuTWRwCGN8PMvnyd7wumOoWXFMGfcgD4CL7_9jvlsJDlTnpye2mdczLFbsu7E7Mf_HNG8VkHTIyqjeqnKNuYkROTw1OEJHIDKly8JFG_Hq-AlvBPuPPp_m4nQA6hH3J6IO5RFBpuH-tOK6JQdJnWzsHQ83S1o-s6axBIxajXSKfIevAVqD0Ge9afEU1ITPSr_3OGro_afWWtb4u1Slowl5IW03mn1g5AO7x3S5ccJFLfczN3ZbhFbPR2f-_IWGq8YOFQWoifariTBhshLi6ybrzyWPTk94x3L7o3qxw2Sn0JXueot05g3-x-xsOrrbuMJ76_qei_NDVO0zCxkEKNRKHKV_XGlXdm4hWHWee3RTMvEPX-utf6j_a1McgOVsSjJMiI9Iihjrds4pwuJcgxwwh-7ouXIr2Ae5NnKviYgAAp1X68xA9RsjLejIKJ-7_OOlNQQcKQ4nUO48PXj96JwkKGVQ&cid=CAQSOwBygQiDR4jU_bNMMT86Ca9ig8No37MotJdjdMhDh4Z3gq2YwEzqj-bpxMzhv3Nf3D1_wH8kXH-dNcS0GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3885653740047013000&adk=3587751834&idt=87&cac=0&dtd=55

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edec033881c2913c43d48b93c7974807219e4a0fa5710eafe84d0f91de49c817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5C0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQGHWNEUlzFk2GQiLfNJBY&google_cver=1

43 B
115 B

42ms
41ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQGHWNEUlzFk2GQiLfNJBY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGJW-5eoBMAE&v=APEucNUAFeUCnTCkKAWBL9OsZVdSbTneBLCkv3VeFUQ7fujf_e9HK61cJagmUHr2MA3dwXWklqEf-h0lzjieBUOzADYimlTHk4GiSW1-cwS5VsE_SN1jXkvU6xapuNn9N3qAIKAqp3ZMYlP7zXxnD4YbIIQlLNsDsKn3FVePJJVuKfH3yjjgAXQ
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQGHWNEUlzFk2GQiLfNJBY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 5C0A 43 B
305 B 121ms
41ms Image
image/gif 35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGJW-5eoBMAE&v=APEucNUAFeUCnTCkKAWBL9OsZVdSbTneBLCkv3VeFUQ7fujf_e9HK61cJagmUHr2MA3dwXWklqEf-h0lzjieBUOzADYimlTHk4GiSW1-cwS5VsE_SN1jXkvU6xapuNn9N3qAIKAqp3ZMYlP7zXxnD4YbIIQlLNsDsKn3FVePJJVuKfH3yjjgAXQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 5C0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEO7jEmcnLKa-qMzuoX8uPyI&google_cver=1

23 B
165 B

58ms
58ms

Image
image/gif

2.16.97.41

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEO7jEmcnLKa-qMzuoX8uPyI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGJW-5eoBMAE&v=APEucNUAFeUCnTCkKAWBL9OsZVdSbTneBLCkv3VeFUQ7fujf_e9HK61cJagmUHr2MA3dwXWklqEf-h0lzjieBUOzADYimlTHk4GiSW1-cwS5VsE_SN1jXkvU6xapuNn9N3qAIKAqp3ZMYlP7zXxnD4YbIIQlLNsDsKn3FVePJJVuKfH3yjjgAXQ
Protocol: H2
Server: 2.16.97.41 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Sun, 11 Jun 2023 23:35:54 GMT
pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEO7jEmcnLKa-qMzuoX8uPyI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5C0A 23 B
165 B 164ms
56ms Image
image/gif 2.16.97.41

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGJW-5eoBMAE&v=APEucNUAFeUCnTCkKAWBL9OsZVdSbTneBLCkv3VeFUQ7fujf_e9HK61cJagmUHr2MA3dwXWklqEf-h0lzjieBUOzADYimlTHk4GiSW1-cwS5VsE_SN1jXkvU6xapuNn9N3qAIKAqp3ZMYlP7zXxnD4YbIIQlLNsDsKn3FVePJJVuKfH3yjjgAXQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Sun, 11 Jun 2023 23:35:54 GMT
pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 246B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI9SgYi3YfRpz0oIFZJHkjQ&google_cver=1

43 B
549 B

53ms
37ms

Image
image/gif

185.94.180.125

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI9SgYi3YfRpz0oIFZJHkjQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGI7x5OoBMAE&v=APEucNX5JMC2wDXPF1-AAdIBFU5Agq8SzpU5qzAJjbRkHB_hhLj02DBtnjpwCCylKwxz1bdApYc1Hzs8bVWid-ipJ7FTzG8XAP0lXyIsGNpc9MJmeQn3Gr_5MOqAahkTu9e6Ifjf3WJoaBLgVtq_tA-qrqTzSPxWkkWLVzH2L1bQ9KVzQxDQRfQ
Protocol: HTTP/1.1
Server: 185.94.180.125 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 118
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI9SgYi3YfRpz0oIFZJHkjQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 246B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUzMDhkZDktMDhiMC0xMWVlLThjZjctMWY5MzJjN2YwMjA2

170 B
233 B

71ms
70ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUzMDhkZDktMDhiMC0xMWVlLThjZjctMWY5MzJjN2YwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKX68q0EEOyWi7YEGI7x5OoBMAE&v=APEucNX5JMC2wDXPF1-AAdIBFU5Agq8SzpU5qzAJjbRkHB_hhLj02DBtnjpwCCylKwxz1bdApYc1Hzs8bVWid-ipJ7FTzG8XAP0lXyIsGNpc9MJmeQn3Gr_5MOqAahkTu9e6Ifjf3WJoaBLgVtq_tA-qrqTzSPxWkkWLVzH2L1bQ9KVzQxDQRfQ

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUzMDhkZDktMDhiMC0xMWVlLThjZjctMWY5MzJjN2YwMjA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 86
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 246B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1LSVZiU1pkRTJ1RzFSMk04Z0dwb1l4OWdyRTg1RWc0SH5B

170 B
233 B

70ms
69ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1LSVZiU1pkRTJ1RzFSMk04Z0dwb1l4OWdyRTg1RWc0SH5B

Requested by

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1LSVZiU1pkRTJ1RzFSMk04Z0dwb1l4OWdyRTg1RWc0SH5B
date: Sun, 11 Jun 2023 23:35:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 38F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPqtGKVAIIjWu61mhzYXwhM&google_cver=1

43 B
113 B

38ms
38ms

Image
image/gif

185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPqtGKVAIIjWu61mhzYXwhM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNUcIBqBfbDY_Wyi37YEUzMFv5Z5DJm8x3hlAZKnHn0BMPrlK6ARg2xUvSyryCXWzVPOqdi8-mmlCvLaGdbII1UiVTyh_WCgKFaGBUH6BvmJfejiDphp7vGdql7u5zUqnhb3oiViDEcVl3OViWfgXsYgq2bYXTB5AN1HNAlgmJl0aH_riPQ
Protocol: H2
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:54 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPqtGKVAIIjWu61mhzYXwhM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 38F8 43 B
114 B 142ms
37ms Image
image/gif 185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNUcIBqBfbDY_Wyi37YEUzMFv5Z5DJm8x3hlAZKnHn0BMPrlK6ARg2xUvSyryCXWzVPOqdi8-mmlCvLaGdbII1UiVTyh_WCgKFaGBUH6BvmJfejiDphp7vGdql7u5zUqnhb3oiViDEcVl3OViWfgXsYgq2bYXTB5AN1HNAlgmJl0aH_riPQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:53 GMT
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5FD4 42 B
64 B 92ms
92ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz6FwKd0dPotIUEXgC3SDvSJj37xiR9M6ZhklNksvdMTWmeuk3I5jvkjW0TKtm9AGfFR36QW8UNZcT52ZvULIFqXSTOXLinrfMJ_4sF3LgwLim6Kvj&sig=Cg0ArKJSzH6ak2v9eZzrEAE&id=lidar2&mcvt=1072&p=0,0,100,320&mtos=0,1072,1072,1072,1072&tos=0,1072,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=19&adk=2707750055&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686526552163&rpt=865&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62CA 0
20 B 94ms
93ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5049944849047&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62CA 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5049944849047&version=m202301230201&ct=77&x=1&cor=5263491173965771000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 62CA 28 KB
17 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGmNgjdS5urQirD9LxsvgWlMOsyHYt_bn0QFw_Kqd-ygIrboldTfkPoQoLs8EYKp2n1Wvsz4U-owCLef_THVmYptb_-H2bfz2F6pzeKjv5X4SilTMPBnVxEzAAEQYY9Wfm2vv-9tN3yNqp6lVV8smgMwOGR0jeYhu_nBh7AtYcMJK6ujg&cry=1&dbm_d=AKAmf-Br1MPheG618j1lZPvP4cdARB47tZXf-d86XznprZAVZ1XPdLxkay2bA3fwM6upb26BGsEhKll8QSTuDZaBN5SGzKQVMVHOWUDnDVgVFChq-6ptnDvXUxkWKL5txmEKWynr3_yrXzvMtz7qI4AgXpJzGIup2FFW-DaO9UYxBdTzKF0biT9YSKS-cP_GntqWLzc-jTFpbtZA7A-iiTt87ZYGjygKD2wMBU7L2HYoODX-JAmWj3HaowWbzDSYuZe8oyztqMfyK_hYzXpyePXphnvcJDaKohB98LYh5FAJIsceCm28M9nbH45yeQVY4O5NWUD5qyqyK1QYA9oMfCQjWkfDKxyvPg9dHEF77jPUoNNk2jg86DU4bLQ40NBLpT8uxWRC95oM4v6v6-ya_hhTXZ-c8Z7-KR4CpcKdR27sA7mz9o5WDFptqAwCuAkdqmEQ-LZD5vICCqvvSAap0dkkZIb3yHIBy81VP9mTddvngD62SmeadkUVKxgcAmHH_hnXods71SOMWrc13Y2eVlgN8PReNPno-nyPrAZo4os5bFBGug9lLdQQFKInbpC3yriy_g5MmF7lesY-7hGZtC9HMREOqdU0cQN8LFZcm5grbpXQnaCl9IvXebablQbtrXAoDSUvDSwazc11AbNiP0u_caoLSIqwIunKSsqSPZoPg4BQv1IAG60-Dy-aHxgTAJtHTgUy-kQhEmPNrQL7OlJDzVIj7VlZVYj4-DaqJWW77RRdKWra-UZjfvWl73KO3y43R7U3y9D08OAAewRwqqiMrqjZdcYAI1gUtxIoAV7m7lDFxLRGsHZfVD4uFzs--SC1kZv1pkLfUpCq-cnDuvSighLrSHpKAQ_ZQbqWoExSivSduX1_aOJIT0bgv7RIaWNFSUTpkLVMKvwP9FSMSKGwPjVobtBF87xK_4CXIPMUQZWFCu7o5SoI0R8en1jMeROiE-2q4siW_yptSJNC3cpNHfxvLcPVAzWqoXNOehs-u1ySfWGXHmbsUSFCFM_owAQBsTIh9w-FJx1AiKEoC6K1gUPkgPb0P04uPptRJBbVs6gst1I36ZMnzsHAC6vef8XoYz2jBuRBbc6hWBQnYr-b7SN-nZr4fVEEzweRJieGwvjkD3er0E9CGoq4SZSkDriTWkfYdceyRCumaHVmEROMZsv9ViaPB04gJMRYsZNgPxTDPOmwlTBLNObCglphdjZAblQzVWrbzbx9iwPoO0Xz2HQVX8vmc1zeA0l1UeaGjtNW6CPKNKNU4QMVsFnT3g_Si7IjUvqylCVK1M1Wc-iBUKFN4FwlYc_cfqAXIDNAFpNhcmxqtvbKJn5CyQWmYcS0onhCfvK79Pist3dtMB9xRTTYHziSjYza6j5430UJ8UMoCpMRjG-djoaH9_Vi8Ju7ibEUbbxEKfIG2Iamc7Hv5WwDEg3jd5caUlQ_mGHGnJrhQZICAnpToH3FD1a_Ys5vprcEbGv7Jl0kiGjir6tc8OD-ks3LuUqECBphOwkH0pfh1JSepDPq7g0xStWtS03c7ANWhmPQMZGCvs-HADouyb42WhnxtsAac3scffFmvB-JGEqV095AC9GgaEQlyvwkHgc7aKYrd_qUnThapDc3DXSNq7tuchuM1o7uFID3dW-md8BavPI_OuPhh6AohfmMEMGIIs_nZsxV1pgyF5eNAIl7X77BM6Pwg79PoLEVQ6KvgDc4ijRGXDfzhaC2bvNR2qJctWenBcpoGIb3glNLZAzrD2BpprdmRkSGjJJuPy2UDGiuQqm8_AP2I0hEZLoD3wV7fYVtdV-gYs9r0vIoJOJt7njt9RD0CE5X0c6wMIsraGgcQ8qEv1TczQ28jB8XSeh9JRdY2hktjBznWhN2wh-0xGhTYLNLn5SE09-_jx3Vnn0LqCtnoRd57WGGvo7oC7sU02KnINrwgnQaL3sI-xQL_ZrpgABRK4VQ-k0LTjeHH-iLGFxutBf72dB3z3Jk6ORDMDfWqrsLsCb4JnmfYYy4M-kpAedfd3jy1di0pjWu0LemQMBrBwyB0QyK9DJWcCoA4xkagj0pQEZhH5nBOlEqVRCphJxlimzO5jtqmTraaGnROX7mDqXCxom7ztDu2W1vL2oPNFMY-BSdNVQ69n5v4QPZ5kpWfRYvsYHUlpFlXEj33EwebY96D3BOFD0fBkAn3jK9ODOSNsF0etUWfDDrz1ioTjtVn_gedVHgqYKk6SHCO6qR0S1uw7aLwnpL3N_cm2MTr_JPxkSBC5O73IcV-jPjCuu-c-98yFwqxFhNBJ-mxV9k7AKbFbvSGkotncjwp16RcxLftU8S4xRGBLLnQK_8FTv7U3dn8zjwmn9EEDPnVrJjTzkWQCYlOlYXSinpTWx_nyobOaxRvD72QRpDjCkN1Jbpg93lNtvK8VDQpfgxScdB7RzT5IgAipBmq4Jn8l5VnUB0c5qcwtOHfMyZPEebi3gvMJoYadVSLzMh8jAc8RUp7AJbllhiapW5qcaxKLlSAUDUC9PXHk1-LZW8iwAytJ7tTP7YcVkPYIOn78xG1m6Ab32WD170pypcCg4pbqRHExih5fNykO7H30EzDwlp0vePb0j9X9Vhq3xhppzKjEuydojCKNItEH878Sf4WONTPPEzBX9zZl5-mUVxMDw1RZAd5u6uahJ5k7LeCy6oiLmtMazCTVjqYYkVtw2l3e6PO0gNLZk1M8gOjZ2HwyE0IAge87sH2BKQQclfqvP46NJWmQehN848Vcfn3iNt8_FWBFdi9SwUQFmdYYA8LBW9Xft21WVFaqCOtpYZ14yqaD0t6tMi3ntCCNp_G8SsVX20RSfN8ppcZQQ-hvNKNr77ZfCet8WPX2Vx1cmvq65iXd3cpS51chKmUxH8hbIwlfRS97dJnBHCyXdldbWxJsUTODBUeGtEnu-Ry6RjYE2Q6pFseew2PNd4kwWZQQXqRejVjLEstYho0rPuwDRIWnT4eXNHsC9an4CQQem-l99cpF_tbY0QqZJOCUw41S3yPK5hL2gGZJcIabOBihjEH6c1wM99WL9Q-GpT_tYeu1X9V2jyugg8egis2QuanFNt1VHgvggI1ZAOa8no7P5OLK9LPIOhhn5otV5-QdYMqJv9vdjrGl6-r9mNcGPpEbmaz7my4-x-l_s4pslpmJRLq3XRbTiAQyg18BF2HIz1sUXBugJ9XlZFakY3TSJvJkFMYIQRxbs84qq0GlgFEYIWwYgC58YExZakK4sRNiFFpYYuPgkRulFCipHPMqNbjyf4zeYpYT_mvOOgtE4_bSu0rdvNr1B-CHuJEuciw3ciDwTSnfeJTGYHaY8BwakNYtTSQLOX8TazFywyReEPHWFN8anhkI-YwznVSllTOdW6AS7RRfDzyT2cQJWZzIqJ90X7UNW8Q87qFPsPk9o8tB2ypSCtpbtf4g4vN39-fw6VYivnpXV09iZwGxM3eIok2oWyEHP3sVWmnOR7CpbhNo2G2FmFhoI0fuIGN_R9lr8eE3siKrjJLHvVrAfBLexKH7EmuaVwpkJ6brRd_DqrDHVBt-pqX7kUXj0G8K4YlLXPQ4lOcrbVLbbMs8U61OcJPDvXabTD67rYN15zinNucGx4x3Jeua0XY9X0Sd9YPyslyox9pQBMeTzQqqU1uMqdJi26fuHBugaP_huK8gqMTXMF6wNgwrxnMSsTM732P9eN5AQiE1Q0sy8IONDNuNuP9woU_8rPgebgVu5kH9iBtrjmI1lRdQ&cid=CAQSOwBygQiDyLNhPAWWI057o1e933Jlh3qKdSwLHeZYkwqbFOrQxJ98_IYZFSTPUYrQxZaMx8bDGyVdAiFPGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5263491173965771000&adk=578009112&idt=87&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa472ee20b50f5097ca1e83444949e83a1fb4ec98db65dabdb4408187ea2175d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B6 0
20 B 95ms
95ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3213145404655&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B6 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3213145404655&version=m202301230201&ct=77&x=1&cor=187205904817446560

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 49B6 28 KB
17 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DP2f66cUMsTBS9REkMIdszOK0iQseUBGBLbhkRhSgSGjEo1O64JeqaMgSDJijh9xsVAGBxi6fdb58pDZHR4TSPNzIs64W1-TRp4ISj4Jd5oVHL5wEoNm0917JyBRQwzK1NyaFT1av1ps25TXQ1lyX7gusgVPfJd6GjZqNNmp5wu-Y1esg&cry=1&dbm_d=AKAmf-BQXurGyzlHUzv7pI-Ap8gH9YDbUS6r01A-SlQmD8N4U521cPDJyiJmYth-4hY7iZAHB_z9YD_gQNdvEVBozzormjltQIpj9luT9n_O6fPUPm12Vl3TyzUO0Tzh2561kzNGlUjPHWFK1D2ClxCxpelUSx37w7rZasYtQN9v5XXWDSf2I-OI6pCByT8kPfttVwSLcAEzS78KRe5J-He4Xmi2TOY-Zrm_Ko6snVgxp9-IefAkUb5A-2DDNi0MjAA90uCpV3N2JeN4tFdn0bEafzEq8eMDVj2Dlq__OIZOkHhyNwO9CpcB99Zns0aN5maE9507B6alVOoCxw-AE0_TkIjhQBxmnQdSw-5Or_B_1xaYADJmXWXn4Saxe1G7vssUb46Bk1Pbtee7sJDTMflRcjQf1wiTgr9dOAYHoaGkNMLI4GDSecmOWzeSHIUkqJlYU2ERPzR8rN1JP-RcK41pKplGAUJWtH8oAEKxl_BZZtuJo2G4XAayHMbPz6XzAbCR_4oV9vABWMYqCocpyLw1EVn4T4yM-EJiAHYOsYgGLSCSK9KmcLkJU_q5RKzC9STWBEirDSP8RR4iVKiKmeVO353YcWERKIhgPZu7_fZxzbDUIcjohzLtd7ZowlLunAY9wgoaCuLNfO6uXk6YJ4iHiV8i08mPkc1hCNRoa8ks_M6ZNUxrBoqgWuF2x3kIZL3gkR1Y5XenVvHcUf7InomP3u0mxQc6yt_fPsWAPkqf2sPzb4__BOQXVMMD3_2INLEQOZzE6Ag2M4fUaRF_Z5yi1aPl8MPZdDTAXiWjXvadlRQD2oahMrCTCQszZkBTAUJ4KVAyLLbpF8FFOWv15Hq4xOOKkZP5eJPW0YkFNwuHoumUYhNPms9jla-NeSqpMEPUlw6WX8rcZtSBEGzIEoweJAQ5Knkdbudm_j2y5qiN1mYLgFiK8ZW7OOiUj7g74GGpIkK58nSS1oa8kZi4JfZwAasjbI3Nr6btAmCuPvckfMZpiPdIxvYOSWPJQU-rCPq4T4PleuY3piaX-8x_GhHOVrcs7F2m3RXQZGujw76vSqTI1cL7s0PAKV8pdlguNnW3dVCEy0KRJQZzcr6OHB-cmNNKf3OQnRtZPtfqiPcwiR-bOxFF4upZiejGtWO83iTw8Hr9lLv6ysgaN3i4-WGH2MIl8A5A6hc8R5Tq_MoQfRwUASN18qJ2Y16n6BYDexpHIRU2wTDJQyRIvuuxBEr4cQ1e94ijk7xU3UQY5lBHLJpdqx4fZtlOp3xUuwhPBVpTS_oHrYDY2qNiVSa0FxtZtmgCvIe1pgcPq57pvXrsH1Q0v79vAmdlKLaomIm2HheA7Su6Vel7VqzepyaMqBPgozNXVWpxIQaY5eATm_Gi1hZEbI0FAOY8RzdkIrv_6paL6-N6mXIGDYpc3ZeJwajLc2XEx9Dw1o934MUffzv4KSSxr7cd_U8FEZLH0p42nNuzMZd39nZAKA70_ddjkNNylnBZBxkdKpBHEl6v8YG2pWAa8kEydXkng7s4uKFw9BLnP4dLomrExIzx2oeOkpGezBBnMSmf-vhbu7XqNDZArFRoQIYZlbt0NrJ5O1t1Pv0vjSzq3woQRpLHMI_W1TkgkT5X_SgSdfaHTgsczeStoxXuj6m-pNVTDkqUkMAiQ_ODA1KouYO7Ll92zoiBTcALRV0qLD_cRCeY0jmgZZ67KGgRM-HQ6sjjZiVTAZvoe6SSlapE6XPBVd-Ma40bP7wE2wmmen9eA9cRXLGR8ehXL6ap7CGzmwehcCKjDNt8L9x4dVv1JmhjEfwUhQZr8oLWrIxfCkUgMi0tkOHLikkIgk9gho_J5Wa7fIcbORPdoy6dSTAMEet4aPBzz5fTOhhVKSKaq8bAXUa1mcewMpy2ZEzhwDixeH_7XfCTvkhBTSl9JXwrxlm817ivJWXLtBi2m3QvOiZIK3-GKHhbrcpTY1vTyANjhSzcHcptBsrgs_SnK6lAb5uOWC3fQOpopDN9-xDxow20SpyEwtDhPdJWgptGp-Bd3uo_EGcZ1q4p3zzqhVtwuTEUiDeKXpm9IEIzfa3_x7hLwkZ9eo_Xs2eOfbiVNPot6WjWEFStH4MyQOV0jJS1s2kHldfeufup8_yQwWcCUp0AtYUd6T-PS3K-9OiEdhK0hQsXDALKcg-UxkytdP3QojOAk_bf73svXQghS5GBMAEq-xoNeE3kK0qhjNd00ETx7Ass3Avq1htVBnfKVDbxzavJ--WD2XSCIgA3xYbI_-e7jckFcqbtIjM6cJUwjerx4TEMctlC-o1KGDreVv-mSQ5CdxVi4qr8uEsU4-4che5KNmzAQM4_i96q8gclWXdXNYKwmvzVTVnh8F7uY_TxIhoCn2x7SC-b2P9TPClba5sedIWL1N_09mtciHduAiyiE73GcszUJYAWzRbTg8avi8hTLh9upleiUKbeMeHAfMUmOaj2OIjDuln5muj27FoxPh4s5pP1006DdkUnUYiErUwjOMUnpHoQ_azZBRvaiC4uvovfMA2KpaF5QY9MVq8IcBC89TPUpv_9_d-VbnFzICwFDUnIpKALiLpS6pVCpKLdr288CjUJQMwIvSFVYh4FQW_RWh8OTK4JS0EyokHxdw_tpstO82ZDRt6bHdsyWM85rLty_XJUHlsmsfjC5AoTNVKCvkphSYvb0btiehdP-bCgRcCAjyKvhrrvW2MwPGXxNK6MzAcVKvb2wTkgdnbcu44eo983p8LY0AAEXAM_oml2aboUnOiWqn2rYNs8eqUxPs0cGG5SCcXuux7rQdeNaKILi6OfFlsCfWonHFiUz9lElpT_ztkwO9jYOZQmTkxvuQVd2WS95hH5FtFG4Qq4akjllg83gFS2Jxtd8PbPL6uhcikJkCtcUtJAgfAD0JfmPfWvhmEtXUyUeqE52kChw3jL9WDEENyZQraPi_p6xdqISrGz1PWaLNktNxA-dcguzX65cpzkhBFYWhpZMDVh-n7-5IuapSVOWAWXeDxniM3oZAbZTyPD5B6FqCd3vziTrcl7U4ftHV-wOXBVT7DjYNoNjUrTWcU4l9boJRQpwdu60EkzEuU7HOjDaFK5xD4xCHbTQr9Kct5seVSamLuTfYsbGPVlNf7wvah8nSzC-x2u39-HKj76Du0cnmrC9sfMC2jC5QP2_EKcmcRTtNTbpba6tR1cQYVdNm_vkAPClYBSH2ZqENRHwe6M4_CeiVmzsBvNULEuMyuPrXtSKG5aebj13NInzRQKyKwx_EHfYfdoV7pUmt1fpNz2m60SV7qdTJh8B6A1JkwEOFlb7ipHc2imYazsdf42J19v11S2vR7upcvB7KIGxUBPMjaoNXOe5ioLiNuV8MMeTqHxAZpMCbTGY8BSydQ9SmtwINV7CfltRYcciCyh_yS0Z1ex3r_5z84u6deEvGXYlZazMemr4Cmdr4tVrE9U7nzT-rqgf_SRcGp97D-uCHQHFuhWIfsRdZciako_DtyCHgJ5whw1xfN_-Es5baCdtWNZqV2kad_wDiZ2qAFyhwvVDjmk7NU_gqcyZ_JG5ejZakhx91Tg19hjSL_O564KWbrcqDl77v1x&cid=CAQSOwBygQiDC5myDT_mt7mclUYStN9qxbx3CX1mavBjSWeumMtePCJRIneb1CtPbcEqTP7j5iE-HZGNspW9GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=187205904817446560&adk=3860319555&idt=96&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec15133d868559ab60388643173c0eb52debe58489d9b8438976736c7d8b7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E30 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3302403008507&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E30 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3302403008507&version=m202301230201&ct=77&x=1&cor=10557674284562893000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4E30 28 KB
17 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cek3QWfQsM2K7DKTRCcW2OrIBa3YNkDIaj6hCb1PWlwCEhEwxWVFJvdvT4MIwI5ffkOQAxLFkoUIyR5cm8JKcz7Msgrg69w57jOjzkRxD4EPjjydGALM6_ElqvXP-IkTzDGfNeMW7P4V_EkV2UUMUeeQE-DdR16yDmbAYVGvnIm1rW5Bk&cry=1&dbm_d=AKAmf-DKvh5NiwQ7JuGo_484r3fjGDerVgVBtkaRJBzjkLslODq1NJ5n7zAgbjcWqvjvlYhedgnMGiov___7PEe7h7L5LEqjJz73wVHXVS29K7pSgUXl_NnRqKKMxG_UPNM4VlyCs62F0YuL_WMwKUJVZnHM2vRb1dwdzl3MG14e9IJclv3RMV-5A2q8ve9cZHfZiSWRwZCzOYl_4Qth2XtmaUlKyVXWPSeb0wNJuaX_on45Lg-hzBWvcDd8SpxQaaIE6_wvkezeIQDmDGK9Sw_1gW0bTUPm6I9SgRwFWJniqaeF7LMkpINnZ7Ka9HuCfob0rbDycIoPSB3ChBSBqDMMBGxgE1eyO3OaFAIVXwYeKyr4FTEQxdEVbp5bGWaN_oRslw1TztErIC0JazRcihWbJuGig6Hcsn8DYeyUvxB7_z4kiQ8KBbIhZt1_Vh10J_-JsLfC0BVqwMfdVqYmjyF8Ipqytx1fNMKDkKZqtI2VzYlaQluxSoClFI6EOaDy9uPykIgC7X0bcHSLzWOG1FM7Tg2G2C-deb5Z38twJl5O2QLMyzQLzPV5d-fj462cLEXEN-qGQZ1XjE74j8JMgLSLB4OLGFiPF3nNvwM4yKVBaIWUuWBrrAvwKQgojj-nDr7DtLlN-OUm4FGmfurP2UiaGL48HKRssqlIO6fiDpsmK_hkM4oWPcEhd_kewglYpyhimd0eamsqJRFf0QBHNXE02OtDJvDuNCC20fG_Nlok_F2JtsT43pGa6xDOaHbO78XqwDgNd__FliT2EojGTy0ArZdgxEyio9EIdHcZGT72rlB6f3Broff4SdTkYFaUpkCd4rnNu7u2NH3bYq_vHgiDt3bvCb7N98OTkcgMqTG0WrlpX5Y28ScG3z8MNM6DzdGbNltEn2bpMfKTVLkvBspFNxKCyM0Jdqq7WkpR_zdwnQBOmliLvW7zZm5HxZxXuusdxIJnk_jAB7M83YcsqKphbEBBLzWCnd9Jn_9nFQL3uFpTqyZFTQvW95mVpBd-9kBuCAshcRtCDH6oupb9EcUMbVfirhUaLZUT-O5tNaVcszaG_Rjb6F_RX4X6zSDtTsG5j7s_q321aNlHSABLhbbn8RMMW-w-Ll4A722H3mbRcIgYEXzV7m_6WO1XUVKmiTUoOTXoc4YZnNVfeOBzmVVDHBMLypMNRJgxMkWdoKU9Jc5TnIcETIaG7bjlJfgbyWIxY0XpmgOC6W_VXMKq-4CrBrfNbRmLbNH4onKJ3eZCxJszPcFnitpu-0AB5TqkWWQfAia1DL3FJBW6nxxtHn67HNNqqLe3a1P9Efoabw_AlX5ryP4p4l3n--Fa9u7DAHgXHANPEhspH_vfStfXKldRKkeJGNS4GG9fKqrNeChHzDL0KeBojHB26Av9ewiHpZqletSXnWDhEnKJgDLlvrMUIHYYXvLNdiMG940dcyv2HVBtJxrp-T5WXHJBgMytXVoCg-dSRY21gRW85RovQ4ru6SxFUGOkBBvIZ-vp3SfOBzqXzGBfnVJILyUCvte8VebToWHFlDrC6Dy0Sg7ms-Z-RuI9QOdVJuF-gxYgq-n-4trUotH2icnL8DG9mg39JDnLbLdh3RMMINhPMHDq0ZToO1jySOsjEoFosazeLQgayrtyp9cAwv6Y7pH2pkK__5DEHY2roHoDYZGLiCa6_1XI71akjOT77Gu0ta0Dt0vKgxTp50iQMai-ea8rCSb7Bu7c1t0f61JmRI-dVA8pR94uaoYp52A9YrWw2mMFGbFsNq7_nIz172R8YOdWJlZmrD12ryJZJj9RWs4Bje65KPqCzKWVgbZWebSIOAwOrqpI97zO6xYdweupZK9Z1v4QPrB7tvFDCjZ9TW64US1gwQzK425nyCXWHGGKBpcKHP8rwY-qJpEb_95I4yGg2hk6S4sUNEe8fcb3T7SR2M6HXzFzNKlPkdN37uv8uJdtp8cyR2u67ZW2nN7oz0dObE2U-7fTD3EOwYicRtqHzZQSc9vZ4CLy-wKwP9HnDdDVfHiNjOmdU8yxCqtSpVchzYucX4HM7TTGv-hxMbQvkJ8dDQviUmzkw7u7ivbVCqlL9sHIO-rHfQ0L5M7wmYhEHwFWfZlq5cKBHa_SkH3qPZbrpSU3Td3A8RMmBV_afglXqnpesm8IQsNgWMxtfF5_Y3iz3w0Er5QEghvOt6G_sRCIgT_ItF-HI1utZnMPL2pt2zRXB3wCQd2B5Fpi5TfTNje047Q0E4pVMSZO1mStfQU-ac9RegDqat1jw08OchbUYFKQOoJG_XgaXTXZ0LmZ4xZyQUdgicVYkPIiuabgGK4wn6QQ9EPxxiBAJsS0A4ys85gIunFnU_w0sncVub2-p5QSL7J2Je29Wb_Poz1v-GAO8DhtRHWTz0FqdejkYwYV-oOlrVOMyU8GTCk16qbXAVtnIW3UKQCnRt7-Vi8xItoLyR2TZNNkFDTEITzfO_zckw8KcPgQsOVVDC_K4qULSP45R3AS5xbyOQDNzPzHZuLdcjr5ZTnm1CRb0g40PFcVuF_v2XL4hkL-rl4WMhDyBEmZGTGZbr1DcQxI7DQgcnqBdAKRM6FgML_oAiiWbrmg9K-2_mwFEdV8hNWyw8APiRiTUoiFWpKe_qj441WjL-0cq67de9qHM648anfdzCxry8I9qU6pdwJLtKZT1iV1QBbUjR-TSg0hllTS_vO_bt88ACtc4J4OnYeatyaR7gRd61RRBNrmMSD3HNqJ-LK4T3F5bm6z6qZfOUkJoWwxiJNphJ23fuypiEpjAyqdYP0FDEkvpA2c-U2a6hBHqwe8AtOrgGwMMp_YpJ_06yCTN5g79xH2iT40OvrHBSznn2BWJAa93Zq_PAdK25klQ2br5qE7wT3TDUtlCCCiWVeeBUR1dWo4asSu5F2izYkqAovfSHwg6NtDeNV9lcSz1gMjJbam1cz3Ay88wP50sjHxyS_P3Ts2bBcOmE6VTTWUc_6i0L31rB6g9glG2m1-IMUhdfah8Ikm29tMdUV8dXyoCwMXJTInwLR6p1W0RzTzn-qfgS2cR8YyqWtVgZuLhRj_9Kx8gx4Sz-HTZH85mgB2tLQq82hJChvyodF51MHW6KMjYVbENXwIs2boATjwVP_fCCC2zvFHh4wdqYP_-pioL9mKnyR-eFT-UyhKY4bA0HNgLJHt5WkOprPw9VFflIVOUy8klzevnxCp0L1ZSCSy2BIXd1dYA5NPMZs578GO8y6R_0PFrjKo_2AG2sOGzTK67_qA4pxqNbHIbQPFABlGT4CnKj34hc10vpnBJdWXEG2UenQ0mEMyJ_eiK5A7iI7b2nKNZqmengDv86GH51cIVDVzrq5z1SzkQ7yihw_pkDNJtoaQazMDQBNssMnYFQ2t-PBsM841HB2y1h30Dbv_w2zMVOPnuVTjkgLZ46kJ8x3hAHtGnU3wewu9fdgmxd-AjBk3POpm0TPiOquzpVecRB44hZkbfECv2HBh5ehpynUFG-Pwxud88OW0D9o0zjg2iZCwxkpq1xHjm852WepzV1flRdmsgMOvsu2RX7tvifgzWDpUnVcmP3VuyGr2cBKIFqkTN455Kc3aqgqA&cid=CAQSOwBygQiD1xPzZyzN2VNurjCcArsLewLRd50z5xqlkN3iTF06L0313NKynkw7GgN6lVz6nDsqC36J2UWIGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10557674284562893000&adk=2754877854&idt=93&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caf655b6bec330182e0e62921c9bbc57fe4daacadf5ec8ea0adc9ec64c8b0055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17014
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B2 0
20 B 94ms
93ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4064941563776&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B2 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4064941563776&version=m202301230201&ct=76&x=1&cor=2240223710665804000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B9B2 87 KB
36 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Da_Ywoi3Y-rcmNENisepQk7QtI9yFOabbNaCq7yYWwctm_n8t1HdgPZz2GdMkixr1a9hxrkQMDEe0AGdhoNUalGVlrrXw_845ss0Ncya0gFgM9Oezv-aoKX2hV1l8DE0XT_oVlKxLf3r2EDfu3OXd2J5VZmgcwHFpZNeM98KDeZBESWC0&dbm_d=AKAmf-DGmb_M1qaPO38AUo-dyiE8hSdcYdVDibAkuZKY136pbePZyZioL7Z49WxvzMq_cDYuTH2g9JRMHVu7JN2lKIJ-JK3JdZpgmiwzWMtm4VtCZwVcuVhTydPSO2Qb_87KK3a_UeRHeKqTm86MKP9Izc6FbTaSB7yz6ANwRm1-aLUxNCGArigeRWtOXN9gog9Dm1nvYqswd1os9V_Lhqgpf-_r45LftCUfQk8uY54nasMrFm5UHEAkxhaWy2PdIGUC5JrVdIq0NsDAXaL8HoSBus-HEkCb3xPbpTTF7iDMjbc6tz5E1g1QVhcNlWosbMBuVn16uUiuDl4mcqbr__PJxLqvk48SuvREGHbFvXrqRPG78i2fm4LtfpTPodl2IdARzEfCCu8VicnCer5fn_-0r2aWxV0ucsnhZcjsTfEi5Fz_JM2gF3oI0rPMAbPKBJ2g-PpsqaJJfau48OcZE0f-EHOFkK8044y8TRcRHbV2VQxMUv6clRmwoUXX7CYPS9pHWHaO0temNmsKiOxZyunFp1RumhUzHJ2hJHm2UAQLIw6_JnVZYIvPjxz7xMRiKMkNfMiXWcisJH32WX5sv29zbc05Ps-qPnFQzfj7bv1QytvQqlZJY-C8PjjzdIQB_rBcNaRB6a3oEqN9PWoQdrfGRinKrOD5it1-yuhOK7iyC7g-_bF1maCS8DMYRAFkg5mehuuviGJ2AVnb-KNoDE8X3d6-2XFNBDt1qJDoRUBPlwMxZRKrVxOmRAbSpuTJTcwFdW9LNEWLU4n04MBHCX-qauufcb4aR4EtZ0xPxd33FfIBumexDNuKSnFwKaL3pmGRTWJqJ6dAAfi6imT1BrthXc_zFdq71RUYC7auKKsXw8Ht2uisPvnNIOgaX4422xBNJBuC35nJZHqYMZh2d9UfSA4GZkCBz3hBGJWdGVyCLH2x_1goW50aSZpNfFgXTzDyA-ibrzl5s_dhKkcVHpX0J72KcX4FhZTRL1PCdfQFle-CeuizaUz8Mw8Pqm0sJ4ZvwwPRlzFIbco7SZJfDmM4BgzRz76rOPb-0NjKwbapSYhCa3rl-U3huo3mLEHbdXTak4yiU91PRqEDMmURFPArGYY2x3e4v-G6GWl_29SzpcpzMWrlA0NmpOQXSjNxsWbRAj8PBhP1wKewVHuFGrKO3STF2N8YacjJxeDGMWubUG1tWWd153vLwnY7MB7suE6L6p_4fpiik6Mg4LaXohCWIKwm_TkwncV2CATSJPFlKCdIgNXp1ExQFImBCXy5xkacaNJm-z3-jWWU9TUO4NFOqs3lP-ZMGEy-ZUN7D9g-o_CHkSa2zqgyuinkZkWtjQkwFPAIkMPY2XsR635spVg0Xp260m_PcV_O_Z3Y87L_tECo5euvZi_0qEctVrK7PBynU5w0LFAlNqelBo9qhHICffJQQ743sl7eOa0GUu2OOmW-m6ZDEZJmWZjEaNUD7DljNC_-sVo9t3ognzUb9WH_1BynRuZHeqxDUSK1fuPaI8vmX_Shj2-bsnJtqy6Ku11Et8lZT2wtC5jmi-tXFWEgcEBytqcOcZg7sojoKWf0rbg736MGrvU0rMEF192yPWNUoRvBt6xnCPbe1ANQS7yKiPqL3Hh7FbFRd074tHuRBPIj2aST8zALutbT2M08SJWcWRmTubxNXaC3NFHqnH5ykLwfECkUR1sJ8LioYqZqFGVWdJ8_3b_LNNYe_eVuP3263vRR9-M4sQhelkvJ2S0yVjkWa_RFPVMRZFruWexHJfQY4V_iXFvjo2angVgJGuMkhSeqws84dZ4juHRANWUV3PlnxIP70NnDsIdTCfxsUmMV2feuLva5IeDdsx3tCe2n-yy5fxYtLl7zTybZa97na4QPRTYlUkvhNFXuVWk-7FE_QcuNHS-dzB6qSTVf3Rlkrwfyp7vgl6YlHAqRRKideAa26JENjS9DXpMV5GQaGSVmLiMdnYPrXil3r4jX3UVCDqt2Ibf6hsaN0opXakkA49A6q9myxcCxUeiOGp7BSm5_hEyqJam7dCilbDH_4KCD_YGRi-IqhWHJtskDopOLOVRBA1C-XN7gcVgC-zm-YvMSna1CpHReFgX1osv5SdnI2sxQeT_Q4x6hPvUeojHqjA6-HwGKk1Oc2xRUw7fxjyS3CSAArV1XcNkbbDCxGblEN9AsMRGw06rkWAQCu8t_vIKMAeQHMdGwh5v_86qO7Uezkxd2t-rbUVpVRXpdWFaIgibKtUogRgeL7eR757Hq6GZAV0S-Zt4FGWwf-HThAvaDGHeTv7dq-R8yyV89lpBt6ErrbruDg-JZP_pZMktzk5znjNj1rUfh4MQ7ucyDXAQZZOPoVKsPxPx0rNpQj2MUh19Lgz7XXMeI7OnzlwaHaq8xSTLkv8p3BQOPn3RRD_EFChGN37xVuv6Yew0pFHNKMArlpBsnRux3oTkfbWnyKJQUK52fnPA1bMJja0GpNN0OGg-vWBnMA09BxODMyK4JjerfySp09dE8ED-044JpFfW-UzR_Kz0toTq-rjriiwZAgeBmUnuAL40eDnplk9vyb9bT6LhPAM3QyP7M10DdBMSqlNzgYpCcCcY61QgwsDnGx6fdnAf5uJiJJ-muf9TzQD1LhO-ZfjFY6vD0c_DjpApFubtLc8FDfYLqt0jHZSAlNLI2UtnLwuJnJDr7VbAyNrrCrUlgC88YIJJmqzucwqE90PKu2oDnWx8v4SnHpmpPlenwj4PrpBqtWEPB7ygrCmdlz1KbvQkErw_pmZmoLTM6q1PyW_SagFC6VfmgTGuH3saEkCWecu8YGvHBUieIo_hk8tWKu3zzIFO_2z-pAETcrQdxJ4L0KwF1TyzO35mnaDscSfsN5Jz1v_VIHgd4IihrRB2AZ84HzugRy-6a-25pwpuxSa0-s68KujLaGq1DY8wAgLnM9yNWjK6STNrfezKQX1XSs9NKxuKKibuXa8DTdrQSrP01V__y-Q0-jGrnyP4pU3uCsU4S6kZJfZrpwdRkD1UyyL9CKtptPWiKlMMn2MPF-4KC6DvrPKCWRsU0pOavHqDC1bB1so8IRcIxYz_lvsBdIkoNw8nAV2rxQ2YgH2Y6kSZviO-gQogSTpk23d8l49u1jQRLmAlBgEh87-49hltFDie672yyTyC_NvS0na9u2_YeaWGjTVRCOM8lUvWmcAON3PiKMorXWXaYVtIRbI5Z9aZTH5MMST7yeEt43NMK0JJ8Q24LaN6e-VWUC_LOlFc5dTZd0OOjDAzyyI0OFEcB43Ui2DdKixZzfO2dtjGwf93KWKzslOBlhSDJIzmyquv_-N7mpM0MtqssVzoW6yDUQGjAJh_yVUqBl4RRZlh-gA&cid=CAQSOwBygQiD7LvPTpKPRYxmYtSwgmRE968DkFOxWbY8W-VQgNB2MDi37ZXbGzZcU9uqbKTybKX4ICBN8uMSGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2240223710665804000&adk=3563752640&idt=107&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca03b53498e40c5fedf001cd9e5480624d5540e426aa462a010ac0fc097964e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36962
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 6408 0
210 B 72ms
72ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686526551243&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 201F 0
0 97ms
97ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=452794801102797&bg=!6Oul67_NAAaGYqkwpmI7ADkAdvg8WsxYS8-0TThl6Tdmr9xycQnZWRo52UmXa7fbEkUgJQtiypTiVxGR9czQtr6AnlcLmdx95t8CAAAA_1IAAAADaAEHmQNAKCUkBhqGzV59sG2G0GoWkBAKjftXyE9n7cSrLbpAnest4KGX2VDvzgqf9i84PfPNAXsPzjeb0GpooDHBD-TSW_95F-BggmNHwfj4Ga_AUVta86RIebuZ3HGW-IqapK-fgeKV8YYtbljConMDB8CTItv6U-Cn10GOHzScwLMHHbVFVKjR_jt0JhyAnVKczxVLKs0R_MebfpF4kem46Bn0MEbfJeCBwNgfw-MfghKTNdXNCpcTQkRY7IDsoAg4Si5knqS0GKqc_U21At68Rcj7nA9D7Tnxkzj-YfZ84JIfpq5785QTGe1t-Mbn7mRCdzeHXx-TP7fLxDmTvXP1nxmFz3lOR-5xbxapVfiMMscahG9Z8U-tFhxIFWkwBxBJRC3WsIx8vNSxsl0QY5qbUzfqT7r47XZwqYqjynKqTsk4N8VbDcm1U71fcFKy5DVcmkdPJ6-J1hzr1ECJp-h65OmjTL_OSvFMwXpJeOCBmMvNOBkLRxiey2c7Gt0u_IOW6vgeDTqZCfDFIfA67ZLOAj6EofIpJlvsDdOW_WXJqLlbNfGM21FHzrTwx-3zegpSrqBZIYWqG9B2DCKe8BU0MHzJEykAy0cQrnZAGcs6taVXw6GaeLOvYxA5nHz7YUdMuco8Fzt8i8RfvLFSjZyhv0GxXDf1r7TpOXUSwMzacTULcx8osoOdQI20Mhwahmx4GPsVe_R8fTJO2x1KZ41d17AOxwewjH9Qj3ponUzKjCFAh2gHZ-CWVe_umGpFwSyloIVQNYZdYjdLNriU5gzWYWfQkiAsdvWR_e2XdJ4LW7ATXrjci5HuqrGogDPfHMcOkXdGm_1ERvw6U4BFHT3a7T9iiK1knOaqzAsDQlyAe14TUe4zAeoRPyiM9MRpIIfnSDYtIt9_QMY7iJMKQzocBxCOb0dotKnyBJw2KeZZ_aGOWkQEr1SINZp9nCoF5Kv8dQTo4b0SP45bUPpQqTKJQQ4dQhhE0XVpX0uS8P24P8EjBvXCishIN0k_zNRXIKPwi2GFDo_2WA-7LiSk4v7r_-E__HcZLfBGM79WvnSvieEAAfPc0JVN0qyKee7-VTVyc-u1HBMGg9j52Ypp41mMm_FUhg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 82C1 41 KB
15 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOVvNCGbwEDVhNASp1HIUJUXQHoC9BWenInP_x3kAbQhD2OPVvM-kEjO9VNMk5OISLm4e0v3Xar67Z50wvEMlxVzAALs6cVib0bpNWN-TQa5jDEX6a7Gfy4eQUYJDd8Kygz31kMlynZ87dmsJNrC4W7cunjfVm0ZPot7t9xWlF4r8JDok&cry=1&dbm_d=AKAmf-DA20yxtEBGCRainKCrkF73gnyRabacqaPP9fGaoDXt1FWPD-0uaa2cs_YdLKjLgSUmbsCIx190LSfn2UO8RmGzix8BXzMAdee_O-7MsFYmm9P7aN6jFzsrWCkatkPc_AjcLSgK9M6PG33FcvIzZgdGshfH6ECxxlyVkWF2wZ_yANwNT9J3_ArfRwmQ6O99EpXXFr-Mkgt5JZs6bJKqpCBJ5CoSNSSYexu_n772dJEqpyO9XJOodiQ0_dFekGkWg3fddDVl31SpryZfriXe7pXkx2i17oJX7TODzbLZAevwXGMwQwcpuujkapnJ_zc4fAAW4-L3hs6z0lbAtl7hA8HW2-L1zq2sINDJuNBalPrhAFUurbVeVgxJXdzaC_9V7cguLkKH9zsUDKarTefxsAv6O3ocV8eW58AFoVPEdFdCJJd29MUp5el4DvBx69dIqMCklXGALVhwUPueQd53PrvSP3AURmIe4YTut-WfeetqD0wsDb1kFe5TMSDAFjWoD14hEg6tv9VMxgQvYdzKe3faxoS3QiDz1plLZxxSp5zT5yVNh_3PIkiPjwVTbW6G9UfcZvK45yKcFselhU6vvcObO6aCgVu3seLuz-Pa9dI80ahtt2ruq6gEn1Y1Do7yYllQkSugAbLZUZd1UCZYUXI1f8KYLyUklq-e4ejH_pBLQxzaMslGvgVGgKZ-47IHdiyt3cWSs9O0sCUyvMeiTomf7YGW1V01xD-nluSGAOhaNQp1ar0BxslPXuMB4rlkMceVy2GmyMq8gmUFkRw4AE439sUt2Wc3_nBLyxCz8T-guKsaRimxIBWO_u8cro_BSCVIHy5ZPH4i2AgK-VZElF8t1osPviU0OM47-WN2dryGoySj6WCxjKVoXET2LK-5pAMkX6b31hU7jD-rKwuBC4VksCTD0pynFkXNQ1Sl-aF2NbjWnq_TK1yngxApaTBhMUs2ae6UfM8Ya7UkMmdoCf8NE3EWr8ZIzlatCwUiZmKeOfjrj8GePgLJfRa6Tc5S5o2kpBunLScf7Zq576BYs1tUpati1rEAsj27usOckTMkhQgBmjxaVCwMTGt77SeGQyFthCy5pTj7klWfZva7tjRL1LHmHLNWLzYJIQyiODP8nO3xva8J6SJxRVBLkbjgG4wSbdEjx3dXQMe845qO9-w_IU5Deq0kPWZ8Q7pRUyuse48o44v57MVNTyxXrWTA8WU3GCq1JykELsne7-5jVuwERFouMpOkgoKuAJlt-mK41ZvsRGIu38Ev2m5dF8t238kkp0uggg3H4F-M9h0HnWU6FhibjZWefmjLSYfCl4nETnE8JhQI81NulxVugwBdaxouV-Wa8xeQADfzY6Q09n3XYA4-hJs1LFH3ccEbXZJR-9ToLJl8H2k6uaOvHuVs8ZoW46iy8bocXBhabMQRDWqSlxdFXfMwR_2dYRmPbNJlb4oNmy2QrGCqa-vbr0krDbKRQqiNFMg8Y_RKLMKFsxo5S8Y7kQXF8N6y051AT_P7lVmo7siPZlo00DUfHxojPQJAty43QUdG5LGD8MWmRIvfpA_wbKhnswA9VVipU-i4j8nDdfXOf0S3jrj1g8JfcuaVB6DbLTDrZv8--b1LXFEQX7DHkPmBYlC3fzS4FrgdHobk3Cxm07cZ2JrSV5POE8A1gvI8MPVW0jN2_NywpyXRiAiHCaGDGgJwAIijx47Pnwms9SzIn-_9qMIbq1GlyL5kjJwu1uqGlSTcG_kuGDiUQ86XEDIIfgBhVztaM1SDTqN23lJWsS13hhK7o-rJUdKrYxAHQXY_6-jzi54bow60ny8vtcR8aPtga-LXS2GDT-3SjDYYSroXfYv0bKgFUMnYkPTI1ef_sFxeQJ-a7EGJiXKbvTpQ8RhTI8agHHhUKImu-gqb6NO4-2iFfCDCQcE9ulF38FbX7l7EbPEPXCLWnpQFIQsC0s2C2pjJj0h4NK80ViQWGytfkMrv2diZ-QLlrZ3C4n4q-sHYXvAC2hUlwSPSjzjR3Nl86kcjqM9h-XRqO5Cv-RN-EWUl0rR-2hoFqR7Vcxemfq3WDBHZMf45xRtr-6r-NaAtElZ2p66iF_hlLRKnIPLd4AJ6GBje_pbUS7fHK8AYEyJnUNh_hzRZMhhg2n8ILZuvl3BpGw7Ug9-YIA_LX_fNLo8qPt8kVKyQw2GuZk0Fbu_oQh2EgRY3FTRL7dmrt5XvRp0htwI2QuxnkX6Yvhr5fOCT4K66uQIPCI4sHrQ0DXxqnPKrl_MZEs0y7KwnKxivPjS5-4vpxmDccrEp9Lq5JAcVMJYPYlBZNY4WfXkHRXnWtVVfACJnznTos1AhQBmaJ_aLH6HuuJWbw-rL__pxyp8VhZpsfEVOKeZ7LdxH6DWYKZBA-Q7Y6y_c9nIiP5SbcNsaWIqln78QuSNMFhluObrZEmIuNrMOIGE7T0dz1U-Vnavjl39y4X64r0sCiUzVl5wv7gLQItXjrzN87P4eZWgL6y-aSknWfuTWRwCGN8PMvnyd7wumOoWXFMGfcgD4CL7_9jvlsJDlTnpye2mdczLFbsu7E7Mf_HNG8VkHTIyqjeqnKNuYkROTw1OEJHIDKly8JFG_Hq-AlvBPuPPp_m4nQA6hH3J6IO5RFBpuH-tOK6JQdJnWzsHQ83S1o-s6axBIxajXSKfIevAVqD0Ge9afEU1ITPSr_3OGro_afWWtb4u1Slowl5IW03mn1g5AO7x3S5ccJFLfczN3ZbhFbPR2f-_IWGq8YOFQWoifariTBhshLi6ybrzyWPTk94x3L7o3qxw2Sn0JXueot05g3-x-xsOrrbuMJ76_qei_NDVO0zCxkEKNRKHKV_XGlXdm4hWHWee3RTMvEPX-utf6j_a1McgOVsSjJMiI9Iihjrds4pwuJcgxwwh-7ouXIr2Ae5NnKviYgAAp1X68xA9RsjLejIKJ-7_OOlNQQcKQ4nUO48PXj96JwkKGVQ&cid=CAQSOwBygQiDR4jU_bNMMT86Ca9ig8No37MotJdjdMhDh4Z3gq2YwEzqj-bpxMzhv3Nf3D1_wH8kXH-dNcS0GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3885653740047013000&adk=3587751834&idt=87&cac=0&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D987 0
0 96ms
95ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306070101&jk=4040297006971483&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E59E 0
0 98ms
97ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=1392620260193569&bg=!LS6lLnrNAAaGYqkwpmI7ADkAdvg8WhdCdpwV6ZhrswDhMeAa-F7NyA0SPV9CyzD3lF21RbrgK9FgZnnN9qsHlPBpECjLCEN2i9gCAAAA91IAAAADaAEHCgA1BYBRqhn58DM5Rmv1dz8_hrlvPNs9uU_ewuQoFsCrfVgVRKEzdnHhwAzhJK633V7GlPim10-ZAz2e9Q5h8cdHJSXUO9jabRUrhh5HKG-ljbwnTSBxxoX7jQGhqwl0sG8zR1hIpuhcR4NW9MGGdQlnh4mMPU5c687bePeL1msBde5LRXJhyc77dx_EIxuWEZe9CTeSUAuED46ys-GF8g5kxTOvX-_r5ML15-XXurroEG1Q3x6qgjobywe1RjVamLHviNTTIcLtLqfDF9kXkm1tuQv4-75Ero-65hu951Kh2bqOF6wV3sItBeP-qcPy-a7tO8FOnVtn2pStb3TNQspsrUNJ_kP7eNRiCSd2V0NS5UNZjBoTtSui1THkfSyujt4tOrTUgVl8fmxFMgcLYLPD4_UglPJYwtSo251TGDwW9NRKZUhAOKA3gjQaO1gvOMv1S59jxNgUqgSnPB6JvXEZuBlyAl741bComr__Mm8nqYz638_qJ7CHH6dkSuGol9xTYkfqbawTruXd1tqsxpGqNQckq7W4EE2-pXnJy9Dh9YznDnNqo_mWbvvMNaGjpGNCoBU18XLBifFU61-tIuFnDuFYYsBaim6OvN4rmCRlyR0hQElKwVRVq8KV2Q0lKVLq3GRDVProfWM83_qxjnGjG9hmMqT-Zn8eFJEQHVnO2eaAra3x_lfDNfivUGi-QzYRjJVvp1rXFAf4YDST52aYCXoeP5XFnVTsr8DnaL-fLgwdHD6rRTJU15EL2Dj6WQ41zvtcyHkDSiOXuUijGTqlEIGcFboFcA1ZTOOEwj5S4BLjW6XyHx4EUIwh2gE_hpjRhCts9Yzgt3tEXBu-OR_m0OWmDEfZOE0MVLsNSnaf4HV_BeO8o554pdZCBL9iYnOvySY_q4UFD8D8BgZytR1KuLuKXWkEKpvsS3ELcTXfOnxRAE_JvffcDXVwGOdmnjIrYUXN1h-r3TxXcapeomebaJoYx80FuJmjVuLPuC9aTfYtYeZS_tdi1ZespW8QFestg8Lx6q3hfRZDEn1XgyEPVRlLJZv3jlf5VNmdYc_h8VPM7O19k1v3KCmfZdCgxafNtl2lSk4CGGnCkfpgv8i3rW_dBrXisx9iDRzlY62NOkRt5sYyGhXJj3QwtCsB5WWrwR1dWpnI56EgLAIdgkOldlMkT42-
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FD4 0
0 97ms
96ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=4039166777054377&bg=!6-il6LzNAAaGYqkwpmI7ADkAdvg8WugJStFr6tKHRlBDbcLNen4oVzciIDu23YxQeZC-qctNWSi6Sym6rFseWunxBs-F6n90SrICAAAAplIAAAADaAEHmQNTRAie7QseoyF1UUL872uQ-pEMB_DkaeEPdmxrGjQ-1nSepH7lU6dWBUfGsMQmYBbZ985kKVTBp_l_htplzP0F8DC9TtqY80AyHTmfI_E14YXdZB2O-m5r1_x1GyButDhW3w0FJXmwEKB1DBhZq0a9YOiuanplfELTeZ4Vxu-DTowXces3lSS0jArKoUz8hLxVPo5EzYE_bTWz8ya36qq0122qnoj4ImUVWrr3Lih_I2YEqbuWjgeqgB9o3TYoGkz6p_Hu9ubMTpELgr9kUjZs_pKiHDrSgA64JsyDpPffkuCBz1XTdKzmXP_Ktw9LMhrULflhIjAh0Xjccg7s_4nJTvOWIsKHMm5ItJ7-NUwKTnFJ6B7tPlBOXWz4YXaE3VD1W74SuaZAw-WgLWemSkQf2zXWdZCyExLpzbB38bgf1INdkHIxf7E6yJLo1k8dTjua0CcOn22kDWyrX40Q8gt2qaiXU2Lg-H7BI5deMMgaqI1EIJUFyj2Az5sIuozy2pLRQ_dWD_uK0XtxHvh1ekyDSwf-QpjObwWsWVmaLfl2fnjO_UFHmQoyofLBOnul0bm7qndwVSb-XC5a7A1oDCMJX2WwgzPHlUxoq3zoyoGswR4n8ydQ783S5XDHUuDqYW5h-wxGxWMY3zI9LQuG7FFpp6emV_hLvScBljyHtq-jEyAnRWZAXxYZiNZmrBi-lGurSxZ9S-jhl_Cq3KvC9qRJprrbdTaM8tnFQyHBRHZQQHgvwntkzNI_74ZhPQrlzRSnbRTPT1FqUF7_gNq7JXal2VeqxzmFwvnrGUE28QutUm7l_Coh3y_bE3PjhjOUM5mGAhCWxUzaWpu8nB-xXjbiYhsPH_760pTmlEeMyb_ABm4mCuk2zAevHa4xfFx074Y1c_i1ESYrSDMQJRXWUq19PNTnNhux54pH58wDh1-4jZJOMhxW8L0rl-n2Vv6blEvSdImjo4-vDEM8chnocwi4HalP0Kf6opOT82zEZNi2IqGvOeKqu_f225_MDwd9n-XJHv3J9FQOBRDBhftMYz3vgVl_BWchZFFXz5JirNpQI7arpQQcXNEXs-0j2x5pU70nLtKIhYKNpVZSUo-Ycd-cTdFYmXo1ZUcQSEEP_rmLtUYLbYg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 main.19.8.417.js Show response
static.adsafeprotected.com/ Frame 82C1 202 KB
63 KB 117ms
38ms Script
application/javascript 2600:9000:223f:9600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.417.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818504392&campId=15571779515&pubId=1&placementId=396785946&adsafe_par&bundleId=&dealId=&bidurl=https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 751fb681f54d257d1e40ec453a64608224a9862491da12791310bdeb0c1d8a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:17:27 GMT
x-amz-version-id: UVbFefY6UOYSsxlF6c.82fk2mbTK4IKy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 289108
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Jun 2023 21:53:40 GMT
server: AmazonS3
etag: W/"bb95c129f80c46c33e169dde0694b792"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: xeH6u5vXJzgwASeocU11FoE7PWoOI14ab4wSP6QoYTmbYms2C8j2lg==

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame 82C1
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1362481/69643702/xbbe/creative/adj?p=APEucNXZrPElzFvReJ5PgMoSpMzWEuBYLIPuDWOwXmOua944p_oS5Pg&d=CokBAKAmf-Cj1X6jsJfJsz1mpn28XA-XfApDKFYDAP5G2w8l9k-i6E4U06NAay-...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
2 KB

47ms
42ms

Script
application/javascript

2600:9000:223f:9600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2600:9000:223f:9600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
date: Fri, 09 Jun 2023 16:09:55 GMT
x-amz-cf-pop: FRA56-P5
age: 199560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: MbVnpmvveEnQPlt3hBI3JhOU0dTZu0trrAOETxagZncRMzya6sWrpw==

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5DA4 91 KB
23 KB 98ms
79ms Script
application/javascript 2600:9000:223f:9600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22751978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: kI5KRwdN1J6twJWxHeRCtEH_D-ytYop3FAAShP_vg-znF8hl7klbUg==

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BB3 37 KB
14 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82C1 43 B
217 B 605ms
195ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1362481&asId=c33575e3-ba44-4406-24e5-3d43dac86f0e&tv=%7Bc:fh94Yn,pingTime:-3,time:73,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGUZxWC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C1194%7C11a%7C11b*.1362481-69643702%7C11b1%7C11c1%7C11d1%7C11e1%7C11f1%7C11g%7C11h,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:32%7D&br=c
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82C1 43 B
216 B 601ms
196ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1362481&asId=c33575e3-ba44-4406-24e5-3d43dac86f0e&tv=%7Bc:fh94Yp,pingTime:-6,time:75,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:75,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGUZxWC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C1194%7C11a%7C11b*.1362481-69643702%7C11b1%7C11c1%7C11d1%7C11e1%7C11f1%7C11g%7C11h,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:32%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D307 42 B
64 B 93ms
93ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwPCzHcf2mgjqNAGJLP_gQMxvA3Ff4M-ZK4WsQAtw_K8eFz9kVEbiVLWeqtaAB3YV9cJ12a8Sw1I_IaWlun_JzVHuwmZ1FdPkh7el7-sM6L351nvEU&sig=Cg0ArKJSzMDMkbax8cQIEAE&id=lidar2&mcvt=1078&p=0,0,100,320&mtos=0,1078,1078,1078,1078&tos=0,1078,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=19&adk=747500025&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686526552584&rpt=602&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 62CA 29 KB
11 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGmNgjdS5urQirD9LxsvgWlMOsyHYt_bn0QFw_Kqd-ygIrboldTfkPoQoLs8EYKp2n1Wvsz4U-owCLef_THVmYptb_-H2bfz2F6pzeKjv5X4SilTMPBnVxEzAAEQYY9Wfm2vv-9tN3yNqp6lVV8smgMwOGR0jeYhu_nBh7AtYcMJK6ujg&cry=1&dbm_d=AKAmf-Br1MPheG618j1lZPvP4cdARB47tZXf-d86XznprZAVZ1XPdLxkay2bA3fwM6upb26BGsEhKll8QSTuDZaBN5SGzKQVMVHOWUDnDVgVFChq-6ptnDvXUxkWKL5txmEKWynr3_yrXzvMtz7qI4AgXpJzGIup2FFW-DaO9UYxBdTzKF0biT9YSKS-cP_GntqWLzc-jTFpbtZA7A-iiTt87ZYGjygKD2wMBU7L2HYoODX-JAmWj3HaowWbzDSYuZe8oyztqMfyK_hYzXpyePXphnvcJDaKohB98LYh5FAJIsceCm28M9nbH45yeQVY4O5NWUD5qyqyK1QYA9oMfCQjWkfDKxyvPg9dHEF77jPUoNNk2jg86DU4bLQ40NBLpT8uxWRC95oM4v6v6-ya_hhTXZ-c8Z7-KR4CpcKdR27sA7mz9o5WDFptqAwCuAkdqmEQ-LZD5vICCqvvSAap0dkkZIb3yHIBy81VP9mTddvngD62SmeadkUVKxgcAmHH_hnXods71SOMWrc13Y2eVlgN8PReNPno-nyPrAZo4os5bFBGug9lLdQQFKInbpC3yriy_g5MmF7lesY-7hGZtC9HMREOqdU0cQN8LFZcm5grbpXQnaCl9IvXebablQbtrXAoDSUvDSwazc11AbNiP0u_caoLSIqwIunKSsqSPZoPg4BQv1IAG60-Dy-aHxgTAJtHTgUy-kQhEmPNrQL7OlJDzVIj7VlZVYj4-DaqJWW77RRdKWra-UZjfvWl73KO3y43R7U3y9D08OAAewRwqqiMrqjZdcYAI1gUtxIoAV7m7lDFxLRGsHZfVD4uFzs--SC1kZv1pkLfUpCq-cnDuvSighLrSHpKAQ_ZQbqWoExSivSduX1_aOJIT0bgv7RIaWNFSUTpkLVMKvwP9FSMSKGwPjVobtBF87xK_4CXIPMUQZWFCu7o5SoI0R8en1jMeROiE-2q4siW_yptSJNC3cpNHfxvLcPVAzWqoXNOehs-u1ySfWGXHmbsUSFCFM_owAQBsTIh9w-FJx1AiKEoC6K1gUPkgPb0P04uPptRJBbVs6gst1I36ZMnzsHAC6vef8XoYz2jBuRBbc6hWBQnYr-b7SN-nZr4fVEEzweRJieGwvjkD3er0E9CGoq4SZSkDriTWkfYdceyRCumaHVmEROMZsv9ViaPB04gJMRYsZNgPxTDPOmwlTBLNObCglphdjZAblQzVWrbzbx9iwPoO0Xz2HQVX8vmc1zeA0l1UeaGjtNW6CPKNKNU4QMVsFnT3g_Si7IjUvqylCVK1M1Wc-iBUKFN4FwlYc_cfqAXIDNAFpNhcmxqtvbKJn5CyQWmYcS0onhCfvK79Pist3dtMB9xRTTYHziSjYza6j5430UJ8UMoCpMRjG-djoaH9_Vi8Ju7ibEUbbxEKfIG2Iamc7Hv5WwDEg3jd5caUlQ_mGHGnJrhQZICAnpToH3FD1a_Ys5vprcEbGv7Jl0kiGjir6tc8OD-ks3LuUqECBphOwkH0pfh1JSepDPq7g0xStWtS03c7ANWhmPQMZGCvs-HADouyb42WhnxtsAac3scffFmvB-JGEqV095AC9GgaEQlyvwkHgc7aKYrd_qUnThapDc3DXSNq7tuchuM1o7uFID3dW-md8BavPI_OuPhh6AohfmMEMGIIs_nZsxV1pgyF5eNAIl7X77BM6Pwg79PoLEVQ6KvgDc4ijRGXDfzhaC2bvNR2qJctWenBcpoGIb3glNLZAzrD2BpprdmRkSGjJJuPy2UDGiuQqm8_AP2I0hEZLoD3wV7fYVtdV-gYs9r0vIoJOJt7njt9RD0CE5X0c6wMIsraGgcQ8qEv1TczQ28jB8XSeh9JRdY2hktjBznWhN2wh-0xGhTYLNLn5SE09-_jx3Vnn0LqCtnoRd57WGGvo7oC7sU02KnINrwgnQaL3sI-xQL_ZrpgABRK4VQ-k0LTjeHH-iLGFxutBf72dB3z3Jk6ORDMDfWqrsLsCb4JnmfYYy4M-kpAedfd3jy1di0pjWu0LemQMBrBwyB0QyK9DJWcCoA4xkagj0pQEZhH5nBOlEqVRCphJxlimzO5jtqmTraaGnROX7mDqXCxom7ztDu2W1vL2oPNFMY-BSdNVQ69n5v4QPZ5kpWfRYvsYHUlpFlXEj33EwebY96D3BOFD0fBkAn3jK9ODOSNsF0etUWfDDrz1ioTjtVn_gedVHgqYKk6SHCO6qR0S1uw7aLwnpL3N_cm2MTr_JPxkSBC5O73IcV-jPjCuu-c-98yFwqxFhNBJ-mxV9k7AKbFbvSGkotncjwp16RcxLftU8S4xRGBLLnQK_8FTv7U3dn8zjwmn9EEDPnVrJjTzkWQCYlOlYXSinpTWx_nyobOaxRvD72QRpDjCkN1Jbpg93lNtvK8VDQpfgxScdB7RzT5IgAipBmq4Jn8l5VnUB0c5qcwtOHfMyZPEebi3gvMJoYadVSLzMh8jAc8RUp7AJbllhiapW5qcaxKLlSAUDUC9PXHk1-LZW8iwAytJ7tTP7YcVkPYIOn78xG1m6Ab32WD170pypcCg4pbqRHExih5fNykO7H30EzDwlp0vePb0j9X9Vhq3xhppzKjEuydojCKNItEH878Sf4WONTPPEzBX9zZl5-mUVxMDw1RZAd5u6uahJ5k7LeCy6oiLmtMazCTVjqYYkVtw2l3e6PO0gNLZk1M8gOjZ2HwyE0IAge87sH2BKQQclfqvP46NJWmQehN848Vcfn3iNt8_FWBFdi9SwUQFmdYYA8LBW9Xft21WVFaqCOtpYZ14yqaD0t6tMi3ntCCNp_G8SsVX20RSfN8ppcZQQ-hvNKNr77ZfCet8WPX2Vx1cmvq65iXd3cpS51chKmUxH8hbIwlfRS97dJnBHCyXdldbWxJsUTODBUeGtEnu-Ry6RjYE2Q6pFseew2PNd4kwWZQQXqRejVjLEstYho0rPuwDRIWnT4eXNHsC9an4CQQem-l99cpF_tbY0QqZJOCUw41S3yPK5hL2gGZJcIabOBihjEH6c1wM99WL9Q-GpT_tYeu1X9V2jyugg8egis2QuanFNt1VHgvggI1ZAOa8no7P5OLK9LPIOhhn5otV5-QdYMqJv9vdjrGl6-r9mNcGPpEbmaz7my4-x-l_s4pslpmJRLq3XRbTiAQyg18BF2HIz1sUXBugJ9XlZFakY3TSJvJkFMYIQRxbs84qq0GlgFEYIWwYgC58YExZakK4sRNiFFpYYuPgkRulFCipHPMqNbjyf4zeYpYT_mvOOgtE4_bSu0rdvNr1B-CHuJEuciw3ciDwTSnfeJTGYHaY8BwakNYtTSQLOX8TazFywyReEPHWFN8anhkI-YwznVSllTOdW6AS7RRfDzyT2cQJWZzIqJ90X7UNW8Q87qFPsPk9o8tB2ypSCtpbtf4g4vN39-fw6VYivnpXV09iZwGxM3eIok2oWyEHP3sVWmnOR7CpbhNo2G2FmFhoI0fuIGN_R9lr8eE3siKrjJLHvVrAfBLexKH7EmuaVwpkJ6brRd_DqrDHVBt-pqX7kUXj0G8K4YlLXPQ4lOcrbVLbbMs8U61OcJPDvXabTD67rYN15zinNucGx4x3Jeua0XY9X0Sd9YPyslyox9pQBMeTzQqqU1uMqdJi26fuHBugaP_huK8gqMTXMF6wNgwrxnMSsTM732P9eN5AQiE1Q0sy8IONDNuNuP9woU_8rPgebgVu5kH9iBtrjmI1lRdQ&cid=CAQSOwBygQiDyLNhPAWWI057o1e933Jlh3qKdSwLHeZYkwqbFOrQxJ98_IYZFSTPUYrQxZaMx8bDGyVdAiFPGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5263491173965771000&adk=578009112&idt=87&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
server: cafe
etag: 10389968670829887652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:45:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 62CA 41 KB
15 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82C1 43 B
216 B 586ms
196ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1362481&asId=c33575e3-ba44-4406-24e5-3d43dac86f0e&tv=%7Bc:fh94YG,pingTime:-2,time:92,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:496,beZ:497,mfA:500,cmA:502,inA:502,inZ:508,prA:509,prZ:520,si:528,poA:530,poZ:556,cmZ:556,mfZ:556,loA:571,loZ:575,ltA:589,ltZ:589%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:93,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGUZxWC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C1194%7C11a%7C11b*.1362481-69643702%7C11b1%7C11c1%7C11d1%7C11e1%7C11f1%7C11g%7C11h,idMap:11b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:32,sinceFw:58,readyFired:false%7D&br=c
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 49B6 29 KB
11 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DP2f66cUMsTBS9REkMIdszOK0iQseUBGBLbhkRhSgSGjEo1O64JeqaMgSDJijh9xsVAGBxi6fdb58pDZHR4TSPNzIs64W1-TRp4ISj4Jd5oVHL5wEoNm0917JyBRQwzK1NyaFT1av1ps25TXQ1lyX7gusgVPfJd6GjZqNNmp5wu-Y1esg&cry=1&dbm_d=AKAmf-BQXurGyzlHUzv7pI-Ap8gH9YDbUS6r01A-SlQmD8N4U521cPDJyiJmYth-4hY7iZAHB_z9YD_gQNdvEVBozzormjltQIpj9luT9n_O6fPUPm12Vl3TyzUO0Tzh2561kzNGlUjPHWFK1D2ClxCxpelUSx37w7rZasYtQN9v5XXWDSf2I-OI6pCByT8kPfttVwSLcAEzS78KRe5J-He4Xmi2TOY-Zrm_Ko6snVgxp9-IefAkUb5A-2DDNi0MjAA90uCpV3N2JeN4tFdn0bEafzEq8eMDVj2Dlq__OIZOkHhyNwO9CpcB99Zns0aN5maE9507B6alVOoCxw-AE0_TkIjhQBxmnQdSw-5Or_B_1xaYADJmXWXn4Saxe1G7vssUb46Bk1Pbtee7sJDTMflRcjQf1wiTgr9dOAYHoaGkNMLI4GDSecmOWzeSHIUkqJlYU2ERPzR8rN1JP-RcK41pKplGAUJWtH8oAEKxl_BZZtuJo2G4XAayHMbPz6XzAbCR_4oV9vABWMYqCocpyLw1EVn4T4yM-EJiAHYOsYgGLSCSK9KmcLkJU_q5RKzC9STWBEirDSP8RR4iVKiKmeVO353YcWERKIhgPZu7_fZxzbDUIcjohzLtd7ZowlLunAY9wgoaCuLNfO6uXk6YJ4iHiV8i08mPkc1hCNRoa8ks_M6ZNUxrBoqgWuF2x3kIZL3gkR1Y5XenVvHcUf7InomP3u0mxQc6yt_fPsWAPkqf2sPzb4__BOQXVMMD3_2INLEQOZzE6Ag2M4fUaRF_Z5yi1aPl8MPZdDTAXiWjXvadlRQD2oahMrCTCQszZkBTAUJ4KVAyLLbpF8FFOWv15Hq4xOOKkZP5eJPW0YkFNwuHoumUYhNPms9jla-NeSqpMEPUlw6WX8rcZtSBEGzIEoweJAQ5Knkdbudm_j2y5qiN1mYLgFiK8ZW7OOiUj7g74GGpIkK58nSS1oa8kZi4JfZwAasjbI3Nr6btAmCuPvckfMZpiPdIxvYOSWPJQU-rCPq4T4PleuY3piaX-8x_GhHOVrcs7F2m3RXQZGujw76vSqTI1cL7s0PAKV8pdlguNnW3dVCEy0KRJQZzcr6OHB-cmNNKf3OQnRtZPtfqiPcwiR-bOxFF4upZiejGtWO83iTw8Hr9lLv6ysgaN3i4-WGH2MIl8A5A6hc8R5Tq_MoQfRwUASN18qJ2Y16n6BYDexpHIRU2wTDJQyRIvuuxBEr4cQ1e94ijk7xU3UQY5lBHLJpdqx4fZtlOp3xUuwhPBVpTS_oHrYDY2qNiVSa0FxtZtmgCvIe1pgcPq57pvXrsH1Q0v79vAmdlKLaomIm2HheA7Su6Vel7VqzepyaMqBPgozNXVWpxIQaY5eATm_Gi1hZEbI0FAOY8RzdkIrv_6paL6-N6mXIGDYpc3ZeJwajLc2XEx9Dw1o934MUffzv4KSSxr7cd_U8FEZLH0p42nNuzMZd39nZAKA70_ddjkNNylnBZBxkdKpBHEl6v8YG2pWAa8kEydXkng7s4uKFw9BLnP4dLomrExIzx2oeOkpGezBBnMSmf-vhbu7XqNDZArFRoQIYZlbt0NrJ5O1t1Pv0vjSzq3woQRpLHMI_W1TkgkT5X_SgSdfaHTgsczeStoxXuj6m-pNVTDkqUkMAiQ_ODA1KouYO7Ll92zoiBTcALRV0qLD_cRCeY0jmgZZ67KGgRM-HQ6sjjZiVTAZvoe6SSlapE6XPBVd-Ma40bP7wE2wmmen9eA9cRXLGR8ehXL6ap7CGzmwehcCKjDNt8L9x4dVv1JmhjEfwUhQZr8oLWrIxfCkUgMi0tkOHLikkIgk9gho_J5Wa7fIcbORPdoy6dSTAMEet4aPBzz5fTOhhVKSKaq8bAXUa1mcewMpy2ZEzhwDixeH_7XfCTvkhBTSl9JXwrxlm817ivJWXLtBi2m3QvOiZIK3-GKHhbrcpTY1vTyANjhSzcHcptBsrgs_SnK6lAb5uOWC3fQOpopDN9-xDxow20SpyEwtDhPdJWgptGp-Bd3uo_EGcZ1q4p3zzqhVtwuTEUiDeKXpm9IEIzfa3_x7hLwkZ9eo_Xs2eOfbiVNPot6WjWEFStH4MyQOV0jJS1s2kHldfeufup8_yQwWcCUp0AtYUd6T-PS3K-9OiEdhK0hQsXDALKcg-UxkytdP3QojOAk_bf73svXQghS5GBMAEq-xoNeE3kK0qhjNd00ETx7Ass3Avq1htVBnfKVDbxzavJ--WD2XSCIgA3xYbI_-e7jckFcqbtIjM6cJUwjerx4TEMctlC-o1KGDreVv-mSQ5CdxVi4qr8uEsU4-4che5KNmzAQM4_i96q8gclWXdXNYKwmvzVTVnh8F7uY_TxIhoCn2x7SC-b2P9TPClba5sedIWL1N_09mtciHduAiyiE73GcszUJYAWzRbTg8avi8hTLh9upleiUKbeMeHAfMUmOaj2OIjDuln5muj27FoxPh4s5pP1006DdkUnUYiErUwjOMUnpHoQ_azZBRvaiC4uvovfMA2KpaF5QY9MVq8IcBC89TPUpv_9_d-VbnFzICwFDUnIpKALiLpS6pVCpKLdr288CjUJQMwIvSFVYh4FQW_RWh8OTK4JS0EyokHxdw_tpstO82ZDRt6bHdsyWM85rLty_XJUHlsmsfjC5AoTNVKCvkphSYvb0btiehdP-bCgRcCAjyKvhrrvW2MwPGXxNK6MzAcVKvb2wTkgdnbcu44eo983p8LY0AAEXAM_oml2aboUnOiWqn2rYNs8eqUxPs0cGG5SCcXuux7rQdeNaKILi6OfFlsCfWonHFiUz9lElpT_ztkwO9jYOZQmTkxvuQVd2WS95hH5FtFG4Qq4akjllg83gFS2Jxtd8PbPL6uhcikJkCtcUtJAgfAD0JfmPfWvhmEtXUyUeqE52kChw3jL9WDEENyZQraPi_p6xdqISrGz1PWaLNktNxA-dcguzX65cpzkhBFYWhpZMDVh-n7-5IuapSVOWAWXeDxniM3oZAbZTyPD5B6FqCd3vziTrcl7U4ftHV-wOXBVT7DjYNoNjUrTWcU4l9boJRQpwdu60EkzEuU7HOjDaFK5xD4xCHbTQr9Kct5seVSamLuTfYsbGPVlNf7wvah8nSzC-x2u39-HKj76Du0cnmrC9sfMC2jC5QP2_EKcmcRTtNTbpba6tR1cQYVdNm_vkAPClYBSH2ZqENRHwe6M4_CeiVmzsBvNULEuMyuPrXtSKG5aebj13NInzRQKyKwx_EHfYfdoV7pUmt1fpNz2m60SV7qdTJh8B6A1JkwEOFlb7ipHc2imYazsdf42J19v11S2vR7upcvB7KIGxUBPMjaoNXOe5ioLiNuV8MMeTqHxAZpMCbTGY8BSydQ9SmtwINV7CfltRYcciCyh_yS0Z1ex3r_5z84u6deEvGXYlZazMemr4Cmdr4tVrE9U7nzT-rqgf_SRcGp97D-uCHQHFuhWIfsRdZciako_DtyCHgJ5whw1xfN_-Es5baCdtWNZqV2kad_wDiZ2qAFyhwvVDjmk7NU_gqcyZ_JG5ejZakhx91Tg19hjSL_O564KWbrcqDl77v1x&cid=CAQSOwBygQiDC5myDT_mt7mclUYStN9qxbx3CX1mavBjSWeumMtePCJRIneb1CtPbcEqTP7j5iE-HZGNspW9GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=187205904817446560&adk=3860319555&idt=96&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
server: cafe
etag: 10389968670829887652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:45:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 49B6 41 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 4E30 29 KB
11 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cek3QWfQsM2K7DKTRCcW2OrIBa3YNkDIaj6hCb1PWlwCEhEwxWVFJvdvT4MIwI5ffkOQAxLFkoUIyR5cm8JKcz7Msgrg69w57jOjzkRxD4EPjjydGALM6_ElqvXP-IkTzDGfNeMW7P4V_EkV2UUMUeeQE-DdR16yDmbAYVGvnIm1rW5Bk&cry=1&dbm_d=AKAmf-DKvh5NiwQ7JuGo_484r3fjGDerVgVBtkaRJBzjkLslODq1NJ5n7zAgbjcWqvjvlYhedgnMGiov___7PEe7h7L5LEqjJz73wVHXVS29K7pSgUXl_NnRqKKMxG_UPNM4VlyCs62F0YuL_WMwKUJVZnHM2vRb1dwdzl3MG14e9IJclv3RMV-5A2q8ve9cZHfZiSWRwZCzOYl_4Qth2XtmaUlKyVXWPSeb0wNJuaX_on45Lg-hzBWvcDd8SpxQaaIE6_wvkezeIQDmDGK9Sw_1gW0bTUPm6I9SgRwFWJniqaeF7LMkpINnZ7Ka9HuCfob0rbDycIoPSB3ChBSBqDMMBGxgE1eyO3OaFAIVXwYeKyr4FTEQxdEVbp5bGWaN_oRslw1TztErIC0JazRcihWbJuGig6Hcsn8DYeyUvxB7_z4kiQ8KBbIhZt1_Vh10J_-JsLfC0BVqwMfdVqYmjyF8Ipqytx1fNMKDkKZqtI2VzYlaQluxSoClFI6EOaDy9uPykIgC7X0bcHSLzWOG1FM7Tg2G2C-deb5Z38twJl5O2QLMyzQLzPV5d-fj462cLEXEN-qGQZ1XjE74j8JMgLSLB4OLGFiPF3nNvwM4yKVBaIWUuWBrrAvwKQgojj-nDr7DtLlN-OUm4FGmfurP2UiaGL48HKRssqlIO6fiDpsmK_hkM4oWPcEhd_kewglYpyhimd0eamsqJRFf0QBHNXE02OtDJvDuNCC20fG_Nlok_F2JtsT43pGa6xDOaHbO78XqwDgNd__FliT2EojGTy0ArZdgxEyio9EIdHcZGT72rlB6f3Broff4SdTkYFaUpkCd4rnNu7u2NH3bYq_vHgiDt3bvCb7N98OTkcgMqTG0WrlpX5Y28ScG3z8MNM6DzdGbNltEn2bpMfKTVLkvBspFNxKCyM0Jdqq7WkpR_zdwnQBOmliLvW7zZm5HxZxXuusdxIJnk_jAB7M83YcsqKphbEBBLzWCnd9Jn_9nFQL3uFpTqyZFTQvW95mVpBd-9kBuCAshcRtCDH6oupb9EcUMbVfirhUaLZUT-O5tNaVcszaG_Rjb6F_RX4X6zSDtTsG5j7s_q321aNlHSABLhbbn8RMMW-w-Ll4A722H3mbRcIgYEXzV7m_6WO1XUVKmiTUoOTXoc4YZnNVfeOBzmVVDHBMLypMNRJgxMkWdoKU9Jc5TnIcETIaG7bjlJfgbyWIxY0XpmgOC6W_VXMKq-4CrBrfNbRmLbNH4onKJ3eZCxJszPcFnitpu-0AB5TqkWWQfAia1DL3FJBW6nxxtHn67HNNqqLe3a1P9Efoabw_AlX5ryP4p4l3n--Fa9u7DAHgXHANPEhspH_vfStfXKldRKkeJGNS4GG9fKqrNeChHzDL0KeBojHB26Av9ewiHpZqletSXnWDhEnKJgDLlvrMUIHYYXvLNdiMG940dcyv2HVBtJxrp-T5WXHJBgMytXVoCg-dSRY21gRW85RovQ4ru6SxFUGOkBBvIZ-vp3SfOBzqXzGBfnVJILyUCvte8VebToWHFlDrC6Dy0Sg7ms-Z-RuI9QOdVJuF-gxYgq-n-4trUotH2icnL8DG9mg39JDnLbLdh3RMMINhPMHDq0ZToO1jySOsjEoFosazeLQgayrtyp9cAwv6Y7pH2pkK__5DEHY2roHoDYZGLiCa6_1XI71akjOT77Gu0ta0Dt0vKgxTp50iQMai-ea8rCSb7Bu7c1t0f61JmRI-dVA8pR94uaoYp52A9YrWw2mMFGbFsNq7_nIz172R8YOdWJlZmrD12ryJZJj9RWs4Bje65KPqCzKWVgbZWebSIOAwOrqpI97zO6xYdweupZK9Z1v4QPrB7tvFDCjZ9TW64US1gwQzK425nyCXWHGGKBpcKHP8rwY-qJpEb_95I4yGg2hk6S4sUNEe8fcb3T7SR2M6HXzFzNKlPkdN37uv8uJdtp8cyR2u67ZW2nN7oz0dObE2U-7fTD3EOwYicRtqHzZQSc9vZ4CLy-wKwP9HnDdDVfHiNjOmdU8yxCqtSpVchzYucX4HM7TTGv-hxMbQvkJ8dDQviUmzkw7u7ivbVCqlL9sHIO-rHfQ0L5M7wmYhEHwFWfZlq5cKBHa_SkH3qPZbrpSU3Td3A8RMmBV_afglXqnpesm8IQsNgWMxtfF5_Y3iz3w0Er5QEghvOt6G_sRCIgT_ItF-HI1utZnMPL2pt2zRXB3wCQd2B5Fpi5TfTNje047Q0E4pVMSZO1mStfQU-ac9RegDqat1jw08OchbUYFKQOoJG_XgaXTXZ0LmZ4xZyQUdgicVYkPIiuabgGK4wn6QQ9EPxxiBAJsS0A4ys85gIunFnU_w0sncVub2-p5QSL7J2Je29Wb_Poz1v-GAO8DhtRHWTz0FqdejkYwYV-oOlrVOMyU8GTCk16qbXAVtnIW3UKQCnRt7-Vi8xItoLyR2TZNNkFDTEITzfO_zckw8KcPgQsOVVDC_K4qULSP45R3AS5xbyOQDNzPzHZuLdcjr5ZTnm1CRb0g40PFcVuF_v2XL4hkL-rl4WMhDyBEmZGTGZbr1DcQxI7DQgcnqBdAKRM6FgML_oAiiWbrmg9K-2_mwFEdV8hNWyw8APiRiTUoiFWpKe_qj441WjL-0cq67de9qHM648anfdzCxry8I9qU6pdwJLtKZT1iV1QBbUjR-TSg0hllTS_vO_bt88ACtc4J4OnYeatyaR7gRd61RRBNrmMSD3HNqJ-LK4T3F5bm6z6qZfOUkJoWwxiJNphJ23fuypiEpjAyqdYP0FDEkvpA2c-U2a6hBHqwe8AtOrgGwMMp_YpJ_06yCTN5g79xH2iT40OvrHBSznn2BWJAa93Zq_PAdK25klQ2br5qE7wT3TDUtlCCCiWVeeBUR1dWo4asSu5F2izYkqAovfSHwg6NtDeNV9lcSz1gMjJbam1cz3Ay88wP50sjHxyS_P3Ts2bBcOmE6VTTWUc_6i0L31rB6g9glG2m1-IMUhdfah8Ikm29tMdUV8dXyoCwMXJTInwLR6p1W0RzTzn-qfgS2cR8YyqWtVgZuLhRj_9Kx8gx4Sz-HTZH85mgB2tLQq82hJChvyodF51MHW6KMjYVbENXwIs2boATjwVP_fCCC2zvFHh4wdqYP_-pioL9mKnyR-eFT-UyhKY4bA0HNgLJHt5WkOprPw9VFflIVOUy8klzevnxCp0L1ZSCSy2BIXd1dYA5NPMZs578GO8y6R_0PFrjKo_2AG2sOGzTK67_qA4pxqNbHIbQPFABlGT4CnKj34hc10vpnBJdWXEG2UenQ0mEMyJ_eiK5A7iI7b2nKNZqmengDv86GH51cIVDVzrq5z1SzkQ7yihw_pkDNJtoaQazMDQBNssMnYFQ2t-PBsM841HB2y1h30Dbv_w2zMVOPnuVTjkgLZ46kJ8x3hAHtGnU3wewu9fdgmxd-AjBk3POpm0TPiOquzpVecRB44hZkbfECv2HBh5ehpynUFG-Pwxud88OW0D9o0zjg2iZCwxkpq1xHjm852WepzV1flRdmsgMOvsu2RX7tvifgzWDpUnVcmP3VuyGr2cBKIFqkTN455Kc3aqgqA&cid=CAQSOwBygQiD1xPzZyzN2VNurjCcArsLewLRd50z5xqlkN3iTF06L0313NKynkw7GgN6lVz6nDsqC36J2UWIGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10557674284562893000&adk=2754877854&idt=93&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
server: cafe
etag: 10389968670829887652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:45:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E30 41 KB
15 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/174925;7409373;201;js;gmpdv360;VELOTW2Jalapeno728x90/ Frame 62CA 2 KB
1 KB 120ms
42ms Script
text/javascript 23.197.128.137

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/174925;7409373;201;js;gmpdv360;VELOTW2Jalapeno728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=ye-mek.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fye-mek.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=293494.2984594804

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.128.137 -, , ASN (),

Reverse DNS

Software

prod-xre-app12.frk11 /

Resource Hash

af066967db9631a3a615b805d5062ab834035dabcc47cdf189b0f1b14f47230e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app12.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 826
Expires: Sun, 11 Jun 2023 23:35:54 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/174925;7409333;201;js;gmpdv360;VELOTW2Jalapeno160x600/ Frame 49B6 2 KB
1 KB 120ms
42ms Script
text/javascript 23.197.128.137

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/174925;7409333;201;js;gmpdv360;VELOTW2Jalapeno160x600/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=ye-mek.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fye-mek.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=45903.32735416491

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.128.137 -, , ASN (),

Reverse DNS

Software

prod-xre-app1.frk11 /

Resource Hash

dd827becbfe093ea884353b3921ae1e1c0ae74e26c87e42f6f8f5e85d16c74c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app1.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 827
Expires: Sun, 11 Jun 2023 23:35:54 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BAA9 22 KB
8 KB 63ms
61ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:24:07 GMT
expires: Sun, 09 Jun 2024 06:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/174925;7409333;201;js;gmpdv360;VELOTW2Jalapeno160x600/ Frame 4E30 2 KB
1 KB 143ms
73ms Script
text/javascript 23.197.128.137

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.128.137 -, , ASN (),

Reverse DNS

Software

prod-xre-app2.frk11 /

Resource Hash

b1e2c565f5f0b296c4d15dd07310177907c4952a57e610d72b3c4c2c06a5b375

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 23:35:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app2.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 827
Expires: Sun, 11 Jun 2023 23:35:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D307 0
0 100ms
100ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=1793475076705859&bg=!MjGlMWXNAAaGYqkwpmI7ADkAdvg8Wu5uwJgqlV0P_2fJXahgGXwmZJK_WGtOEDGhJ6gQnj5w8Vfr_SrAqeOiQNi1So6GROiTmTcCAAAAYVIAAAADaAEHCgAg-87VSwqC0XPw8KxZvPNOUYdxThWvJl-k06TjGP4NyA2ZA0Yp5jWsDetosoOGyMrn2kuIzOaBW7NxrfzBtcHBOiP7nnzU5kwGx6S2aIvjCkVRW9AeAjkIKNHzPm9PK6-_vqsy-qycvAd2-9SD90HX2z2IgGI0UmzqHjIqp8DR6qL22CJhfbzjEVKV7vcv6ZXzTj5qr0_c9L3kF6urZPlkKIm3UWw82T6JUdiqDHXi5GJAKa8CluLkuwdFPJ5L4EFoAD60th20KlRwY6Am-1VPVcALGl8brdyycay5uJ2vAsCNO0ViSB3JETPpKib0YhZ0ZwZxVITDXjzrEHTxb6VJj1Wazgb_CqSgrNX3F80HzNPeBzpiMCIUxNa59KqmlJVfQCPs9-YVHWMjOqQkWpQ0U3Q20n1G1gqZKhRJZihvTProFg5nmBA9YDgmI1CgpbwhwjMlqtfW7S1GmvsZ-E-jWeiXrm9N_vUpbB0Cdn1xeN9aoKA1E9eJiBR3ve2iu730wgoT96i2hM3CRjezle9MfJVHxpWnlgqCxd03Ny6nlin8IuuhBsEhkrwivPMCnd0R0oepEyWFv2cGAy_B1gu9vWXrHQEMjpIDkZaMJvPsHXT7Bq69JRISdNNZZHIwJAHw675e3nIu4_j0bej0yoVPmQbsrxAAMYXSNSPE-ISVEFohwSvpOrcGPfl9c2pjVBMjDScGlT0rAS5xgWTYQizIeySzn69fGLp-Y45FWrQ59KExnO2KAmE7trr8ZKVGOKtfgU7-7QcWWRV40bkHnIdUi23OUdv61G4TdoZ0rJSBNRpOImB9kTpm6k0lIi93TiKd7wHkXDAb9nVCxQLuq8iFcFTxzIBk--oxafe8tVSAHGxEmdBVBc4SdcRwhk3ovqj5Tg4MVRpl5eCGQe31CPKr1ItGxcFNdFwnPGx97KC4iWtvqwpu_ONjLokoiDcQsnk-A4nEj768UZHgySCd6RfI1eyxSfwc5MssmMyQU_ekXFNsmKc9KWEF3MYrqnHKRGnubk8OK8bRY575xDtIaM11Cv1l4A4e5ETX_P86UDbRycKTnaXdp__PFLKECfrluF4Ee58AkEuYU3rMF_ZX20z9hfwlcuqQtxKuphdnU4KR-m-mnZa8pmRApshEV8dCSKKY4prxMb2Cv1Vl
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B9B2 170 KB
59 KB 200ms
59ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Origin: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Jun 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame B9B2 11 KB
4 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Da_Ywoi3Y-rcmNENisepQk7QtI9yFOabbNaCq7yYWwctm_n8t1HdgPZz2GdMkixr1a9hxrkQMDEe0AGdhoNUalGVlrrXw_845ss0Ncya0gFgM9Oezv-aoKX2hV1l8DE0XT_oVlKxLf3r2EDfu3OXd2J5VZmgcwHFpZNeM98KDeZBESWC0&dbm_d=AKAmf-DGmb_M1qaPO38AUo-dyiE8hSdcYdVDibAkuZKY136pbePZyZioL7Z49WxvzMq_cDYuTH2g9JRMHVu7JN2lKIJ-JK3JdZpgmiwzWMtm4VtCZwVcuVhTydPSO2Qb_87KK3a_UeRHeKqTm86MKP9Izc6FbTaSB7yz6ANwRm1-aLUxNCGArigeRWtOXN9gog9Dm1nvYqswd1os9V_Lhqgpf-_r45LftCUfQk8uY54nasMrFm5UHEAkxhaWy2PdIGUC5JrVdIq0NsDAXaL8HoSBus-HEkCb3xPbpTTF7iDMjbc6tz5E1g1QVhcNlWosbMBuVn16uUiuDl4mcqbr__PJxLqvk48SuvREGHbFvXrqRPG78i2fm4LtfpTPodl2IdARzEfCCu8VicnCer5fn_-0r2aWxV0ucsnhZcjsTfEi5Fz_JM2gF3oI0rPMAbPKBJ2g-PpsqaJJfau48OcZE0f-EHOFkK8044y8TRcRHbV2VQxMUv6clRmwoUXX7CYPS9pHWHaO0temNmsKiOxZyunFp1RumhUzHJ2hJHm2UAQLIw6_JnVZYIvPjxz7xMRiKMkNfMiXWcisJH32WX5sv29zbc05Ps-qPnFQzfj7bv1QytvQqlZJY-C8PjjzdIQB_rBcNaRB6a3oEqN9PWoQdrfGRinKrOD5it1-yuhOK7iyC7g-_bF1maCS8DMYRAFkg5mehuuviGJ2AVnb-KNoDE8X3d6-2XFNBDt1qJDoRUBPlwMxZRKrVxOmRAbSpuTJTcwFdW9LNEWLU4n04MBHCX-qauufcb4aR4EtZ0xPxd33FfIBumexDNuKSnFwKaL3pmGRTWJqJ6dAAfi6imT1BrthXc_zFdq71RUYC7auKKsXw8Ht2uisPvnNIOgaX4422xBNJBuC35nJZHqYMZh2d9UfSA4GZkCBz3hBGJWdGVyCLH2x_1goW50aSZpNfFgXTzDyA-ibrzl5s_dhKkcVHpX0J72KcX4FhZTRL1PCdfQFle-CeuizaUz8Mw8Pqm0sJ4ZvwwPRlzFIbco7SZJfDmM4BgzRz76rOPb-0NjKwbapSYhCa3rl-U3huo3mLEHbdXTak4yiU91PRqEDMmURFPArGYY2x3e4v-G6GWl_29SzpcpzMWrlA0NmpOQXSjNxsWbRAj8PBhP1wKewVHuFGrKO3STF2N8YacjJxeDGMWubUG1tWWd153vLwnY7MB7suE6L6p_4fpiik6Mg4LaXohCWIKwm_TkwncV2CATSJPFlKCdIgNXp1ExQFImBCXy5xkacaNJm-z3-jWWU9TUO4NFOqs3lP-ZMGEy-ZUN7D9g-o_CHkSa2zqgyuinkZkWtjQkwFPAIkMPY2XsR635spVg0Xp260m_PcV_O_Z3Y87L_tECo5euvZi_0qEctVrK7PBynU5w0LFAlNqelBo9qhHICffJQQ743sl7eOa0GUu2OOmW-m6ZDEZJmWZjEaNUD7DljNC_-sVo9t3ognzUb9WH_1BynRuZHeqxDUSK1fuPaI8vmX_Shj2-bsnJtqy6Ku11Et8lZT2wtC5jmi-tXFWEgcEBytqcOcZg7sojoKWf0rbg736MGrvU0rMEF192yPWNUoRvBt6xnCPbe1ANQS7yKiPqL3Hh7FbFRd074tHuRBPIj2aST8zALutbT2M08SJWcWRmTubxNXaC3NFHqnH5ykLwfECkUR1sJ8LioYqZqFGVWdJ8_3b_LNNYe_eVuP3263vRR9-M4sQhelkvJ2S0yVjkWa_RFPVMRZFruWexHJfQY4V_iXFvjo2angVgJGuMkhSeqws84dZ4juHRANWUV3PlnxIP70NnDsIdTCfxsUmMV2feuLva5IeDdsx3tCe2n-yy5fxYtLl7zTybZa97na4QPRTYlUkvhNFXuVWk-7FE_QcuNHS-dzB6qSTVf3Rlkrwfyp7vgl6YlHAqRRKideAa26JENjS9DXpMV5GQaGSVmLiMdnYPrXil3r4jX3UVCDqt2Ibf6hsaN0opXakkA49A6q9myxcCxUeiOGp7BSm5_hEyqJam7dCilbDH_4KCD_YGRi-IqhWHJtskDopOLOVRBA1C-XN7gcVgC-zm-YvMSna1CpHReFgX1osv5SdnI2sxQeT_Q4x6hPvUeojHqjA6-HwGKk1Oc2xRUw7fxjyS3CSAArV1XcNkbbDCxGblEN9AsMRGw06rkWAQCu8t_vIKMAeQHMdGwh5v_86qO7Uezkxd2t-rbUVpVRXpdWFaIgibKtUogRgeL7eR757Hq6GZAV0S-Zt4FGWwf-HThAvaDGHeTv7dq-R8yyV89lpBt6ErrbruDg-JZP_pZMktzk5znjNj1rUfh4MQ7ucyDXAQZZOPoVKsPxPx0rNpQj2MUh19Lgz7XXMeI7OnzlwaHaq8xSTLkv8p3BQOPn3RRD_EFChGN37xVuv6Yew0pFHNKMArlpBsnRux3oTkfbWnyKJQUK52fnPA1bMJja0GpNN0OGg-vWBnMA09BxODMyK4JjerfySp09dE8ED-044JpFfW-UzR_Kz0toTq-rjriiwZAgeBmUnuAL40eDnplk9vyb9bT6LhPAM3QyP7M10DdBMSqlNzgYpCcCcY61QgwsDnGx6fdnAf5uJiJJ-muf9TzQD1LhO-ZfjFY6vD0c_DjpApFubtLc8FDfYLqt0jHZSAlNLI2UtnLwuJnJDr7VbAyNrrCrUlgC88YIJJmqzucwqE90PKu2oDnWx8v4SnHpmpPlenwj4PrpBqtWEPB7ygrCmdlz1KbvQkErw_pmZmoLTM6q1PyW_SagFC6VfmgTGuH3saEkCWecu8YGvHBUieIo_hk8tWKu3zzIFO_2z-pAETcrQdxJ4L0KwF1TyzO35mnaDscSfsN5Jz1v_VIHgd4IihrRB2AZ84HzugRy-6a-25pwpuxSa0-s68KujLaGq1DY8wAgLnM9yNWjK6STNrfezKQX1XSs9NKxuKKibuXa8DTdrQSrP01V__y-Q0-jGrnyP4pU3uCsU4S6kZJfZrpwdRkD1UyyL9CKtptPWiKlMMn2MPF-4KC6DvrPKCWRsU0pOavHqDC1bB1so8IRcIxYz_lvsBdIkoNw8nAV2rxQ2YgH2Y6kSZviO-gQogSTpk23d8l49u1jQRLmAlBgEh87-49hltFDie672yyTyC_NvS0na9u2_YeaWGjTVRCOM8lUvWmcAON3PiKMorXWXaYVtIRbI5Z9aZTH5MMST7yeEt43NMK0JJ8Q24LaN6e-VWUC_LOlFc5dTZd0OOjDAzyyI0OFEcB43Ui2DdKixZzfO2dtjGwf93KWKzslOBlhSDJIzmyquv_-N7mpM0MtqssVzoW6yDUQGjAJh_yVUqBl4RRZlh-gA&cid=CAQSOwBygQiD7LvPTpKPRYxmYtSwgmRE968DkFOxWbY8W-VQgNB2MDi37ZXbGzZcU9uqbKTybKX4ICBN8uMSGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2240223710665804000&adk=3563752640&idt=107&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:42:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame B9B2 29 KB
11 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 00:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
server: cafe
etag: 10389968670829887652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 00:45:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B9B2 41 KB
15 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8B50 1 KB
643 B 62ms
59ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B9B2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ee28d315f7c7643890fc97971b60e2a8a4d9d0184e450def7a07380764dbe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 82C1 10 KB
10 KB 34ms
33ms Image
image/png 2600:9000:223f:9600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Thu, 08 Jun 2023 17:07:59 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 282476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: xNAA02rcSP9fQjy92l6lazgWwNJKVObYTTbwOyTDgrMS1qam9x3T8A==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 280C 1 KB
643 B 60ms
59ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5717 22 KB
8 KB 60ms
59ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:24:07 GMT
expires: Sun, 09 Jun 2024 06:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 82C1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 024dc8110d4e697f42fc12e9c292622a8d8448631b9971887cd8a8bee74eccf4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 83E3 91 KB
23 KB 36ms
35ms Script
application/javascript 2600:9000:223f:9600:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22751978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: iP9ZemFINXeJOlxAXfWhj-IpgBjO8jwXmjtQ5AdgK8xSiwvHOnL2pw==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 82C1 43 B
217 B 56ms
55ms Image
image/gif 52.209.23.15

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818504392&campId=15571779515&pubId=1&placementId=396785946&adsafe_par&bundleId=&dealId=&bidurl=https://ye-mek.net/&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:a1fc1ad8-450a-4c23-a459-cd972890f388,c:fh951T,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c5d9cf586-k5lfb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:244,mot:0,app:0,maw:0,fm:tGUZxWA+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C11a%7C11b*.925113%7C11b1%7C11b2%7C11b3%7C11b4%7C11c1%7C11c2%7C11d1%7C11e1%7C11e2%7C11f1%7C11g1%7C11h,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:294,oid:b5159285-08b0-11ee-886f-2e30057e4063,v:19.8.417,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.23.15 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 00B0 22 KB
8 KB 62ms
60ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:24:07 GMT
expires: Sun, 09 Jun 2024 06:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3D6D 22 KB
8 KB 60ms
59ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:24:07 GMT
expires: Sun, 09 Jun 2024 06:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6363a944e4b0125bde9e6739
ng.virgul.com/tck/i_vb2/ Frame 6408 0
210 B 75ms
74ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/6363a944e4b0125bde9e6739?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1686526554538&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 6408 0
210 B 72ms
71ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1686526554538&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 6408 0
210 B 74ms
73ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1686526554538&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 6408 0
210 B 74ms
74ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1686526554538&userId=vnetb7ca5edb-4408-4cc4-8369-d7dd06ba1101
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 11 Jun 2023 23:35:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82C1 43 B
216 B 311ms
197ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1362481&asId=c33575e3-ba44-4406-24e5-3d43dac86f0e&tv=%7Bc:fh9539,pingTime:-2.1,time:369,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:369,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B360~0%5D,as:%5B360~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGUZxWA+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C1194%7C11a%7C11b*.1362481-69643702%7C11b1%7C11c1%7C11d1%7C11e1%7C11f1%7C11g%7C11h,idMap:11b.a1fc1ad8-450a-4c23-a459-cd972890f388.87_925113%7C11b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:32,sinceFw:58,readyFired:false,sis:202%7D&br=c
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82C1 43 B
216 B 297ms
197ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=a1fc1ad8-450a-4c23-a459-cd972890f388&tv=%7Bc:fh953l,pingTime:-3,time:383,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:383,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tGUZxWA+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C11a%7C11b*.925113%7C11b1%7C11b2%7C11b3%7C11b4%7C11c1%7C11c2%7C11d1%7C11e1%7C11e2%7C11f1%7C11g1%7C11h,idMap:11b*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:294%7D&br=c
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82C1 43 B
0 301ms
202ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=a1fc1ad8-450a-4c23-a459-cd972890f388&tv=%7Bc:fh953n,pingTime:-6,time:385,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:385,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B137~0%5D,as:%5B137~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tGUZxWA+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C11a%7C11b*.925113%7C11b1%7C11b2%7C11b3%7C11b4%7C11c1%7C11c2%7C11d1%7C11e1%7C11e2%7C11f1%7C11g1%7C11h,idMap:11b*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:294%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by: Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK ftUtils.js
ajs-assets.ftstatic.com/ Frame 62CA 86 KB
27 KB 174ms
44ms Script
application/javascript 205.185.216.42

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/174925;7409373;201;js;gmpdv360;VELOTW2Jalapeno728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=ye-mek.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fye-mek.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=293494.2984594804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
Content-Encoding: gzip
Via: 1.1 varnish (Varnish/5.2)
x-amz-request-id: 5D66SX4DKZS6YBE7
Age: 86299
x-amz-server-side-encryption: AES256
Connection: Keep-Alive
Content-Length: 26395
x-amz-id-2: P/jS0oemmWKFb6jrtDhtTXdLD/KcrUShY+zNrnImshNcpYqDGULgvwUQiS1Ox89m/VpMLn4Gz7nwbOOtES5oTw==
Last-Modified: Tue, 30 May 2023 13:38:15 GMT
Server: AmazonS3
ETag: W/"2e93bea4431b5515193f9a21fe17141f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
X-HW: 1686526554.dop140.am5.t,1686526554.cds293.am5.shn,1686526554.dop140.am5.t,1686526554.cds312.am5.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=86400
X-Varnish: 532792059 522320476
Accept-Ranges: bytes

GET
H/1.1 200
OK ftUtils.js
ajs-assets.ftstatic.com/ Frame 49B6 86 KB
27 KB 173ms
41ms Script
application/javascript 205.185.216.42

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/174925;7409333;201;js;gmpdv360;VELOTW2Jalapeno160x600/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=ye-mek.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fye-mek.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=45903.32735416491
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
Content-Encoding: gzip
Via: 1.1 varnish (Varnish/5.2)
x-amz-request-id: 5D66SX4DKZS6YBE7
Age: 86299
x-amz-server-side-encryption: AES256
Connection: Keep-Alive
Content-Length: 26395
x-amz-id-2: P/jS0oemmWKFb6jrtDhtTXdLD/KcrUShY+zNrnImshNcpYqDGULgvwUQiS1Ox89m/VpMLn4Gz7nwbOOtES5oTw==
Last-Modified: Tue, 30 May 2023 13:38:15 GMT
Server: AmazonS3
ETag: W/"2e93bea4431b5515193f9a21fe17141f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
X-HW: 1686526554.dop248.am5.t,1686526554.cds222.am5.shn,1686526554.dop248.am5.t,1686526554.cds312.am5.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=86400
X-Varnish: 532792059 522320476
Accept-Ranges: bytes

GET
H/1.1 200
OK ftUtils.js
ajs-assets.ftstatic.com/ Frame 4E30 86 KB
27 KB 181ms
40ms Script
application/javascript 205.185.216.42

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/174925;7409333;201;js;gmpdv360;VELOTW2Jalapeno160x600/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=ye-mek.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fye-mek.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=373967.3845916283
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
Content-Encoding: gzip
Via: 1.1 varnish (Varnish/5.2)
x-amz-request-id: 5D66SX4DKZS6YBE7
Age: 86299
x-amz-server-side-encryption: AES256
Connection: Keep-Alive
Content-Length: 26395
x-amz-id-2: P/jS0oemmWKFb6jrtDhtTXdLD/KcrUShY+zNrnImshNcpYqDGULgvwUQiS1Ox89m/VpMLn4Gz7nwbOOtES5oTw==
Last-Modified: Tue, 30 May 2023 13:38:15 GMT
Server: AmazonS3
ETag: W/"2e93bea4431b5515193f9a21fe17141f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
X-HW: 1686526554.dop135.am5.t,1686526554.cds121.am5.shn,1686526554.dop135.am5.t,1686526554.cds312.am5.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=86400
X-Varnish: 532792059 522320476
Accept-Ranges: bytes

GET dt
dt.adsafeprotected.com/ Frame 82C1 0
0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 771B 22 KB
8 KB 62ms
61ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:24:07 GMT
expires: Sun, 09 Jun 2024 06:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame BAA9 37 KB
14 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8B50 35 B
465 B 114ms
29ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFl_j_B8COL_QPcpoDb9N84&google_cver=1&google_push=ATf1kGMnfxDH6MKRo5aljyKRUKVQSz_to1ZooO0Z6yN5umHy6140gMGVLnGrjiWGDtsBVRDHqty8-akR1DSM0MSM76Eu70x1vWQ

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B50
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDajQLFT-AUfR8eFcY5BcZw&google_cver=1&google_push=ATf1kGMGFV3rVs5KjSaMb5HMzIpFUE2AEg-xfZ2gII8VTlyo7xWbbZsQvpCXb44AU4e8l3IvANh1nX5EBoRuu2KU...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMGFV3rVs5KjSaMb5HMzIpFUE2AEg-xfZ2gII8VTlyo7xWbbZsQvpCXb44AU4e8l3IvANh1nX5EBoRuu2KUKvwpho0oiew

170 B
188 B

69ms
69ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMGFV3rVs5KjSaMb5HMzIpFUE2AEg-xfZ2gII8VTlyo7xWbbZsQvpCXb44AU4e8l3IvANh1nX5EBoRuu2KUKvwpho0oiew

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
Server: MT3 986 b247903 master zrh zrh-pixel-x29 config_version:"359"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMGFV3rVs5KjSaMb5HMzIpFUE2AEg-xfZ2gII8VTlyo7xWbbZsQvpCXb44AU4e8l3IvANh1nX5EBoRuu2KUKvwpho0oiew
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 11 Jun 2023 23:35:53 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B50
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEH9UuI2AzfvBJ-ftB9d7Z3Y&google_cver=1&google_push=ATf1kGOtLALdpjfdIf-wSLKSVs1xMniY2T6kqXtcYoJIhOuWHrn4wDxAlaOAIs8niMtZxkP_qu4oWuJObpuXLIdq...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=T5MqgKCfS4-hzibTyPrPiQ2&google_push=ATf1kGOtLALdpjfdIf-wSLKSVs1xMniY2T6kqXtcYoJIhOuWHrn4wDxAlaOAIs8niMtZxkP_qu4oWuJObpuXLIdqb_RlAbs2gN9k

170 B
188 B

70ms
70ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=T5MqgKCfS4-hzibTyPrPiQ2&google_push=ATf1kGOtLALdpjfdIf-wSLKSVs1xMniY2T6kqXtcYoJIhOuWHrn4wDxAlaOAIs8niMtZxkP_qu4oWuJObpuXLIdqb_RlAbs2gN9k

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 11 Jun 2023 23:35:54 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=T5MqgKCfS4-hzibTyPrPiQ2&google_push=ATf1kGOtLALdpjfdIf-wSLKSVs1xMniY2T6kqXtcYoJIhOuWHrn4wDxAlaOAIs8niMtZxkP_qu4oWuJObpuXLIdqb_RlAbs2gN9k
x-host: tde-deliveryengine-production-768c8bf7ff-l9v7r
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

sync
x.bidswitch.net/ul_cb/ Frame 8B50
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENNH8TftYZfHgHpvIfQVU3g&google_cver=1&google_push=ATf1kGPvKJUUp8_Owi9liieZblgdSfSvRYxUNespMp3nAyxc0JuLtJ1u9vE-UxUmEI68irYbR5caFYf0pXQ62rYyXKhk...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENNH8TftYZfHgHpvIfQVU3g&google_cver=1&google_push=ATf1kGPvKJUUp8_Owi9liieZblgdSfSvRYxUNespMp3nAyxc0JuLtJ1u9vE-UxUmEI68irYbR5caFYf0pXQ62r...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B50
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEKmZa40G8K4MResPY7200vs&google_cver=1&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsFm0...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKmZa40G8K4MResPY7200vs&google_cver=1&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsF...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsFm0CDjkx

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsFm0CDjkx

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMuKp4cZNg8kFZzJs1nlE6_saNVJImmTK2BRQZuYgRUQ-WbtS1GEXYJ1yWPX7-GdsLmF_bP_51azSDkO7ja-OBsFm0CDjkx
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8B50
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-HYvPK64kwTwk91i7Tz0FezQ-ff5saUO3t8wu3w&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 8B50
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGO3SpvwAno8o5nkKEybMIMztwJbeOSv615thqzISY9wdCP74m3pVSM0FmPtDFKYQECGf7-sKIEA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGO3SpvwAno8o5nkKEybMIMztwJbeOSv615thqzISY9wdCP74m3pVSM0FmPtDFKYQECGf7-...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM0NDYwNjczMzUwMTY0MjQ2NA&google_push=ATf1kGO3SpvwAno8o5nkKEybMIMztwJbeOSv615thqzISY9wdCP74m3pVSM0FmPtDFKYQECGf7-sKI...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8B50 0
12 B 69ms
68ms Image
text/html 142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuvvW4HkmTUcZ2SzANTNwupwHXit4zOu1zK0ZzgFUTs1baLjFvM_onI6pHpLvrGUfMmLRJ

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 280C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM9jG1W8oUUOrqu0kT057aY&google_cver=1&google_push=ATf1kGNGES5x0Bw1sHjiJ7i8JsdMulVSQyBPXhJzr1umRh5i-l0uoScvTagyKp3G2bTDung8lxLBeGZc6WMml9Yt-Z1dbyB0vvft
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA5MTg4MzU0ODY4MjU5MzAxMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9jG1W8oUUOrqu0kT057aY&google_cver=1

0
0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 280C 35 B
463 B 107ms
30ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFl_j_B8COL_QPcpoDb9N84&google_cver=1&google_push=ATf1kGPs3AWXJbwU0VM8ztrvXrwQIY1jjGZex-nJYTzJCKimP69UH8Iwr4dYpEeNWf9c6eL2U0EWyDwwAekmRN7SsFj7eA2L41av

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 280C 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 280C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAhOzquF7p_8N1M27-GBEbo&google_cver=1&google_push=ATf1kGMAU36cM4Txk2_IFj-Zh5zMLNMjzzy5dN0QhqHKGn8QGaBddsrlEK0wkLLHNjvLWISi3DbDJ542ivBhvb...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MzU3NjM5MzI4MTEwODEwOQ%3D%3D&google_push=ATf1kGMAU36cM4Txk2_IFj-Zh5zMLNMjzzy5dN0QhqHKGn8QGaBddsrlEK0wkLLHNjvLWISi3DbDJ542ivBhvb28IY...

170 B
188 B

70ms
69ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MzU3NjM5MzI4MTEwODEwOQ%3D%3D&google_push=ATf1kGMAU36cM4Txk2_IFj-Zh5zMLNMjzzy5dN0QhqHKGn8QGaBddsrlEK0wkLLHNjvLWISi3DbDJ542ivBhvb28IYkYBtHAu9_N

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MzU3NjM5MzI4MTEwODEwOQ%3D%3D&google_push=ATf1kGMAU36cM4Txk2_IFj-Zh5zMLNMjzzy5dN0QhqHKGn8QGaBddsrlEK0wkLLHNjvLWISi3DbDJ542ivBhvb28IYkYBtHAu9_N
Date: Sun, 11 Jun 2023 23:35:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 280C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIf0tkPxDPpl8cTo-I8AAQQ&google_cver=1&google_push=ATf1kGMHMdB9L_tj0mAzZNHYYathA_cmHtOOKCLckGBvt1OdUDMD0rqK-3h0H9_VAi-8A5wi5AbDcPeCzli3jEFoZBVETa5...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMHMdB9L_tj0mAzZNHYYathA_cmHtOOKCLckGBvt1OdUDMD0rqK-3h0H9_VAi-8A5wi5AbDcPeCzli3jEFoZBVETa5FCZk&google_hm=eS1kVE9OeTBORTJwSFlQXzZ...

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMHMdB9L_tj0mAzZNHYYathA_cmHtOOKCLckGBvt1OdUDMD0rqK-3h0H9_VAi-8A5wi5AbDcPeCzli3jEFoZBVETa5FCZk&google_hm=eS1kVE9OeTBORTJwSFlQXzZoY21zcEwuY3NWMzlaNlVOSX5B

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 11 Jun 2023 23:35:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMHMdB9L_tj0mAzZNHYYathA_cmHtOOKCLckGBvt1OdUDMD0rqK-3h0H9_VAi-8A5wi5AbDcPeCzli3jEFoZBVETa5FCZk&google_hm=eS1kVE9OeTBORTJwSFlQXzZoY21zcEwuY3NWMzlaNlVOSX5B
content-length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 280C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGN4O_9PXD9cGkP8SoeFbEhH4JERLKdxLxrJZ0pWAlwMadHLaK8EImupRlcVZUTKnNEuBhmtm45A...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN1tVAzbar9WIRinJzTBopM&google_cver=1&google_push=ATf1kGN4O_9PXD9cGkP8SoeFbEhH4JERLKdxLxrJZ0pWAlwMadHLaK8EImupRlcVZUTKnNEuBhm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYyNDY2ODMzODQ0NjQxNjEzMg&google_push=ATf1kGN4O_9PXD9cGkP8SoeFbEhH4JERLKdxLxrJZ0pWAlwMadHLaK8EImupRlcVZUTKnNEuBhmtm4...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 280C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFhaevugGuOVMpkGYO1d3S8&google_cver=1&google_push=ATf1kGNGtK7S4J3744HSI-s3QndLQqzbjOzeKd8e-AsDhe7PeDQ4C6kx0HEeDBAoH_dxhq9oXMx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTMkQ0MEotUy0yMTlM&google_push=ATf1kGNGtK7S4J3744HSI-s3QndLQqzbjOzeKd8e-AsDhe7PeDQ4C6kx0HEeDBAoH_dxhq9oXMxP35AIfjsdm2Mf7dTT4TUZLyZE

170 B
188 B

70ms
69ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTMkQ0MEotUy0yMTlM&google_push=ATf1kGNGtK7S4J3744HSI-s3QndLQqzbjOzeKd8e-AsDhe7PeDQ4C6kx0HEeDBAoH_dxhq9oXMxP35AIfjsdm2Mf7dTT4TUZLyZE

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTMkQ0MEotUy0yMTlM&google_push=ATf1kGNGtK7S4J3744HSI-s3QndLQqzbjOzeKd8e-AsDhe7PeDQ4C6kx0HEeDBAoH_dxhq9oXMxP35AIfjsdm2Mf7dTT4TUZLyZE
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 280C 0
12 B 72ms
71ms Image
text/html 142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVidsJdmEmwFcs8t_IEikIxRctirD8bsKbwHyANFbpjw8WqT-7_awjfdiGcSbMIgpy7UaK

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5717 37 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 00B0 37 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H/1.1 200
OK dvtp_src.js
cdn.doubleverify.com/ Frame B9B2 8 KB
4 KB 145ms
28ms Script
application/javascript 2a02:26f0:480:9::210:ee04

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=20309721&cmp=29968277&sid=3288807&plc=367565023&num=&adid=&advid=4309118&adsrv=1&btreg=558488166&btadsrv=doubleclick&crt=192207036&gdpr=&gdpr_consent=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee04 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 23:35:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 09:15:55 GMT
Server: UploadServer
ETag: "71b8beedfc8712992269775dfe385a4e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3374
Expires: Tue, 06 Jun 2023 09:33:39 GMT

GET
H3 200 index.html
s0.2mdn.net/sadbundle/16829948873192997814/ Frame 5AF5 14 KB
0 192ms
68ms Document
text/html 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=KqN5Ckr55a&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3050
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 23:35:54 GMT
expires: Mon, 10 Jun 2024 23:35:54 GMT
last-modified: Fri, 12 May 2023 09:19:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9B2 0
0 276ms
106ms Fetch
image/gif 172.217.16.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvh2BjRyOp1A69r69UNSAIrhtg-2cykDJSUWPP6QGAJ_u70Iu1J5RU-sLJsX7aAe10cHQFQn2oF0uVisdB6FnN9cf4sEANNrsZGsFGSBzhpiazr4ac7B1jxGBkPBbuMyX_uy4AV7XUXG2YFF9EGQc-qo-VFI_VIdiRJ0NzvpkE6XXDjr75pKWAqwTQSLdAWFlxhl5gM78-0zqjSdegoP_0A35QlFHd8YKw9tqoXEbFcDbgwV9l834DrBJfFcbFSmmJKqBR9yw_gQFKzQjKml98H9X8hsRUke5fnfU8JcK_GfZGMtiYahynnQ-hY-xyoJ_f1IJN9IqR4UR25WKmcqlMNsUaYv28FrGgwK8Ws7EHJGjtACj7l3vXj3H1BKLSnd1EWPsSXh63NTpCFDUrmIEixvFaMCqa8F8UwoKz3LNT14XPLdOeoO3gSHErPyyTm-oYzTt7xdE1qiU43FXz5TD2P18W2jdJtBIubTnSwTuFwdSeJ4L7P3TjSqU3ZnaQQ13qzDcavYsyfSkEJ9IsAePAke-6CedOGPlKK8HEONPEQNYA4wIftP4zXTCYBexDBXn1B5ce_EjI6fpjx3a-BBHXR-p4b8tUtXe4VCfNj5BmZkH6TV5kmxvHIpPX9gR4CSGlWYXEyeTu6dzrPF2cCUQZuiDb4d9w7bK67Gn-8R5Mq19WggexFufvEot7AeoYRoHWx3a3ecoWDZXZLkigQa_E2LxPp9cwlurY_UNEBSK523YveajO6ZXCYkpCNuV5DlJIEhhut9wEm0WeyPJ7ldzY1bHd7Cr9BB0VYwnGKcuY74m07t45_kaSo7sXJpZKOrfvJDedVdPYhMW-if-vBwcOzK6VTL8-2RITEYBXxXf6seNElAjC6DIavnkCCfNxvJVrGGPbNf9PsV6U-MrG0SQwBNUtwOz6i4sfm9NgYV7dJrtbwPqlwh0EHF-W7XRcFbrZDow_X8APuhX7DdJFiw2mgDlSfyVl77TOwDI8Sw3NE3J0YNVa7FpExIPGrSetb3XvpZ-Bgp0kvmcAppWi9R1vWh04OyytC2cjptDPc8p1tz7W_sxqWDSRRh6r-d2DHYoERArYC_QRi4H58ANCX7QU063mwOH8qPj_2CIx2mZm5WhXuyJ0ZLdWXgMykyZJrFOvED_jGNQb1_4j1CjxcRdxpn0NgIpUVS-wWOkWoIsXQ97MTWgy22ka-t7DRGZ4XT33057e9-2qiJCjGGy1Ut8S5aCm9PiiKGi4WdKJg0Xf-YsHgnhn6wGgX--Epda5kzEe6F8ufypV2oQucWKnR9xJOsJ3wHux_5aqv4hQ&sai=AMfl-YQyC0O5MDDBxAFaAJzrYwHKFvuW1LQ84_V1WMeQ5YmeeuVcZyw15UaxTfHJc97WOJXbQz9aKdUKTXiOgWse4dYEvc5GisQGhhOj4zfgT_wwOBGJ-2W6fzS67HUx2Sv5uw6y5CLuDYFPLwUKe-aOCRMY9hm7YKWz_h-BhyQP2MwiDl-q1HOFPoPJh2Rr3uoEHn1kweho0QRmfJq-P_cCPpG3Ucdq0Yh0DPO51iRiZB-TmUhhCrW_iny6aDVaRntcnXIUxVHJp9vmQPctOXMoenN_vnWxVQ&sig=Cg0ArKJSzDiaVTe99XRAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=351&cbvp=1&cstd=337&cisv=r20230607.89713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Jun 2023 23:35:54 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 11 Jun 2023 23:35:54 GMT

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D6D 37 KB
14 KB 64ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 771B 37 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4BB3 0
10 B 60ms
60ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-RhPIQ
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 23:35:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET 4326003.json
agen-assets.ftstatic.com/display/7409373/ Frame 62CA 0
0

GET 4326002.json
agen-assets.ftstatic.com/display/7409333/ Frame 49B6 0
0

GET 4326002.json
agen-assets.ftstatic.com/display/7409333/ Frame 4E30 0
0

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2EFB 1 KB
0 60ms
59ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 49B6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5E13 0
0 60ms
59ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 62CA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET styles.css
s0.2mdn.net/sadbundle/16829948873192997814/css/ Frame 5AF5 0
0

GET Enabler_01_250.js
s0.2mdn.net/879366/ Frame 5AF5 0
0

GET overlay.png
s0.2mdn.net/sadbundle/16829948873192997814/img/ Frame 5AF5 0
0

GET logo.svg
s0.2mdn.net/sadbundle/16829948873192997814/img/ Frame 5AF5 0
0

GET gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5AF5 0
0

GET dt
dt.adsafeprotected.com/ Frame 82C1 0
0

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A65A 0
0 60ms
59ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
URL: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4E30 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1686526551873&src=pbjs

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=a1fc1ad8-450a-4c23-a459-cd972890f388&tv=%7Bc:fh953P,pingTime:-2,time:413,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:494,beZ:495,mfA:738,cmA:740,inA:740,inZ:745,prA:745,prZ:780,si:788,poA:789,poZ:804,cmZ:804,mfZ:804,loA:879,loZ:882,ltA:907,ltZ:907,mdA:496,mdZ:649,idA:805,idZ:861%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:413,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B165~0%5D,as:%5B165~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tGUZxWA+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1163%7C1171%7C1172%7C1173%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C11a%7C11b*.925113%7C11b1%7C11b2%7C11b3%7C11b4%7C11c1%7C11c2%7C11d1%7C11e1%7C11e2%7C11f1%7C11g1%7C11h,idMap:11b.c33575e3-ba44-4406-24e5-3d43dac86f0e.40_1362481-69643702%7C11b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:294,sinceFw:117,readyFired:true%7D&br=c

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENNH8TftYZfHgHpvIfQVU3g&google_cver=1&google_push=ATf1kGPvKJUUp8_Owi9liieZblgdSfSvRYxUNespMp3nAyxc0JuLtJ1u9vE-UxUmEI68irYbR5caFYf0pXQ62rYyXKhkRxI44p3i

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM0NDYwNjczMzUwMTY0MjQ2NA&google_push=ATf1kGO3SpvwAno8o5nkKEybMIMztwJbeOSv615thqzISY9wdCP74m3pVSM0FmPtDFKYQECGf7-sKIEAa1rPO7l9WK-noaRyVgzL

Domain: r.turn.com
URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9jG1W8oUUOrqu0kT057aY&google_cver=1

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPrirX2nO0EakwJN1EzfpME&google_cver=1&google_push=ATf1kGNyWGQHUak_5jqjosc6Uad4B_-Lvo1G1Ps02mXa51k1p1ZRnWyW0SRGKy0Poe-VZlSfL0v5yF2VaLa342Pu5PRXm1rV1Jsm

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYyNDY2ODMzODQ0NjQxNjEzMg&google_push=ATf1kGN4O_9PXD9cGkP8SoeFbEhH4JERLKdxLxrJZ0pWAlwMadHLaK8EImupRlcVZUTKnNEuBhmtm45AlTI9jq4T5m6veD5KbT2Z

Domain: agen-assets.ftstatic.com
URL: https://agen-assets.ftstatic.com/display/7409373/4326003.json

Domain: agen-assets.ftstatic.com
URL: https://agen-assets.ftstatic.com/display/7409333/4326002.json

Domain: agen-assets.ftstatic.com
URL: https://agen-assets.ftstatic.com/display/7409333/4326002.json

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/img/overlay.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/img/logo.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1362481&asId=c33575e3-ba44-4406-24e5-3d43dac86f0e&tv=%7Bc:fh95aL,pingTime:-10,time:841,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1686526555031%7C%7C2732bc18051c0cdb5bb3c5c2a1626077%7C%7C9807fceec1c048f3741b920e0a0474f7%7C%7C91c34302fb2060b13cdfd42e42912ceb%7C%7Cdb53c8dd7b9f96903d8c6edf3b4722aa%7C%7C0741b73a73d43e3df62ab07d679ee6d4%7C%7C9feeda3d817b05820edc9348cfc5ce16%7C%7C4234c9154cf9d50c289f89678b088da5%7C%7C1663701684,im:%7Bpci:%7Btdr:532%7D%7D%7D

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 21:14:22	Name: khaos Value: LIS2D40J-S-219L
.rubiconproject.com/	1970-01-20 21:14:22	Name: audit Value: 1\|SDziDG3X/Ejz6jd4+q1WqgmOsfVVM1TCDevM3UyPj6j8qn5EeGeJ97a4hegAU7agO06ZiOKdWPbgcRgjl6EitbjLS90oIwh53OlDu/ORdD8=
.doubleclick.net/	1970-01-20 21:50:22	Name: IDE Value: AHWqTUmhOcHLUJ3nlazo8pdAnP1exlwBXvedqOngTcyTVyptgw2IlR8RYXNfUG-EGhc

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686526551596&bpp=5&bdt=1115&idt=350&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=3979164214347&frm=24&ife=1&pv=2&ga_vid=214013272.1686526551&ga_sid=1686526552&ga_hid=38106992&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075205%2C44788441%2C44793497&oid=2&pvsid=4040297006971483&tmod=317818420&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.izt4po4npv1&fsb=1&dtd=367 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

61f6e9fd343e3e96f4f5dd477c8d7d57.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
ads.travelaudience.com
adservice.google.com
adx.adform.net
agen-assets.ftstatic.com
ajax.googleapis.com
ajs-assets.ftstatic.com
ap.lijit.com
bidder.criteo.com
c.amazon-adsystem.com
c1.imgiz.com
cdn.doubleverify.com
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
feed.pghub.io
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
images.dmca.com
imasdk.googleapis.com
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.adsafeprotected.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
r.turn.com
rtb-csync.smartadserver.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
servedby.flashtalking.com
static.adsafeprotected.com
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
agen-assets.ftstatic.com
cm.g.doubleclick.net
dis.criteo.com
dt.adsafeprotected.com
hb.emxdgt.com
r.turn.com
s0.2mdn.net
sync-tm.everesttech.net
x.bidswitch.net
13.32.119.77
142.250.185.162
151.139.128.10
172.217.16.194
178.250.7.13
18.66.110.17
185.29.132.245
185.64.189.112
185.7.176.221
185.7.176.223
185.80.39.216
185.86.139.94
185.89.210.82
185.94.180.125
2.16.97.41
2.19.224.115
20.60.220.36
205.185.216.42
213.155.156.168
216.52.2.48
23.197.128.137
23.52.123.144
2600:1f13:800:7781:a9:f316:c651:5d12
2600:9000:223f:9600:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:9a9
2606:4700::6812:272
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2006
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:480:9::210:ee04
2a02:6ea0:c700::17
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:d29:3601:7391:985f:3e9d:2132
3.71.149.231
34.102.243.38
35.190.0.66
35.241.45.217
35.244.159.8
37.157.4.25
52.209.23.15
52.57.24.240
69.173.144.165
77.245.159.14
85.111.6.48
85.114.159.93
94.138.206.83
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
024dc8110d4e697f42fc12e9c292622a8d8448631b9971887cd8a8bee74eccf4
0403acf352d97f4125629cb0d42e156490c93962f561f94d7f3c2f4816c8f415
04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379
06a28caea304288c782feaf69d771b59f1771bde1f2b0b9212d982a62d7ae441
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d33fb628e8139b0ef85167cc2128e4299fae5ee83d7b3d215099b4c35343ea
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7
09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d8812f5547b313d30ae9c9b712b8fc50eafb19ab00a1658b484a35de8f78fba
0ec15133d868559ab60388643173c0eb52debe58489d9b8438976736c7d8b7bf
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1360cc417273b056ca8087a28233c0034a17dfd5e4b5435cdb704213a614e64b
15305e76634408c6cb742bb0fd118b53e8ebaf7a76e17e4b720b0515adbd0541
19eb8aa79e13101d907ddd5ef9d291cbc5d166d22b4c4961359e00f452f1621a
1ba2d08ef8d8f95f8a0cddefa0f4f838c563f5ea82cb385f22b1bfc08b7d2bc4
1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
24762ab428a6fcf11ff285c267ba773b0a63638dcee78a5cc3ea8406f092ad58
25a120a3830417d169351a3985042dc4bcf6e490fbbe75794190d73794836ebe
26e27f9574b8ffee36d6729e677b5409413284419c12916726244b09f53c8e1d
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
27b521443caa2567c561c9a2bd377929f40cf7fb68113ccbc4b42669c6841e79
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c32bd2e5707e8daf52a5872eb1e14e558b6bfe1524b91a49b869f2e99fe319e
2d156f75a2412bb1fe1f51f406e413fe5d4d9696cfba912fe267fae5dec3fb76
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3362ede9b3228efef8559e55e4d0560046a33143ffeee5f782e6809d4632fcec
35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf
37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38bdae94dc66b00a3a0cfdac71fcc937459eed3ec97776abb75702910f2a18ac
3a0fad2a356f8d50d02af3a5886e30e159cfa1474984f6fa5ae08d4639e9897f
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
412987cc35c5247a10aff8bbe72a3e89da1540916e2a74667fa98d415c4ea5ba
4532ed97c8ec16da3c9275a5345ba6406647074a9c078e609aa9f56c1a40f76b
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bff962fb085bc7a7d81b7a59a2dceb2a6dd7f44a6d25af7040fd62f86393a05
4cb046f211f818761360beba677e9a1467919ee47473d6aed9df63af6aaea684
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee28d315f7c7643890fc97971b60e2a8a4d9d0184e450def7a07380764dbe6e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cf47f2d62303f47bd99b1ed14f8815fb86b5706c76d0e7dfd8384e931ea074
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5808d723c40744b3cb0ed3a450513d5c387e7973a70623f927eb94b1ce981e23
59641e17cbf2747c31456e5ac08ddd332816ebb6b9fc9273ed4989ef979ca5cc
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5b05cb80f00e47f73dac07960063c835d60efbd503b302b4ba68ecd87c7f001a
5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68
5d143c39ecae7fbaf31995f743f2b73f00ac1651a1f374638866b6051a777e6c
5f0461930337d1715ec27c1c65b81d238a50d196232c3190ef62c090192ccfad
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d492638d445ece5c5162c245202c7a7a8db0fcc12c438e020c5128bd2164cf
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
681ab93dd0600e24018acefe10a3a2c960a04646fc477eb45f13088f9a8a65d8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c2c91d429774fdbe77ca08fc01030d693a2ead6cb347d7a49b5890b5cc97132
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1
6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a
7205777014978e168136f841b00836b5a9fa6c9dcc0674336483adfa571da005
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751fb681f54d257d1e40ec453a64608224a9862491da12791310bdeb0c1d8a2a
75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228
7dfc69dee43bbe722a79600a220b02ed583c291a950f6323c15826e508e3810d
7e187d00b054de9f51b5da18fb88a0fce6988a9744b9fc060345f2cffe6041a0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8d35a5ccbc18efc3702da9ff8a9e21022073d35bc84502c310cb41c8845f555f
9156cdc023ad08fc1cb378752629c59a5d1e7179747ac3f447b2c9738e7457e1
95579738b64fa8740a8b7138e359a644e8e9c1da616eee92166212aa66ee0063
96da7cbd165c265c74e140817dda609aab677ad3738efac98ce863665dc3512b
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f645736860bb346ac3b89b631e501da98d6a452720d4c308c0e6f9835966f9
97831ff1642b67d43154d0b76a95e26b0fd8ec1533c4ba30c37ea1c0bdfb30e5
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9e5ba7a35e2068e38eb27f9b7e61da1120eb92d5da04c79cf018d759c3619218
9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18ed040dd3f7879ce350862d16cc8e91cfd9a8b167bb978a58410eac4424a22
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
aee6f0b4c43dec5cc9ffac79bb44b87ac17f24ef33979e7619315d1d9ca60cd9
af066967db9631a3a615b805d5062ab834035dabcc47cdf189b0f1b14f47230e
afa5e1b731d147144fc93568668638f0bd46e23e1b758c2f0877380ccf7fad1a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9
b1e2c565f5f0b296c4d15dd07310177907c4952a57e610d72b3c4c2c06a5b375
b415d33192a3edc717e805f1f534786c78a14315a2965a0b7fa36cf4c2f817b2
b4d1f7da56448f81503bcd2ab72c613162cd70db41e10d509df0cfa4ba061f85
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6d572e96dbe704d689bfc583913e365435d2cbac0a603840cd9832cfc78230f
b9196b5f2f35eb01152be06bd9edcedb8524301a82f97e443c1889bca80bb10b
b9fc3709f0637d50be88d5a36641e6e8c696938fe429b6d6326950f194f0d67b
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1ab0e914bd956d5d9275e862b1b90da60920a27247ae7d969410b927fbccb4c
c682503cceca1b904b22355c3303d0065985fd83992209d6d65f1ca4546033b9
c74a491603e953fbcf238e6f4d4042f2df90e4dec560bca87d7772805b82fa6f
c7ed967311254b1e5db3abf337cf94dbb498ab79a883a03f94b8c0612fd5bffe
c8ab34ea5af27c357910a99e5080ae21c12b64c33c57fcdd4ce80f95a38224c6
c9e5748c955dc3f587aa1284ee664b08fc3ecb02d39a487a2681e02d1487507b
c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1
ca03b53498e40c5fedf001cd9e5480624d5540e426aa462a010ac0fc097964e7
caf655b6bec330182e0e62921c9bbc57fe4daacadf5ec8ea0adc9ec64c8b0055
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d389d4e827b1df5e191df76750ebe767b7d290eaafc03264964e576b11b43cb6
d54481f05143fc81a2d0640b1bfbf78758e2ba857a271a932976d0f1f0e3fbee
d6acbb5069d4885f40ca0fd5856950a62025639556ac569b356117156752faf4
d8405f8454d1eba9dbda7fee6a7bb9df60f3d302439cd23914a8a4b020973dd3
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
daa4ae74e63ad190e51df1d8695085c574d64ed718f8786485dbd61d7e7ad3da
db9cbcb9856f005cdb0e74dab780c46011bcc313731266a5f8ca60e4f1558af0
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd448a69a97f85a3b2b217776ef0635be209bf14abc4ed36d7bcc818e416996f
dd827becbfe093ea884353b3921ae1e1c0ae74e26c87e42f6f8f5e85d16c74c4
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540
dfb71392b907b56bd7e87e29593e2c97cca1d1cd3f77b798148d26c8e29dc6e8
e248fc933bd5b08289fa46b3e2629d9d6199a3e711b0d8e109aaf9f57541796d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57c8dbfd429ba259a12a50106b122a8ed2eac927b8451fb847bc1a98873bbba
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e60c8e659b2db1c5061eb3dcfa2ce9724fe456e77a9df15646671616df65e4e0
e6856712b68ffba8c9a4860f563e6782b6dfdb87d50dd054b6753efa4ff7ba56
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e95ae6bc878c84c98ce8435e7546c02b847773de6053b098709bd28fce89dc0c
ea3650b72b9136abc2f6bc432ff0cdaefb936ef5c4d7997871594ca8c5b7bab7
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322
ec656a26f02b08ba71eddbaa4e9a26769522a59466e33ef135c7a803d67d2cca
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
edec033881c2913c43d48b93c7974807219e4a0fa5710eafe84d0f91de49c817
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa58e6c55e790f1c83deaa0e2b30bb1a075acc2ed6ec0f50f928c0d42dbc472
f400612faf6836fce12ceb451eaf1f232e10604a6149d762a65ae569df21582e
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
fa472ee20b50f5097ca1e83444949e83a1fb4ec98db65dabdb4408187ea2175d
fc52f3986c0cd1bda4c019b4e561637241300ed3fa06d02f68e69a79da3827cb
fd8ff1a7c3a3f04569bce077003d0acd78098fa22a0027b2050cb1b0381e9180
ff6577c25cfa9bcdd46025d15dc7d424b62c30cdf246cd510d18f891703726ae

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

356 Requests

90 %HTTPS

43 %IPv6

46 Domains

70 Subdomains

55 IPs

7 Countries

4206 kBTransfer

11039 kBSize

3 Cookies

0 Outgoing links

Redirected requests

356 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

356
Requests

90 %
HTTPS

43 %
IPv6

46
Domains

70
Subdomains

55
IPs

7
Countries

4206 kB
Transfer

11039 kB
Size

3
Cookies

356 HTTP transactions
9 data transactions